Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5tjxNvW9Rmymhi4z86OrjESgLpY.roa
File: 5tjxNvW9Rmymhi4z86OrjESgLpY.roa (raw, json)
Hash identifier: DTuHrp4Snd+0NExi4fljy94YYRoeptuoXUeiApK3l6U=
Subject key identifier: E6:D8:F1:36:F5:BD:46:6C:A6:86:2E:33:F3:A3:AB:8C:44:A0:2E:96
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3507
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5tjxNvW9Rmymhi4z86OrjESgLpY.roa
Signing time: Sat 30 Mar 2024 06:52:37 +0000
ROA not before: Sat 30 Mar 2024 06:52:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13575 (0x3507)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 06:52:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E6D8F136F5BD466CA6862E33F3A3AB8C44A02E96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a4:92:d4:e3:22:ed:89:9d:24:19:34:6a:36:
b6:15:40:90:fd:8b:89:8c:16:5b:0a:24:7d:67:15:
0c:36:d2:9e:9e:5f:f1:67:77:1e:98:b7:5c:a1:fc:
b0:35:1b:32:bb:e2:ee:05:99:19:4f:03:78:f2:96:
66:7d:73:eb:e5:40:fc:df:94:30:60:46:63:4b:b4:
2f:91:49:f1:d9:1a:3f:6e:bc:ef:af:fc:f5:3d:b6:
67:49:21:d2:d4:e1:52:d0:36:50:53:32:09:f8:8a:
8b:61:a1:05:db:19:37:7c:b6:a4:09:ee:29:d4:7a:
d0:38:fa:e0:8c:75:96:8f:a0:ea:fe:19:57:e7:29:
e9:f0:61:51:55:93:a6:47:dd:6c:36:fb:34:9f:d4:
e5:65:89:a9:66:fe:15:c8:22:f9:b4:54:ae:9a:7c:
47:f4:0b:6a:c3:8c:2c:99:07:44:9e:b0:ed:ac:92:
62:ae:8c:a5:07:33:8c:ae:a1:10:dd:b5:6d:f3:ae:
f8:cd:a7:3e:18:fa:16:9b:84:cb:f1:46:22:06:48:
5d:21:e0:d4:0e:5f:13:f9:aa:00:1f:d9:3b:17:0e:
08:a0:2c:a2:d5:97:01:ac:77:78:95:ae:c9:b9:83:
8c:2e:c9:b5:99:ab:80:ac:bb:96:1f:5a:0e:59:5b:
3e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D8:F1:36:F5:BD:46:6C:A6:86:2E:33:F3:A3:AB:8C:44:A0:2E:96
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5tjxNvW9Rmymhi4z86OrjESgLpY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4c:89:56:bd:74:9f:2d:30:69:e6:80:ff:c0:3c:63:b4:57:e2:
b4:fe:4a:66:06:e8:fa:1f:fb:2b:b4:37:51:65:26:4a:ef:a9:
94:bf:c8:ba:48:4f:e7:12:d9:8b:c0:71:67:9a:7d:32:b8:50:
d0:c1:be:35:bd:43:e2:7f:f9:b7:69:5c:31:fe:ac:53:45:b4:
84:c3:a5:ca:15:d1:4b:f9:cd:b2:99:c2:f2:34:af:78:ac:5e:
2d:7d:96:27:c9:3b:eb:1b:48:5e:5c:2f:f0:54:f4:f0:e7:ab:
0c:86:db:a9:b5:db:b8:72:0e:c6:66:57:7b:06:0a:e7:f8:dc:
c7:08:81:42:56:f4:73:19:8d:36:6a:5f:32:7a:b7:e7:54:95:
64:9e:59:ca:db:d3:8f:6a:c3:bb:c5:21:8e:b8:48:e7:86:61:
98:85:de:88:ba:9a:7a:71:c7:7c:30:45:d0:28:2b:a2:41:ad:
1b:5a:a8:cb:f8:54:1f:6d:02:3e:3e:8b:67:16:ea:2a:48:51:
4a:6b:fb:22:28:27:bc:fc:ce:8f:9c:83:49:d5:61:ee:a9:88:
33:4d:45:b7:bb:0c:7e:da:79:20:b7:a1:e4:1d:14:8d:b3:b4:
30:07:1c:fd:d7:c2:a6:08:22:89:13:cf:39:8a:ad:03:81:f2:
d3:68:dc:06
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNQcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
NjUyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU2RDhGMTM2RjVCRDQ2
NkNBNjg2MkUzM0YzQTNBQjhDNDRBMDJFOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBpJLU4yLtiZ0kGTRqNrYVQJD9i4mMFlsKJH1nFQw20p6eX/Fn
dx6Yt1yh/LA1GzK74u4FmRlPA3jylmZ9c+vlQPzflDBgRmNLtC+RSfHZGj9uvO+v
/PU9tmdJIdLU4VLQNlBTMgn4iothoQXbGTd8tqQJ7inUetA4+uCMdZaPoOr+GVfn
KenwYVFVk6ZH3Ww2+zSf1OVlialm/hXIIvm0VK6afEf0C2rDjCyZB0SesO2skmKu
jKUHM4yuoRDdtW3zrvjNpz4Y+habhMvxRiIGSF0h4NQOXxP5qgAf2TsXDgigLKLV
lwGsd3iVrsm5g4wuybWZq4Csu5YfWg5ZWz4jAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU5tjxNvW9Rmymhi4z86OrjESgLpYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzV0anhOdlc5Um15bWhp
NHo4Nk9yakVTZ0xwWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEyJVr10ny0waeaA/8A8Y7RX4rT+SmYG
6Pof+yu0N1FlJkrvqZS/yLpIT+cS2YvAcWeafTK4UNDBvjW9Q+J/+bdpXDH+rFNF
tITDpcoV0Uv5zbKZwvI0r3isXi19lifJO+sbSF5cL/BU9PDnqwyG26m127hyDsZm
V3sGCuf43McIgUJW9HMZjTZqXzJ6t+dUlWSeWcrb049qw7vFIY64SOeGYZiF3oi6
mnpxx3wwRdAoK6JBrRtaqMv4VB9tAj4+i2cW6ipIUUpr+yIoJ7z8zo+cg0nVYe6p
iDNNRbe7DH7aeSC3oeQdFI2ztDAHHP3XwqYIIokTzzmKrQOB8tNo3AY=
-----END CERTIFICATE-----
Generated at Sat Jun 21 22:58:45 2025 by rpki-client