Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pj7qvZ7FfuAyxZnW40UvsKbVRyw.roa
File: pj7qvZ7FfuAyxZnW40UvsKbVRyw.roa (raw, json)
Hash identifier: TNWw1rCLCxznQmNULcwoQU+J8SJK0x3s2nq8EeObiWE=
Subject key identifier: A6:3E:EA:BD:9E:C5:7E:E0:32:C5:99:D6:E3:45:2F:B0:A6:D5:47:2C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B1B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pj7qvZ7FfuAyxZnW40UvsKbVRyw.roa
Signing time: Sun 28 Apr 2024 17:23:27 +0000
ROA not before: Sun 28 Apr 2024 17:23:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19227 (0x4b1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 17:23:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A63EEABD9EC57EE032C599D6E3452FB0A6D5472C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:af:fe:b2:db:91:57:74:c8:75:e0:3e:f4:5b:
5f:cf:d5:a5:b2:47:9d:15:b0:f5:8a:06:26:b5:b3:
bc:b4:40:6f:fc:29:15:da:22:4c:5b:d3:4a:ed:2a:
d2:a4:dd:c2:6b:1e:bd:cb:35:24:03:24:ae:6a:db:
0a:fe:3c:2f:0b:bf:8c:f1:f6:9e:92:b0:8c:71:fc:
44:5e:31:cd:82:ab:68:16:0b:05:56:72:82:21:7e:
36:91:bb:72:02:52:56:6f:bc:22:e6:e7:b2:f5:53:
f8:07:3e:9d:4c:17:2c:13:60:94:25:39:0e:c3:66:
78:5c:b3:c7:15:6e:14:29:41:72:8b:47:bb:4d:49:
15:e6:65:4b:e2:75:15:cc:28:a8:e3:d3:00:c2:4b:
c2:6e:a8:37:89:95:5b:ad:4d:6f:df:7f:4f:d0:83:
67:97:f0:c2:39:c4:bd:4b:e4:5c:03:7c:2c:fe:8b:
f3:4b:bf:00:92:e3:9e:a9:96:ab:3b:e3:1a:9e:7c:
88:55:34:cb:ab:74:e0:7c:7d:fd:63:b5:c2:f4:bb:
86:36:90:c8:a4:a8:df:78:71:dc:42:a4:cf:08:01:
a2:7a:2b:f4:d0:03:ff:5f:b6:ef:aa:16:2a:bd:61:
7d:2b:99:80:d7:fb:bd:0c:81:62:70:20:f6:e5:bb:
98:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:3E:EA:BD:9E:C5:7E:E0:32:C5:99:D6:E3:45:2F:B0:A6:D5:47:2C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pj7qvZ7FfuAyxZnW40UvsKbVRyw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
22:23:6a:89:c1:23:00:34:41:cf:5b:9b:e7:ed:af:08:3a:7b:
bd:4f:1a:8a:3f:2d:bc:14:d0:7d:6f:89:96:45:08:89:b1:9a:
2e:83:d3:d1:66:c7:35:f7:82:20:43:31:ba:ad:df:d6:92:0d:
86:cf:43:37:0d:75:ae:58:ff:fb:67:67:36:79:f2:89:46:99:
3a:86:ca:58:0f:77:ba:54:2c:0b:66:10:c5:9c:78:46:16:9b:
9a:73:57:41:96:21:25:cc:65:7f:ef:ee:ff:83:7d:16:e3:38:
46:e0:08:a6:38:b1:1a:a1:85:72:e0:ba:4d:c0:6d:9d:2b:49:
87:5b:58:d3:79:f8:bd:21:38:2a:57:bd:61:61:77:af:ff:3f:
ed:0b:95:c5:f5:84:d1:bf:da:75:28:23:33:77:dd:b9:2b:57:
cb:b4:d2:09:a1:df:dc:fc:9d:d2:e9:1b:bc:3c:41:ea:0d:cc:
19:e0:1e:46:98:20:7a:5e:7a:4e:95:f8:31:08:17:7b:2b:34:
90:8f:f5:df:23:2f:ce:1b:17:f9:c8:5c:3b:63:b0:0b:76:47:
ec:d5:b8:cd:03:92:bd:44:d3:ac:67:78:64:29:ac:25:6a:26:
5c:d4:66:f7:4a:71:ba:1a:b6:13:1f:50:39:0c:1d:55:26:8d:
c1:f3:d1:74
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSxswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
NzIzMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE2M0VFQUJEOUVDNTdF
RTAzMkM1OTlENkUzNDUyRkIwQTZENTQ3MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMr/6y25FXdMh14D70W1/P1aWyR50VsPWKBia1s7y0QG/8KRXa
Ikxb00rtKtKk3cJrHr3LNSQDJK5q2wr+PC8Lv4zx9p6SsIxx/EReMc2Cq2gWCwVW
coIhfjaRu3ICUlZvvCLm57L1U/gHPp1MFywTYJQlOQ7DZnhcs8cVbhQpQXKLR7tN
SRXmZUvidRXMKKjj0wDCS8JuqDeJlVutTW/ff0/Qg2eX8MI5xL1L5FwDfCz+i/NL
vwCS456plqs74xqefIhVNMurdOB8ff1jtcL0u4Y2kMikqN94cdxCpM8IAaJ6K/TQ
A/9ftu+qFiq9YX0rmYDX+70MgWJwIPblu5jvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUpj7qvZ7FfuAyxZnW40UvsKbVRywwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BqN3F2WjdGZnVBeXha
blc0MFV2c0tiVlJ5dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACIjaonBIwA0Qc9bm+ftrwg6e71PGoo/
LbwU0H1viZZFCImxmi6D09FmxzX3giBDMbqt39aSDYbPQzcNda5Y//tnZzZ58olG
mTqGylgPd7pULAtmEMWceEYWm5pzV0GWISXMZX/v7v+DfRbjOEbgCKY4sRqhhXLg
uk3AbZ0rSYdbWNN5+L0hOCpXvWFhd6//P+0LlcX1hNG/2nUoIzN33bkrV8u00gmh
39z8ndLpG7w8QeoNzBngHkaYIHpeek6V+DEIF3srNJCP9d8jL84bF/nIXDtjsAt2
R+zVuM0Dkr1E06xneGQprCVqJlzUZvdKcboathMfUDkMHVUmjcHz0XQ=
-----END CERTIFICATE-----
Generated at Sat May 17 23:44:19 2025 by rpki-client