Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yrsWPwRaE30ZhmVq0jEgujFEsWc.roa
File: yrsWPwRaE30ZhmVq0jEgujFEsWc.roa (raw, json)
Hash identifier: qMaL3bkCYpxPSNvqzMty1N2GxGIPzTjEOr+Tuz/GUk4=
Subject key identifier: CA:BB:16:3F:04:5A:13:7D:19:86:65:6A:D2:31:20:BA:31:44:B1:67
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FDB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yrsWPwRaE30ZhmVq0jEgujFEsWc.roa
Signing time: Sun 05 May 2024 01:23:49 +0000
ROA not before: Sun 05 May 2024 01:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20443 (0x4fdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 01:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CABB163F045A137D1986656AD23120BA3144B167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f8:ca:c2:80:7d:42:2f:9e:99:3c:37:85:66:
79:0c:d3:e0:13:ec:74:d3:c4:c3:bc:c1:4a:29:d7:
b9:1c:15:be:4b:e4:e0:67:3e:94:69:a4:ec:5d:6b:
4b:d0:ce:e1:1c:da:5f:b1:39:77:00:74:0d:a4:3d:
c2:d5:ef:ba:64:0d:c2:96:d8:57:93:b7:d3:cf:f8:
10:f3:c9:5b:c9:90:ab:3e:8b:b1:ea:6b:f7:8a:1b:
42:12:d4:d3:d1:44:ff:43:19:f9:cb:ac:e6:3c:ff:
eb:a8:60:f9:7d:a6:b9:95:6d:39:21:3c:52:e4:e7:
1f:27:98:e4:47:ae:e6:3d:93:93:15:8b:c8:0e:65:
21:81:70:41:af:de:18:38:05:b0:9b:a2:f5:29:78:
b9:02:33:bc:8b:f1:dd:6d:79:1f:33:5d:ba:c4:a3:
6c:66:63:d2:0f:49:06:3b:ea:c2:50:9b:f8:95:de:
17:82:ec:aa:fe:cc:07:86:f1:90:cf:b7:3b:8d:51:
a7:07:45:c4:6a:09:45:56:9e:1a:b9:85:a2:42:81:
3e:dc:2c:ed:09:0b:27:11:60:55:90:10:1e:f6:69:
86:81:e6:2b:96:4d:ca:4b:47:6b:13:21:71:cd:3a:
8f:1d:37:41:1b:40:08:50:3c:3d:8d:3c:42:36:0c:
ae:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BB:16:3F:04:5A:13:7D:19:86:65:6A:D2:31:20:BA:31:44:B1:67
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yrsWPwRaE30ZhmVq0jEgujFEsWc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
37:ea:ca:45:ff:7f:03:1d:aa:5d:0a:2a:68:02:08:0d:61:cb:
ab:b4:5c:0c:98:d9:e8:0d:2f:11:9e:c2:7a:ad:39:4e:6f:9d:
df:34:63:94:c5:bd:3e:98:dc:66:c6:f1:41:b2:97:41:16:b5:
e5:c2:dc:eb:2b:05:25:a2:8c:74:4e:30:60:a0:cf:f2:12:f7:
87:e2:fe:ba:e8:43:7d:5d:c8:c7:53:f5:92:2d:74:9d:80:72:
1c:3e:62:a6:41:69:e5:24:83:19:b3:22:ad:50:cf:2b:3f:44:
b4:7f:68:87:4c:f6:08:60:83:3b:16:e7:ef:ca:88:63:2d:21:
90:6c:2e:51:62:ae:ab:86:fc:70:28:33:1a:2f:83:90:ee:a5:
99:26:09:1f:eb:42:c6:6e:71:ab:aa:24:fd:96:ff:41:dc:bb:
25:74:68:51:1b:9f:1f:4d:ba:f2:0f:81:2a:8c:e5:b8:9e:b4:
3f:ff:ca:fe:af:97:fc:05:ce:71:8b:8c:63:bb:ba:71:78:87:
06:ed:80:ab:6e:aa:47:8f:36:06:b1:f8:00:d6:a3:ca:c4:89:
db:76:01:85:1c:44:25:41:1d:ac:91:1f:91:2b:1b:db:04:48:
5a:61:b2:e7:02:1a:ea:58:65:04:f6:c7:3a:dd:7b:fc:72:b6:
0f:20:1e:69
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICT9swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUw
MTIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBQkIxNjNGMDQ1QTEz
N0QxOTg2NjU2QUQyMzEyMEJBMzE0NEIxNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDr+MrCgH1CL56ZPDeFZnkM0+AT7HTTxMO8wUop17kcFb5L5OBn
PpRppOxda0vQzuEc2l+xOXcAdA2kPcLV77pkDcKW2FeTt9PP+BDzyVvJkKs+i7Hq
a/eKG0IS1NPRRP9DGfnLrOY8/+uoYPl9prmVbTkhPFLk5x8nmORHruY9k5MVi8gO
ZSGBcEGv3hg4BbCbovUpeLkCM7yL8d1teR8zXbrEo2xmY9IPSQY76sJQm/iV3heC
7Kr+zAeG8ZDPtzuNUacHRcRqCUVWnhq5haJCgT7cLO0JCycRYFWQEB72aYaB5iuW
TcpLR2sTIXHNOo8dN0EbQAhQPD2NPEI2DK7TAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUyrsWPwRaE30ZhmVq0jEgujFEsWcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3lyc1dQd1JhRTMwWmht
VnEwakVndWpGRXNXYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADfqykX/fwMdql0KKmgCCA1hy6u0XAyY
2egNLxGewnqtOU5vnd80Y5TFvT6Y3GbG8UGyl0EWteXC3OsrBSWijHROMGCgz/IS
94fi/rroQ31dyMdT9ZItdJ2Achw+YqZBaeUkgxmzIq1Qzys/RLR/aIdM9ghggzsW
5+/KiGMtIZBsLlFirquG/HAoMxovg5DupZkmCR/rQsZucauqJP2W/0HcuyV0aFEb
nx9NuvIPgSqM5bietD//yv6vl/wFznGLjGO7unF4hwbtgKtuqkePNgax+ADWo8rE
idt2AYUcRCVBHayRH5ErG9sESFphsucCGupYZQT2xzrde/xytg8gHmk=
-----END CERTIFICATE-----
Generated at Sat May 17 19:41:25 2025 by rpki-client