Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2mGpDPUpDVJFnntPz8EQYVf5jN8.roa
File: 2mGpDPUpDVJFnntPz8EQYVf5jN8.roa (raw, json)
Hash identifier: tnUolgkSOnX/unB3SOddFD5XQaoUkIJenDkMGRYNHPg=
Subject key identifier: DA:61:A9:0C:F5:29:0D:52:45:9E:7B:4F:CF:C1:10:61:57:F9:8C:DF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55DB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2mGpDPUpDVJFnntPz8EQYVf5jN8.roa
Signing time: Mon 13 May 2024 01:24:07 +0000
ROA not before: Mon 13 May 2024 01:24:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21979 (0x55db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 01:24:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DA61A90CF5290D52459E7B4FCFC1106157F98CDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0c:27:3f:2f:25:92:34:35:ca:43:d0:99:b6:
a1:f6:6c:d6:14:ac:91:41:10:26:3f:18:0c:1c:3f:
6e:e2:04:d2:0f:24:16:b6:a6:ac:aa:1e:c4:65:d7:
2a:97:d2:9c:cf:87:da:81:36:26:37:ec:e4:9a:05:
7f:8c:d5:72:78:c4:f8:fb:83:60:c8:fb:03:0f:58:
be:e1:38:8b:6e:c3:26:76:45:de:ef:60:9f:8a:4f:
43:dd:b5:87:43:12:41:ae:93:f2:d5:d8:78:00:2c:
b8:20:63:f0:40:3f:2a:0f:a3:19:5d:eb:44:89:46:
c8:41:f9:71:26:55:cc:59:ab:0b:df:25:fa:f8:d0:
a1:31:73:18:f6:4a:f6:75:b0:f3:48:0b:b9:a4:bd:
f3:e1:25:94:fd:84:a7:25:c4:15:3a:cf:0b:11:82:
51:cb:f6:fb:2e:12:ac:5f:ec:c9:97:aa:ad:31:ea:
20:f5:33:1f:ac:77:92:a3:53:17:09:66:66:b5:e9:
14:ba:b7:5d:3f:1b:81:80:7e:7e:01:62:1d:b0:56:
42:ac:14:b4:f1:d0:b8:b6:74:08:82:4c:fe:23:11:
0c:da:17:57:25:e6:f5:de:16:40:24:bc:bc:d6:73:
49:aa:f0:f2:6c:de:fb:22:c1:63:f8:cc:55:21:a8:
bf:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:61:A9:0C:F5:29:0D:52:45:9E:7B:4F:CF:C1:10:61:57:F9:8C:DF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2mGpDPUpDVJFnntPz8EQYVf5jN8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0b:57:23:81:b8:37:6f:6c:c4:df:c8:c6:81:2c:e0:6b:a2:e8:
73:5e:50:dd:c8:b9:85:13:ba:3f:ab:42:af:2d:50:9e:88:bb:
e3:de:86:91:c7:54:6c:41:e5:e0:05:df:93:16:c0:30:61:41:
ef:a0:5f:d8:eb:f8:ab:05:89:33:71:6f:64:f5:32:af:4f:16:
34:e2:19:36:bf:bf:ed:1f:8f:7b:c6:0f:38:14:7a:8c:01:fe:
28:da:8f:e3:69:9e:e1:ca:7b:4f:84:b2:4d:52:98:d4:2b:d0:
2c:4a:d6:f5:da:a1:ce:4a:a5:60:25:b8:42:6d:90:2a:a1:75:
c8:63:7f:0d:5f:66:80:80:93:35:3c:d2:ca:97:ba:76:da:c0:
6f:42:48:ea:b7:19:9f:88:20:18:87:c1:2d:9b:de:05:27:cc:
0c:a2:e3:81:e8:bd:07:e4:3e:78:d6:b2:39:8a:ad:ad:d5:23:
1a:01:b7:f8:e6:b5:2d:3d:0b:c3:ed:f2:c7:3c:c9:56:81:c8:
6e:84:9c:1d:2d:12:b3:41:89:84:4d:60:60:55:07:1c:9e:84:
c7:27:ab:2d:76:19:64:60:83:a2:ca:b2:d2:ce:74:5b:3a:ea:
cb:63:9e:31:ca:61:86:0c:c9:dc:e2:35:24:2e:a1:89:95:d6:
10:33:20:59
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVdswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
MTI0MDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBNjFBOTBDRjUyOTBE
NTI0NTlFN0I0RkNGQzExMDYxNTdGOThDREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDADCc/LyWSNDXKQ9CZtqH2bNYUrJFBECY/GAwcP27iBNIPJBa2
pqyqHsRl1yqX0pzPh9qBNiY37OSaBX+M1XJ4xPj7g2DI+wMPWL7hOItuwyZ2Rd7v
YJ+KT0PdtYdDEkGuk/LV2HgALLggY/BAPyoPoxld60SJRshB+XEmVcxZqwvfJfr4
0KExcxj2SvZ1sPNIC7mkvfPhJZT9hKclxBU6zwsRglHL9vsuEqxf7MmXqq0x6iD1
Mx+sd5KjUxcJZma16RS6t10/G4GAfn4BYh2wVkKsFLTx0Li2dAiCTP4jEQzaF1cl
5vXeFkAkvLzWc0mq8PJs3vsiwWP4zFUhqL+fAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU2mGpDPUpDVJFnntPz8EQYVf5jN8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJtR3BEUFVwRFZKRm5u
dFB6OEVRWVZmNWpOOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAtXI4G4N29sxN/IxoEs4Gui6HNeUN3I
uYUTuj+rQq8tUJ6Iu+PehpHHVGxB5eAF35MWwDBhQe+gX9jr+KsFiTNxb2T1Mq9P
FjTiGTa/v+0fj3vGDzgUeowB/ijaj+NpnuHKe0+Esk1SmNQr0CxK1vXaoc5KpWAl
uEJtkCqhdchjfw1fZoCAkzU80sqXunbawG9CSOq3GZ+IIBiHwS2b3gUnzAyi44Ho
vQfkPnjWsjmKra3VIxoBt/jmtS09C8Pt8sc8yVaByG6EnB0tErNBiYRNYGBVBxye
hMcnqy12GWRgg6LKstLOdFs66stjnjHKYYYMydziNSQuoYmV1hAzIFk=
-----END CERTIFICATE-----
Generated at Sat Jun 21 20:27:19 2025 by rpki-client