Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/l-Pe7FJhy7R8Up7N7IpgoKuX1xc.roa
File: l-Pe7FJhy7R8Up7N7IpgoKuX1xc.roa (raw, json)
Hash identifier: Cm5ceL+n6qI5cJO+D3iGjRUURSn1wtOCTntAdpirx9o=
Subject key identifier: 97:E3:DE:EC:52:61:CB:B4:7C:52:9E:CD:EC:8A:60:A0:AB:97:D7:17
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4AA3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/l-Pe7FJhy7R8Up7N7IpgoKuX1xc.roa
Signing time: Sun 28 Apr 2024 02:23:25 +0000
ROA not before: Sun 28 Apr 2024 02:23:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19107 (0x4aa3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 02:23:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=97E3DEEC5261CBB47C529ECDEC8A60A0AB97D717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ce:a0:e0:c8:5c:60:70:8d:86:eb:59:47:de:
13:4e:86:7f:50:17:77:6c:8c:c0:43:0e:92:6b:b7:
67:c7:de:e9:87:f3:e2:3e:0a:7c:ab:c9:15:93:08:
da:22:b5:d4:f6:a0:cb:cd:0a:76:ef:a0:93:a3:33:
21:8d:61:60:23:13:07:fc:03:b6:89:e9:8d:c9:0f:
15:70:b9:92:1d:72:51:36:1d:a7:6a:c1:6a:36:18:
fd:b8:13:41:9d:7b:b0:06:85:ea:0c:de:aa:5d:3a:
65:76:5e:50:d4:0a:86:6f:e5:80:db:ba:96:13:fe:
93:1b:13:90:cb:ba:42:dc:e8:ef:27:73:a6:c6:3f:
69:13:19:dc:34:dc:ff:d4:11:9a:e6:ec:1e:6d:d3:
26:41:a2:af:23:14:05:4b:94:53:8e:5f:47:92:3c:
d8:7e:5e:ac:3d:c3:54:35:e8:39:3a:8d:d1:0a:a0:
b3:e0:87:71:c9:65:bb:9f:6b:25:af:cd:1a:71:af:
96:5a:6f:e0:a6:99:23:3e:c5:33:8b:01:ff:7a:b5:
9a:08:94:76:d5:4a:1c:4f:ce:a7:e5:a2:d4:5c:66:
4c:4b:72:7b:aa:b1:11:dd:1b:d3:88:a7:2e:93:98:
bb:62:7a:8b:3a:56:89:77:48:43:db:80:43:3f:ac:
08:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E3:DE:EC:52:61:CB:B4:7C:52:9E:CD:EC:8A:60:A0:AB:97:D7:17
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/l-Pe7FJhy7R8Up7N7IpgoKuX1xc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
30:7d:14:10:6f:6d:a0:46:46:6f:27:e3:c9:0c:cd:df:17:d2:
8b:34:ef:bc:6f:e9:2e:67:ba:9e:c6:56:f9:a2:1c:1f:d3:6b:
99:87:d9:aa:9f:b1:a6:8b:7e:70:d0:5c:c0:ec:ab:7f:8c:2f:
2a:cf:04:38:f6:59:4e:98:0e:41:13:6a:e9:82:0f:61:3c:87:
dd:16:cc:b9:5d:52:9c:7c:93:05:ee:6f:6a:e9:c5:aa:f0:ca:
39:8e:fb:cb:06:3d:de:4c:8c:19:c9:61:93:76:1f:d7:20:53:
e4:0e:77:48:cc:8b:f4:1f:7a:99:c5:05:32:50:45:51:a7:06:
e7:da:20:f2:78:0a:ed:3c:28:4e:99:24:57:2d:4f:7d:a5:da:
e4:de:7f:2c:dd:eb:eb:e0:8d:6b:a1:aa:28:8f:cc:c8:fe:89:
52:ee:f3:91:a6:b8:94:fa:13:e1:30:17:f1:2b:30:04:59:14:
8f:89:9a:0b:e2:c4:71:17:5a:d6:a8:11:98:d4:ad:d0:ee:e5:
1e:96:0d:65:96:a3:7e:5e:f8:0b:09:65:68:68:6e:39:1e:94:
3b:4d:aa:3e:8c:b8:2a:33:0c:66:ef:f4:4d:f4:2b:40:81:bc:
c3:d9:fa:94:80:32:27:53:84:a2:7c:2c:5d:a5:dc:7c:af:5e:
d3:ef:2d:d6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSqMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgw
MjIzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3RTNERUVDNTI2MUNC
QjQ3QzUyOUVDREVDOEE2MEEwQUI5N0Q3MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSzqDgyFxgcI2G61lH3hNOhn9QF3dsjMBDDpJrt2fH3umH8+I+
CnyryRWTCNoitdT2oMvNCnbvoJOjMyGNYWAjEwf8A7aJ6Y3JDxVwuZIdclE2Hadq
wWo2GP24E0Gde7AGheoM3qpdOmV2XlDUCoZv5YDbupYT/pMbE5DLukLc6O8nc6bG
P2kTGdw03P/UEZrm7B5t0yZBoq8jFAVLlFOOX0eSPNh+Xqw9w1Q16Dk6jdEKoLPg
h3HJZbufayWvzRpxr5Zab+CmmSM+xTOLAf96tZoIlHbVShxPzqflotRcZkxLcnuq
sRHdG9OIpy6TmLtieos6Vol3SEPbgEM/rAgVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUl+Pe7FJhy7R8Up7N7IpgoKuX1xcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2wtUGU3RkpoeTdSOFVw
N043SXBnb0t1WDF4Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADB9FBBvbaBGRm8n48kMzd8X0os077xv
6S5nup7GVvmiHB/Ta5mH2aqfsaaLfnDQXMDsq3+MLyrPBDj2WU6YDkETaumCD2E8
h90WzLldUpx8kwXub2rpxarwyjmO+8sGPd5MjBnJYZN2H9cgU+QOd0jMi/QfepnF
BTJQRVGnBufaIPJ4Cu08KE6ZJFctT32l2uTefyzd6+vgjWuhqiiPzMj+iVLu85Gm
uJT6E+EwF/ErMARZFI+JmgvixHEXWtaoEZjUrdDu5R6WDWWWo35e+AsJZWhobjke
lDtNqj6MuCozDGbv9E30K0CBvMPZ+pSAMidThKJ8LF2l3HyvXtPvLdY=
-----END CERTIFICATE-----
Generated at Sat May 17 21:29:27 2025 by rpki-client