Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mHeyTX61DoEjbxgPFCGdp2g3PYI.roa
File: mHeyTX61DoEjbxgPFCGdp2g3PYI.roa (raw, json)
Hash identifier: 1RSfTKpORXH2vgwMndqP9mVNlW/hoGq/979tpQkiECk=
Subject key identifier: 98:77:B2:4D:7E:B5:0E:81:23:6F:18:0F:14:21:9D:A7:68:37:3D:82
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 493B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mHeyTX61DoEjbxgPFCGdp2g3PYI.roa
Signing time: Fri 26 Apr 2024 05:23:21 +0000
ROA not before: Fri 26 Apr 2024 05:23:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18747 (0x493b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 05:23:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9877B24D7EB50E81236F180F14219DA768373D82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:72:1b:2c:c6:0c:d8:2e:19:ae:05:58:97:a7:
e2:1b:08:8b:08:b7:cc:39:0b:b6:99:39:a3:ab:c3:
1a:72:40:48:96:58:5f:bb:05:6e:84:65:11:e6:cb:
b7:bf:0d:86:3d:77:f4:6c:7f:34:22:e9:53:1b:dc:
4a:33:d8:a8:b6:ab:b7:35:62:72:12:b0:8e:8d:45:
50:a4:2a:45:eb:01:a0:e9:28:d5:82:e6:e1:79:13:
07:79:c8:e3:2d:67:71:03:c4:3c:49:a8:c1:30:87:
72:3f:3e:26:0b:c6:7b:4f:a5:be:f1:75:4b:26:ec:
9b:0a:19:a1:23:8e:62:b2:74:d5:a3:16:b8:a7:7b:
ea:83:e9:cc:8c:b9:14:bd:dc:61:a3:58:40:e4:f6:
2f:c5:46:6e:22:11:02:e8:54:58:b7:d7:17:ac:82:
d6:3d:9f:3f:95:b6:a5:57:cd:a8:0f:cb:c4:7d:d8:
1b:52:c8:e8:1f:49:45:7d:5f:ed:7e:d2:a7:c0:3c:
85:5b:5b:a4:c2:30:65:0e:4a:6a:63:02:a8:10:69:
4e:4c:24:f0:74:81:e3:65:c6:c3:04:8b:3d:29:f3:
e9:85:2f:31:d9:97:b0:31:52:4b:0b:df:ba:32:c0:
67:bb:81:2e:34:c4:46:62:61:1d:32:2a:51:5d:58:
20:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:77:B2:4D:7E:B5:0E:81:23:6F:18:0F:14:21:9D:A7:68:37:3D:82
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mHeyTX61DoEjbxgPFCGdp2g3PYI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
7b:58:55:1d:23:9e:02:13:5b:ce:c3:0d:5c:9a:86:95:0b:dd:
9d:93:f3:be:a0:30:e6:2e:54:37:47:74:e9:68:61:10:dd:08:
cd:82:31:63:e2:be:ef:ef:42:17:c1:4d:dd:ef:37:29:42:f7:
c5:6c:ae:b6:5e:2d:71:91:4e:27:8c:d0:bb:53:78:93:0b:a0:
c2:4c:8e:af:a7:59:c3:49:20:48:27:9d:5b:2f:9b:e4:af:df:
f5:c9:d6:ea:b4:80:26:9d:76:38:0c:f8:00:2f:5c:b5:45:59:
a6:dc:42:fd:73:4d:2f:71:16:71:85:3e:93:98:e0:c9:87:47:
d7:4e:09:fc:aa:cd:d6:05:17:52:e0:a8:83:7f:e7:9b:41:30:
2c:c0:aa:90:c8:c7:8e:38:f9:b3:81:3c:13:35:fa:17:1b:08:
bf:f9:9c:f2:34:c1:c5:b7:7e:1a:f9:4c:87:71:dc:08:6c:db:
a5:0d:c2:67:89:91:85:b9:36:1c:53:85:d2:87:10:28:90:7d:
95:c6:b6:ff:d8:68:7f:6b:17:19:27:45:4f:ce:13:6e:42:38:
b3:7d:8c:54:07:aa:78:97:66:32:78:bf:90:b7:98:ae:29:1e:
54:f6:fb:26:c3:01:3b:7d:d7:c6:9d:af:b8:57:dc:36:10:3b:
d0:90:9e:f4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSTswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYw
NTIzMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk4NzdCMjREN0VCNTBF
ODEyMzZGMTgwRjE0MjE5REE3NjgzNzNEODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2chssxgzYLhmuBViXp+IbCIsIt8w5C7aZOaOrwxpyQEiWWF+7
BW6EZRHmy7e/DYY9d/RsfzQi6VMb3Eoz2Ki2q7c1YnISsI6NRVCkKkXrAaDpKNWC
5uF5Ewd5yOMtZ3EDxDxJqMEwh3I/PiYLxntPpb7xdUsm7JsKGaEjjmKydNWjFrin
e+qD6cyMuRS93GGjWEDk9i/FRm4iEQLoVFi31xesgtY9nz+VtqVXzagPy8R92BtS
yOgfSUV9X+1+0qfAPIVbW6TCMGUOSmpjAqgQaU5MJPB0geNlxsMEiz0p8+mFLzHZ
l7AxUksL37oywGe7gS40xEZiYR0yKlFdWCBdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUmHeyTX61DoEjbxgPFCGdp2g3PYIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21IZXlUWDYxRG9FamJ4
Z1BGQ0dkcDJnM1BZSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHtYVR0jngITW87DDVyahpUL3Z2T876g
MOYuVDdHdOloYRDdCM2CMWPivu/vQhfBTd3vNylC98VsrrZeLXGRTieM0LtTeJML
oMJMjq+nWcNJIEgnnVsvm+Sv3/XJ1uq0gCaddjgM+AAvXLVFWabcQv1zTS9xFnGF
PpOY4MmHR9dOCfyqzdYFF1LgqIN/55tBMCzAqpDIx444+bOBPBM1+hcbCL/5nPI0
wcW3fhr5TIdx3Ahs26UNwmeJkYW5NhxThdKHECiQfZXGtv/YaH9rFxknRU/OE25C
OLN9jFQHqniXZjJ4v5C3mK4pHlT2+ybDATt918adr7hX3DYQO9CQnvQ=
-----END CERTIFICATE-----
Generated at Sat May 17 19:35:20 2025 by rpki-client