Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jpRFY8r8KTCK1ZKKDHRwpNh0AFU.roa
File: jpRFY8r8KTCK1ZKKDHRwpNh0AFU.roa (raw, json)
Hash identifier: tPUEDsDG00WNwzjv7bBbA+XwNUaPjQ/odmCZXzXYgO4=
Subject key identifier: 8E:94:45:63:CA:FC:29:30:8A:D5:92:8A:0C:74:70:A4:D8:74:00:55
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34DB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jpRFY8r8KTCK1ZKKDHRwpNh0AFU.roa
Signing time: Sat 30 Mar 2024 01:22:07 +0000
ROA not before: Sat 30 Mar 2024 01:22:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13531 (0x34db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 01:22:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8E944563CAFC29308AD5928A0C7470A4D8740055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4e:94:52:4f:11:c4:c9:f7:99:07:66:11:cd:
f3:46:30:b1:fe:df:c1:07:b7:fb:44:b7:d6:cb:09:
2f:4e:b9:25:5d:e2:e7:db:8f:40:da:e7:9c:af:73:
bb:56:23:df:84:d0:23:19:58:e5:e3:b3:d5:5a:0e:
6b:7e:1c:b4:bb:b8:e5:26:cf:e1:25:45:2c:91:d0:
2b:59:e8:0c:05:86:6b:35:2d:5d:aa:69:4a:f5:7f:
25:ec:0b:92:71:b6:4e:9b:1b:99:c3:2d:b4:4f:89:
0f:51:42:ef:3b:dc:42:a6:6e:c1:d3:26:f3:c5:fc:
c9:ef:3a:69:d3:5c:d4:a7:3a:56:d5:5f:60:66:94:
18:6c:49:19:60:ac:1b:c3:d2:b5:2f:29:78:ce:e9:
b6:9e:fc:c6:e9:36:cd:42:e1:bd:04:47:87:b4:d3:
de:a8:44:ef:45:c1:63:81:16:0a:ad:c9:33:8e:55:
37:3a:a9:17:ac:05:7d:fb:3e:83:f4:15:8d:0a:94:
63:a3:d2:a1:dd:48:58:87:56:64:79:cb:64:0a:2f:
ae:06:27:99:5a:63:1d:0e:37:66:15:11:9c:c6:a8:
7c:44:8b:63:66:ca:e6:23:31:10:c8:ca:0a:b3:d0:
b7:ec:21:dc:fe:e1:40:c0:6e:26:d5:f7:17:ac:84:
01:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:94:45:63:CA:FC:29:30:8A:D5:92:8A:0C:74:70:A4:D8:74:00:55
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jpRFY8r8KTCK1ZKKDHRwpNh0AFU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
aa:49:a7:04:6d:dc:4b:ef:3d:b5:28:04:60:57:0e:0f:4f:67:
1d:c6:9a:f3:67:14:00:14:15:dc:57:3b:15:ff:fe:0c:26:c4:
6c:7b:70:57:3e:66:26:f6:ea:fd:60:9e:53:90:cb:22:41:e2:
66:17:8f:43:ea:ec:84:ca:16:52:49:ac:b0:39:f2:5e:55:74:
69:b0:bd:5e:53:51:94:39:53:f1:2b:77:b4:f6:7d:1e:bc:c8:
93:af:68:14:d7:ed:c5:35:99:a5:dc:cd:33:99:71:21:82:69:
84:cd:9b:ad:4e:65:4f:f2:b4:31:f5:10:51:3d:f7:c0:90:9f:
ec:1a:46:db:81:4e:04:26:3d:8e:81:fc:a7:fb:22:fd:dd:97:
71:f4:d9:f6:70:9b:fa:e3:25:87:4a:b6:e4:cf:9b:88:77:1c:
53:2a:1b:f2:29:8e:56:45:27:a0:02:2f:9a:48:43:20:d4:85:
d5:63:1a:f7:57:6e:59:a3:9f:9c:d6:aa:45:12:c4:38:77:79:
25:b4:6e:ae:d5:93:da:86:f6:b6:86:3e:b2:6d:8c:de:36:63:
15:da:c8:a3:36:a7:3b:8b:94:d8:84:4b:72:29:9a:5e:12:0f:
e0:7f:aa:a1:7c:f7:03:94:7a:ed:c3:0c:05:f8:91:38:7a:26:
d1:38:c3:fa
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNNswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
MTIyMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhFOTQ0NTYzQ0FGQzI5
MzA4QUQ1OTI4QTBDNzQ3MEE0RDg3NDAwNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3TpRSTxHEyfeZB2YRzfNGMLH+38EHt/tEt9bLCS9OuSVd4ufb
j0Da55yvc7tWI9+E0CMZWOXjs9VaDmt+HLS7uOUmz+ElRSyR0CtZ6AwFhms1LV2q
aUr1fyXsC5Jxtk6bG5nDLbRPiQ9RQu873EKmbsHTJvPF/MnvOmnTXNSnOlbVX2Bm
lBhsSRlgrBvD0rUvKXjO6bae/MbpNs1C4b0ER4e0096oRO9FwWOBFgqtyTOOVTc6
qResBX37PoP0FY0KlGOj0qHdSFiHVmR5y2QKL64GJ5laYx0ON2YVEZzGqHxEi2Nm
yuYjMRDIygqz0LfsIdz+4UDAbibV9xeshAH1AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUjpRFY8r8KTCK1ZKKDHRwpNh0AFUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pwUkZZOHI4S1RDSzFa
S0tESFJ3cE5oMEFGVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKpJpwRt3EvvPbUoBGBXDg9PZx3GmvNn
FAAUFdxXOxX//gwmxGx7cFc+Zib26v1gnlOQyyJB4mYXj0Pq7ITKFlJJrLA58l5V
dGmwvV5TUZQ5U/Erd7T2fR68yJOvaBTX7cU1maXczTOZcSGCaYTNm61OZU/ytDH1
EFE998CQn+waRtuBTgQmPY6B/Kf7Iv3dl3H02fZwm/rjJYdKtuTPm4h3HFMqG/Ip
jlZFJ6ACL5pIQyDUhdVjGvdXblmjn5zWqkUSxDh3eSW0bq7Vk9qG9raGPrJtjN42
YxXayKM2pzuLlNiES3Ipml4SD+B/qqF89wOUeu3DDAX4kTh6JtE4w/o=
-----END CERTIFICATE-----
Generated at Sun May 18 02:02:57 2025 by rpki-client