Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yhACiwkMnfMMK1ij7d6RtH_2Ekg.roa
File: yhACiwkMnfMMK1ij7d6RtH_2Ekg.roa (raw, json)
Hash identifier: sofTQa0m2Nf8WJbFMEez9WbA2j+d9NYmEPSoeuurRVo=
Subject key identifier: CA:10:02:8B:09:0C:9D:F3:0C:2B:58:A3:ED:DE:91:B4:7F:F6:12:48
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FAB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yhACiwkMnfMMK1ij7d6RtH_2Ekg.roa
Signing time: Sat 04 May 2024 19:23:50 +0000
ROA not before: Sat 04 May 2024 19:23:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20395 (0x4fab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 19:23:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CA10028B090C9DF30C2B58A3EDDE91B47FF61248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:34:57:c7:1e:53:cc:67:5c:35:dc:67:81:65:
a8:71:8e:d9:5d:44:16:90:66:a5:c8:1f:fa:eb:fb:
25:e0:c1:1b:be:80:b4:1e:31:f9:a1:8b:a6:76:c8:
25:11:a8:4f:f5:99:1b:1b:a4:ec:d5:d4:a7:d2:f6:
d8:d8:d3:f5:71:e8:bf:71:0c:0e:a9:ea:91:5c:57:
5b:80:f6:d8:f9:42:c7:cd:da:da:0b:bb:19:f5:22:
86:56:44:9d:84:24:d3:5b:ea:01:34:94:5c:de:02:
63:c9:3f:86:f2:2b:6f:01:97:e9:50:61:a5:b1:d6:
9b:25:1c:50:a4:0a:f1:a3:8c:ab:40:a8:dd:14:90:
f6:be:28:00:93:fa:a4:41:eb:82:1e:98:4e:39:a4:
42:7a:42:d2:05:3b:6b:c7:01:df:6b:a6:fc:89:39:
fb:0b:ad:b8:3e:e8:fa:21:0c:2a:f9:cb:60:3d:01:
c2:72:4c:05:97:54:e0:87:c8:74:87:6d:01:01:c3:
fe:02:dc:25:23:d2:2c:5a:e7:93:a7:73:0f:fc:2a:
a5:9b:5c:ac:b0:8f:b5:14:4f:79:a9:e8:a9:86:3d:
b6:bc:16:03:c3:44:8d:3f:93:30:77:47:89:d8:9e:
3e:0a:42:80:83:5c:1f:3c:2d:e0:78:4f:a5:0b:1d:
04:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:10:02:8B:09:0C:9D:F3:0C:2B:58:A3:ED:DE:91:B4:7F:F6:12:48
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yhACiwkMnfMMK1ij7d6RtH_2Ekg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
04:b6:56:a7:de:50:a6:a4:e6:92:a1:6a:a7:4e:4f:12:18:0a:
88:0b:b8:92:41:94:bf:18:aa:1b:d7:71:93:2a:68:fc:8e:7c:
7f:9c:a9:47:c1:54:6d:ea:33:23:53:5c:d7:14:25:cc:5f:3f:
47:8c:07:15:8d:10:e1:3f:ed:e8:0a:cf:13:23:37:c2:aa:f7:
48:d2:fa:50:e1:1e:15:c6:fc:3c:df:85:88:73:a3:3a:ac:46:
70:e3:0d:a9:53:fb:00:65:47:1d:4f:4e:20:a5:35:29:3c:b8:
06:08:79:e9:21:81:05:2d:a5:cc:a6:6e:30:45:24:5b:00:ca:
33:0a:30:f2:f3:6e:8e:fd:e6:e6:94:a9:14:5e:c7:de:d1:3f:
57:64:6e:30:44:f7:8e:4a:cc:6d:33:1b:66:a6:df:b9:8e:f2:
12:2c:2d:d9:f4:ab:21:bd:17:43:49:b9:91:9a:10:09:1b:8e:
fb:0f:69:5a:ba:a8:0a:de:63:48:d4:da:52:46:23:4e:20:d0:
db:59:5c:f0:34:08:ba:cb:33:b2:c1:4c:0f:07:4b:f0:3a:7a:
23:5b:72:a7:b0:e1:0f:46:a9:76:17:27:57:60:b8:a3:65:a1:
fd:d7:8d:5d:1a:b4:e6:01:18:d2:92:3b:7b:79:2b:bd:48:d4:
d8:d7:a1:ae
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICT6swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQx
OTIzNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBMTAwMjhCMDkwQzlE
RjMwQzJCNThBM0VEREU5MUI0N0ZGNjEyNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1NFfHHlPMZ1w13GeBZahxjtldRBaQZqXIH/rr+yXgwRu+gLQe
Mfmhi6Z2yCURqE/1mRsbpOzV1KfS9tjY0/Vx6L9xDA6p6pFcV1uA9tj5QsfN2toL
uxn1IoZWRJ2EJNNb6gE0lFzeAmPJP4byK28Bl+lQYaWx1pslHFCkCvGjjKtAqN0U
kPa+KACT+qRB64IemE45pEJ6QtIFO2vHAd9rpvyJOfsLrbg+6PohDCr5y2A9AcJy
TAWXVOCHyHSHbQEBw/4C3CUj0ixa55Oncw/8KqWbXKywj7UUT3mp6KmGPba8FgPD
RI0/kzB3R4nYnj4KQoCDXB88LeB4T6ULHQRDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUyhACiwkMnfMMK1ij7d6RtH/2EkgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3loQUNpd2tNbmZNTUsx
aWo3ZDZSdEhfMkVrZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAS2VqfeUKak5pKhaqdOTxIYCogLuJJB
lL8YqhvXcZMqaPyOfH+cqUfBVG3qMyNTXNcUJcxfP0eMBxWNEOE/7egKzxMjN8Kq
90jS+lDhHhXG/DzfhYhzozqsRnDjDalT+wBlRx1PTiClNSk8uAYIeekhgQUtpcym
bjBFJFsAyjMKMPLzbo795uaUqRRex97RP1dkbjBE945KzG0zG2am37mO8hIsLdn0
qyG9F0NJuZGaEAkbjvsPaVq6qAreY0jU2lJGI04g0NtZXPA0CLrLM7LBTA8HS/A6
eiNbcqew4Q9GqXYXJ1dguKNlof3XjV0atOYBGNKSO3t5K71I1NjXoa4=
-----END CERTIFICATE-----
Generated at Sun May 18 01:55:11 2025 by rpki-client