Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tl_BXAjm34wHF9dkM8AMAMRJl4c.roa
File: tl_BXAjm34wHF9dkM8AMAMRJl4c.roa (raw, json)
Hash identifier: J6QRQtv3JHgQ2dy7kKLxM2I8IoyxDgIv69b6m+EnSqI=
Subject key identifier: B6:5F:C1:5C:08:E6:DF:8C:07:17:D7:64:33:C0:0C:00:C4:49:97:87
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3787
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tl_BXAjm34wHF9dkM8AMAMRJl4c.roa
Signing time: Tue 02 Apr 2024 14:52:20 +0000
ROA not before: Tue 02 Apr 2024 14:52:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14215 (0x3787)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 14:52:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B65FC15C08E6DF8C0717D76433C00C00C4499787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3c:9c:b6:77:48:8b:b2:b0:e1:44:cd:f7:e7:
3f:6a:5c:cb:a3:08:48:d4:88:e0:96:48:29:6a:40:
7e:66:fd:d6:5c:a1:6a:ec:61:52:bc:2c:4f:e3:b0:
6d:dc:35:7e:61:54:7f:4d:0c:b1:8e:92:ec:6f:c4:
15:d8:67:df:0f:7e:ca:d9:d8:e6:5e:d4:93:6e:24:
50:d9:b6:4b:c7:c3:fa:29:bb:61:cc:b2:6c:ba:b7:
5e:61:45:6f:61:9a:81:67:96:cb:48:45:5a:61:a9:
15:8d:68:d7:e9:ef:97:0b:2e:4d:72:d0:9c:4d:ed:
d6:4a:45:46:84:9a:99:c1:d3:f2:fc:5c:20:30:2c:
ce:1d:26:37:37:d9:31:34:b2:bb:8d:f7:c5:52:b5:
7e:98:61:ce:c2:38:ea:60:f5:19:cc:d2:b8:e3:a2:
0b:72:94:af:1c:01:ab:78:5f:f6:96:69:ea:3f:cd:
a8:6e:b8:85:cf:54:e4:6f:e8:27:57:7a:e9:57:ee:
23:57:45:c4:86:9e:8c:ed:81:ce:81:f7:9a:18:d0:
03:ad:c4:c7:15:e6:b3:5a:d9:f5:11:cc:47:1f:7e:
cc:cb:a2:17:3a:fa:8d:25:a3:93:d4:02:36:5e:09:
4a:74:03:01:96:08:1f:82:c7:ea:83:fc:0e:5e:77:
42:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5F:C1:5C:08:E6:DF:8C:07:17:D7:64:33:C0:0C:00:C4:49:97:87
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tl_BXAjm34wHF9dkM8AMAMRJl4c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
41:34:6c:af:d1:95:ce:f7:89:7c:ab:b1:9f:2a:2b:dc:62:58:
e6:6b:83:2c:d7:16:7c:7d:f0:c9:f3:22:d0:9f:4b:f5:49:dc:
e7:56:fc:17:b4:09:b7:76:f1:ab:75:c8:e8:fc:97:b9:95:a7:
8e:4f:99:da:6b:9c:1d:d2:f3:cd:f0:f9:70:e3:da:19:fe:2f:
d4:68:0d:51:cf:dd:0a:6c:b4:09:76:9a:6a:04:71:af:d7:87:
2a:a5:8f:ed:ab:8e:64:48:45:d4:76:4e:ab:81:05:f2:0f:a2:
fe:df:fe:e3:38:46:f2:0e:9f:3b:af:4d:90:96:1a:93:01:73:
9a:f6:bf:52:c2:a7:be:9a:19:2d:79:c7:bc:bd:8a:87:c8:6e:
74:33:d9:e2:98:7c:a9:90:ff:b8:83:fa:2e:6b:ac:cf:e5:47:
14:67:4f:b7:66:80:42:1a:2e:06:a2:7f:05:e2:e8:cc:79:cb:
c6:44:7c:d0:2f:37:21:3e:fb:00:21:97:7d:4e:87:4f:f8:2f:
ba:76:fd:e8:49:00:4f:8c:dd:87:51:4b:37:86:e3:69:a5:b0:
a7:5d:2b:a3:1f:bf:9c:1f:1d:a1:46:ab:cc:c3:a8:fb:e5:5f:
b3:ef:3c:fe:d6:63:2c:cf:27:ef:ae:3d:d0:19:45:5f:99:a5:
06:68:2c:a8
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICN4cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIx
NDUyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI2NUZDMTVDMDhFNkRG
OEMwNzE3RDc2NDMzQzAwQzAwQzQ0OTk3ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZPJy2d0iLsrDhRM335z9qXMujCEjUiOCWSClqQH5m/dZcoWrs
YVK8LE/jsG3cNX5hVH9NDLGOkuxvxBXYZ98PfsrZ2OZe1JNuJFDZtkvHw/opu2HM
smy6t15hRW9hmoFnlstIRVphqRWNaNfp75cLLk1y0JxN7dZKRUaEmpnB0/L8XCAw
LM4dJjc32TE0sruN98VStX6YYc7COOpg9RnM0rjjogtylK8cAat4X/aWaeo/zahu
uIXPVORv6CdXeulX7iNXRcSGnoztgc6B95oY0AOtxMcV5rNa2fURzEcffszLohc6
+o0lo5PUAjZeCUp0AwGWCB+Cx+qD/A5ed0LlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUtl/BXAjm34wHF9dkM8AMAMRJl4cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RsX0JYQWptMzR3SEY5
ZGtNOEFNQU1SSmw0Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEE0bK/Rlc73iXyrsZ8qK9xiWOZrgyzX
Fnx98MnzItCfS/VJ3OdW/Be0Cbd28at1yOj8l7mVp45PmdprnB3S883w+XDj2hn+
L9RoDVHP3QpstAl2mmoEca/Xhyqlj+2rjmRIRdR2TquBBfIPov7f/uM4RvIOnzuv
TZCWGpMBc5r2v1LCp76aGS15x7y9iofIbnQz2eKYfKmQ/7iD+i5rrM/lRxRnT7dm
gEIaLgaifwXi6Mx5y8ZEfNAvNyE++wAhl31Oh0/4L7p2/ehJAE+M3YdRSzeG42ml
sKddK6Mfv5wfHaFGq8zDqPvlX7PvPP7WYyzPJ++uPdAZRV+ZpQZoLKg=
-----END CERTIFICATE-----
Generated at Sat May 17 19:38:50 2025 by rpki-client