Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/x0xVKT0X_ruLSI303ewiVOAqAzk.roa
File: x0xVKT0X_ruLSI303ewiVOAqAzk.roa (raw, json)
Hash identifier: mVyIK8UsyjSD6HsDNGWaxexLvBMcLRKANMqETg6W6/U=
Subject key identifier: C7:4C:55:29:3D:17:FE:BB:8B:48:8D:F4:DD:EC:22:54:E0:2A:03:39
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3643
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/x0xVKT0X_ruLSI303ewiVOAqAzk.roa
Signing time: Sun 31 Mar 2024 22:22:11 +0000
ROA not before: Sun 31 Mar 2024 22:22:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13891 (0x3643)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 22:22:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C74C55293D17FEBB8B488DF4DDEC2254E02A0339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4f:11:14:66:17:ea:30:46:bc:66:ad:dd:9c:
d7:75:bc:05:07:2d:f2:32:ce:20:0e:66:fe:f4:7a:
37:a8:7b:d9:f5:27:fb:2c:65:87:3e:85:f9:57:ee:
d5:15:e5:7b:8f:43:90:46:8d:c1:b4:39:7e:92:30:
6b:76:11:94:56:88:3d:2e:bc:ae:f5:14:05:8e:a9:
43:fb:df:c7:85:15:d2:e0:a8:a9:a8:be:5b:49:ea:
ad:e2:91:ed:1f:3b:83:37:57:5e:46:cf:53:19:c6:
77:e8:83:2e:b0:03:5a:be:c7:87:02:db:af:62:55:
b9:2f:f8:0d:48:9c:b4:fd:d4:68:8d:9b:bd:f7:d3:
84:d0:84:d2:d0:07:20:73:d1:e2:f7:04:4d:9a:a1:
16:87:03:02:64:81:0b:50:25:d2:20:e2:11:17:41:
77:f5:ef:22:3c:02:2f:8b:4c:5e:99:70:ef:a8:2a:
4d:c7:57:bf:d1:56:74:4d:d4:70:72:77:a4:a1:43:
b4:72:61:e0:89:85:4e:56:e7:3d:ea:f7:8d:52:20:
38:f0:19:00:3b:eb:62:89:bc:d4:9e:ba:c5:c1:3d:
a1:e4:ad:ed:5d:d1:e8:60:a3:67:ea:10:c4:47:0b:
d2:bb:2d:04:bb:a4:ee:59:b8:5f:1e:82:2f:59:b0:
55:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:4C:55:29:3D:17:FE:BB:8B:48:8D:F4:DD:EC:22:54:E0:2A:03:39
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/x0xVKT0X_ruLSI303ewiVOAqAzk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
46:85:70:42:ce:55:6d:2a:7e:21:7b:0b:15:7f:51:01:2e:9c:
f9:e8:7c:06:e5:a9:0f:41:60:cb:73:b7:c9:0f:a7:8f:81:7e:
5b:0b:e8:ae:73:60:5e:6b:d7:9d:2b:9e:1a:9b:15:44:3e:9a:
2c:d0:5e:ab:f0:c1:c5:2b:7b:e0:e6:f7:8a:04:00:36:24:21:
36:60:97:55:f3:9a:71:bb:b5:2e:20:6c:f7:c3:55:f3:c5:a4:
38:31:f5:20:19:c0:df:f9:19:04:bd:04:a5:65:89:3c:f1:84:
6e:d0:5a:22:0b:af:e0:a0:c9:1b:fe:e2:04:18:ff:33:54:e5:
e8:24:9d:ee:32:5a:d1:e0:1f:0d:14:c5:0d:32:33:d9:9e:d2:
6b:f6:71:bf:5f:43:b2:36:ff:06:c7:d3:ff:c4:75:08:55:32:
63:ec:4a:2e:21:5f:3e:19:be:76:13:0e:1a:3d:99:45:bb:f0:
91:b2:db:b0:33:5b:b1:b7:3d:41:50:d6:97:0b:71:98:f7:73:
c3:70:3d:01:9d:5f:89:9c:c3:17:6c:bd:bd:f2:79:dc:20:0e:
05:12:75:8f:0b:45:0d:fa:12:f4:27:d5:46:9d:8f:eb:41:e9:
2f:2b:a7:94:0e:d4:88:5e:c7:c4:1d:9c:94:55:7f:d7:8f:d1:
80:f6:93:44
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNkMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEy
MjIyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM3NEM1NTI5M0QxN0ZF
QkI4QjQ4OERGNERERUMyMjU0RTAyQTAzMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKTxEUZhfqMEa8Zq3dnNd1vAUHLfIyziAOZv70ejeoe9n1J/ss
ZYc+hflX7tUV5XuPQ5BGjcG0OX6SMGt2EZRWiD0uvK71FAWOqUP738eFFdLgqKmo
vltJ6q3ike0fO4M3V15Gz1MZxnfogy6wA1q+x4cC269iVbkv+A1InLT91GiNm733
04TQhNLQByBz0eL3BE2aoRaHAwJkgQtQJdIg4hEXQXf17yI8Ai+LTF6ZcO+oKk3H
V7/RVnRN1HByd6ShQ7RyYeCJhU5W5z3q941SIDjwGQA762KJvNSeusXBPaHkre1d
0ehgo2fqEMRHC9K7LQS7pO5ZuF8egi9ZsFVFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUx0xVKT0X/ruLSI303ewiVOAqAzkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3gweFZLVDBYX3J1TFNJ
MzAzZXdpVk9BcUF6ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEaFcELOVW0qfiF7CxV/UQEunPnofAbl
qQ9BYMtzt8kPp4+BflsL6K5zYF5r150rnhqbFUQ+mizQXqvwwcUre+Dm94oEADYk
ITZgl1XzmnG7tS4gbPfDVfPFpDgx9SAZwN/5GQS9BKVliTzxhG7QWiILr+CgyRv+
4gQY/zNU5egkne4yWtHgHw0UxQ0yM9me0mv2cb9fQ7I2/wbH0//EdQhVMmPsSi4h
Xz4ZvnYTDho9mUW78JGy27AzW7G3PUFQ1pcLcZj3c8NwPQGdX4mcwxdsvb3yedwg
DgUSdY8LRQ36EvQn1Uadj+tB6S8rp5QO1Ihex8QdnJRVf9eP0YD2k0Q=
-----END CERTIFICATE-----
Generated at Sat May 17 19:37:52 2025 by rpki-client