Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yXQDP6uXRGNFjlE13YgUIDzySoQ.roa
File: yXQDP6uXRGNFjlE13YgUIDzySoQ.roa (raw, json)
Hash identifier: VI4HJMaCQqFtWaD2NzllLaBIK4533ybgM3EPB43K7hM=
Subject key identifier: C9:74:03:3F:AB:97:44:63:45:8E:51:35:DD:88:14:20:3C:F2:4A:84
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 532B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yXQDP6uXRGNFjlE13YgUIDzySoQ.roa
Signing time: Thu 09 May 2024 11:23:57 +0000
ROA not before: Thu 09 May 2024 11:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21291 (0x532b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 11:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C974033FAB974463458E5135DD8814203CF24A84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:88:d5:d7:f3:30:64:e2:28:c0:00:83:d8:ef:
0f:91:d6:04:7b:5a:48:31:b1:ee:88:96:85:1e:3b:
09:46:73:38:16:a8:3b:91:de:3c:79:a0:c8:df:81:
31:85:a6:5a:58:51:48:e1:63:3f:af:48:0f:8b:a5:
b9:2c:58:c2:4a:7d:66:e1:e4:95:d5:01:b0:21:ab:
42:ee:33:9f:38:91:21:0a:cf:8a:9f:a3:e8:62:f1:
73:a0:a0:c1:46:42:e7:c8:f2:90:06:34:bf:e6:65:
84:d5:5d:1b:04:3b:00:d8:da:76:82:6f:29:a8:63:
d5:c0:00:04:04:67:2b:3a:82:4d:e6:2b:91:84:c9:
26:5f:6f:eb:ea:80:9d:f0:e8:61:91:37:1c:88:f7:
1f:c7:db:fa:de:cf:8c:d9:59:1d:66:af:fc:9a:ed:
1a:90:f6:0e:17:fb:32:c6:c7:1b:de:5e:cc:2e:8a:
5d:a4:fc:70:40:3f:f0:14:a4:10:77:dd:6e:76:54:
34:3e:03:ce:3f:f3:8b:fc:21:0a:02:57:19:43:88:
89:3a:b8:a9:e3:b1:86:1c:dc:cb:d9:8f:13:c1:8f:
c0:a3:36:86:fd:8d:6d:68:fb:22:37:7a:d3:f7:be:
0d:dd:4e:85:7f:a6:a3:92:25:59:8f:47:df:e8:10:
2a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:74:03:3F:AB:97:44:63:45:8E:51:35:DD:88:14:20:3C:F2:4A:84
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yXQDP6uXRGNFjlE13YgUIDzySoQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
48:f0:37:39:7b:ee:be:79:96:b8:8b:15:28:8a:90:c1:df:49:
5e:0d:2d:88:c6:5a:67:04:77:24:a6:97:0a:f7:8b:d9:73:63:
0c:a3:49:e1:57:5f:cb:ac:9d:07:d1:91:48:4e:41:e2:04:ad:
9e:57:12:a3:39:da:62:07:68:bc:10:0a:f1:89:21:8f:b5:6d:
7b:49:4a:76:b0:8f:54:3e:fa:96:9d:2e:08:95:85:3e:8a:a1:
0a:55:8e:59:35:dc:4b:33:1c:e1:cb:ee:fd:a3:d9:fd:e1:09:
90:84:fd:3d:36:12:4b:2e:c3:9c:90:67:3d:9c:6f:9b:8d:03:
65:5d:8a:1a:b2:a1:9b:dd:b7:6f:22:c6:02:bc:45:1b:3e:f7:
53:a5:29:cb:bf:ce:1c:50:77:4f:3a:c3:0f:1f:f2:0c:5e:dd:
c6:f5:26:12:da:9e:42:87:2d:a4:f8:ac:ce:ff:a0:47:05:5c:
8f:73:2d:40:1b:9a:98:f1:08:d3:f1:f4:92:0e:cf:04:b7:42:
05:e5:c8:2b:bb:df:65:2a:22:08:0c:96:b2:a2:b5:cd:51:0b:
ac:8b:5b:af:33:ea:02:26:0b:3c:5b:cc:b8:d5:a7:44:88:69:
2d:d4:ac:87:4f:e4:44:ac:c8:2f:63:c5:75:5a:6a:ad:fc:b1:
ee:f2:03:8c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUyswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
MTIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM5NzQwMzNGQUI5NzQ0
NjM0NThFNTEzNUREODgxNDIwM0NGMjRBODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7iNXX8zBk4ijAAIPY7w+R1gR7Wkgxse6IloUeOwlGczgWqDuR
3jx5oMjfgTGFplpYUUjhYz+vSA+LpbksWMJKfWbh5JXVAbAhq0LuM584kSEKz4qf
o+hi8XOgoMFGQufI8pAGNL/mZYTVXRsEOwDY2naCbymoY9XAAAQEZys6gk3mK5GE
ySZfb+vqgJ3w6GGRNxyI9x/H2/rez4zZWR1mr/ya7RqQ9g4X+zLGxxveXswuil2k
/HBAP/AUpBB33W52VDQ+A84/84v8IQoCVxlDiIk6uKnjsYYc3MvZjxPBj8CjNob9
jW1o+yI3etP3vg3dToV/pqOSJVmPR9/oECpbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUyXQDP6uXRGNFjlE13YgUIDzySoQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3lYUURQNnVYUkdORmps
RTEzWWdVSUR6eVNvUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEjwNzl77r55lriLFSiKkMHfSV4NLYjG
WmcEdySmlwr3i9lzYwyjSeFXX8usnQfRkUhOQeIErZ5XEqM52mIHaLwQCvGJIY+1
bXtJSnawj1Q++padLgiVhT6KoQpVjlk13EszHOHL7v2j2f3hCZCE/T02Eksuw5yQ
Zz2cb5uNA2VdihqyoZvdt28ixgK8RRs+91OlKcu/zhxQd086ww8f8gxe3cb1JhLa
nkKHLaT4rM7/oEcFXI9zLUAbmpjxCNPx9JIOzwS3QgXlyCu732UqIggMlrKitc1R
C6yLW68z6gImCzxbzLjVp0SIaS3UrIdP5ESsyC9jxXVaaq38se7yA4w=
-----END CERTIFICATE-----
Generated at Sat May 17 22:36:06 2025 by rpki-client