Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/u3FxGNoMxitA1wJAz_IEyBFJvtY.roa
File: u3FxGNoMxitA1wJAz_IEyBFJvtY.roa (raw, json)
Hash identifier: EMM79rhp3CyC3kcfHl1pvyvN96N4F1dm165dF7sWuGQ=
Subject key identifier: BB:71:71:18:DA:0C:C6:2B:40:D7:02:40:CF:F2:04:C8:11:49:BE:D6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41EB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/u3FxGNoMxitA1wJAz_IEyBFJvtY.roa
Signing time: Tue 16 Apr 2024 11:22:58 +0000
ROA not before: Tue 16 Apr 2024 11:22:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16875 (0x41eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 11:22:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BB717118DA0CC62B40D70240CFF204C81149BED6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:08:aa:f5:cc:e8:99:b6:72:54:40:92:6e:2f:
35:0c:97:a2:b4:9b:b4:36:ea:bf:1b:b1:85:e3:27:
78:ca:e2:c3:cc:53:29:c9:4d:e2:fd:b9:f9:9f:1e:
92:25:f1:c8:e5:1b:1b:fd:dc:b3:22:9c:a8:c9:47:
ab:5a:23:9e:9f:ca:b3:36:44:a4:cd:f3:4e:69:00:
98:1f:97:a6:0a:f5:f8:b5:81:8c:f3:96:da:e5:ed:
bc:25:3c:11:1a:0e:7b:52:e9:5b:bf:12:5d:9c:af:
df:41:da:79:dc:a5:6e:fd:7a:ba:ee:92:3c:7c:7e:
f0:a7:4b:8e:1d:20:e0:97:a9:14:e6:66:d6:db:21:
0d:6c:c0:42:34:ee:89:54:ee:56:d0:3b:ea:84:9f:
cf:0b:d0:19:39:11:5f:ae:84:ca:b6:ee:54:55:6a:
37:d8:4f:ef:2d:0e:97:ba:13:81:d4:ce:44:a8:ff:
df:c2:de:23:66:8e:d1:86:82:d6:69:34:bd:92:6f:
10:95:44:e0:56:58:cf:f3:34:3f:af:97:03:2f:df:
42:66:20:ed:dc:cb:cf:4f:ca:6d:cf:c3:c3:e8:0f:
06:92:e2:2f:fd:5b:4a:ea:b4:18:0e:d8:4d:c8:b2:
1f:0a:af:ad:57:01:63:a3:f8:f4:59:e6:bd:79:56:
cc:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:71:71:18:DA:0C:C6:2B:40:D7:02:40:CF:F2:04:C8:11:49:BE:D6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/u3FxGNoMxitA1wJAz_IEyBFJvtY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
72:c2:9b:fe:4e:bb:ad:79:85:2f:97:02:00:55:d2:b2:3c:0e:
30:6a:3f:ae:23:8f:4f:97:96:92:65:7c:34:06:f6:b5:a3:62:
e5:90:bf:51:84:aa:da:d2:e2:ae:74:8d:ac:98:2d:d4:ba:48:
db:0a:44:00:ff:2d:b4:a3:51:d4:36:9e:10:0b:c9:05:4d:b6:
0c:7b:d9:7f:7b:41:87:45:0e:11:81:10:4a:a2:dc:07:a4:36:
e9:a6:b1:d6:b4:4c:77:d5:19:00:61:a1:17:18:c9:e3:58:02:
bc:19:da:3b:64:db:06:01:68:ae:c1:a1:af:a0:8a:d3:f3:de:
5c:e8:ad:af:88:5f:5c:04:db:bc:e5:af:85:cf:72:2d:e1:43:
05:2c:bf:38:59:35:d2:2b:0f:44:9d:f2:10:5c:64:5f:2a:12:
1e:3b:74:21:b1:91:9d:19:21:52:e1:a5:0f:69:f6:03:e9:3a:
01:e2:fc:55:e4:42:97:f7:44:eb:b3:1c:de:a5:47:3a:10:05:
ff:4a:69:aa:73:5b:39:80:d6:0f:6a:31:e5:31:f5:36:e3:9c:
83:59:57:81:24:b9:33:30:01:b4:76:49:18:1d:01:ed:8c:0c:
fd:f9:62:9c:0e:23:9f:7f:66:8a:a7:03:f9:a0:fb:8b:fe:f4:
92:ee:90:6e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQeswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYx
MTIyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJCNzE3MTE4REEwQ0M2
MkI0MEQ3MDI0MENGRjIwNEM4MTE0OUJFRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0CKr1zOiZtnJUQJJuLzUMl6K0m7Q26r8bsYXjJ3jK4sPMUynJ
TeL9ufmfHpIl8cjlGxv93LMinKjJR6taI56fyrM2RKTN805pAJgfl6YK9fi1gYzz
ltrl7bwlPBEaDntS6Vu/El2cr99B2nncpW79errukjx8fvCnS44dIOCXqRTmZtbb
IQ1swEI07olU7lbQO+qEn88L0Bk5EV+uhMq27lRVajfYT+8tDpe6E4HUzkSo/9/C
3iNmjtGGgtZpNL2SbxCVROBWWM/zND+vlwMv30JmIO3cy89Pym3Pw8PoDwaS4i/9
W0rqtBgO2E3Ish8Kr61XAWOj+PRZ5r15VswNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUu3FxGNoMxitA1wJAz/IEyBFJvtYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3UzRnhHTm9NeGl0QTF3
SkF6X0lFeUJGSnZ0WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHLCm/5Ou615hS+XAgBV0rI8DjBqP64j
j0+XlpJlfDQG9rWjYuWQv1GEqtrS4q50jayYLdS6SNsKRAD/LbSjUdQ2nhALyQVN
tgx72X97QYdFDhGBEEqi3AekNummsda0THfVGQBhoRcYyeNYArwZ2jtk2wYBaK7B
oa+gitPz3lzora+IX1wE27zlr4XPci3hQwUsvzhZNdIrD0Sd8hBcZF8qEh47dCGx
kZ0ZIVLhpQ9p9gPpOgHi/FXkQpf3ROuzHN6lRzoQBf9KaapzWzmA1g9qMeUx9Tbj
nINZV4EkuTMwAbR2SRgdAe2MDP35YpwOI59/ZoqnA/mg+4v+9JLukG4=
-----END CERTIFICATE-----
Generated at Sun May 18 02:15:24 2025 by rpki-client