Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/64LI-UnMeNDE-aOtCy1mpSZq6uI.roa
File: 64LI-UnMeNDE-aOtCy1mpSZq6uI.roa (raw, json)
Hash identifier: /LcQ2L/fk4kOjCmY6AhfjGm2AwfFIN0BPq3QLXgKPu4=
Subject key identifier: EB:82:C8:F9:49:CC:78:D0:C4:F9:A3:AD:0B:2D:66:A5:26:6A:EA:E2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43DB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/64LI-UnMeNDE-aOtCy1mpSZq6uI.roa
Signing time: Fri 19 Apr 2024 01:23:03 +0000
ROA not before: Fri 19 Apr 2024 01:23:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17371 (0x43db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 01:23:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EB82C8F949CC78D0C4F9A3AD0B2D66A5266AEAE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:73:50:07:38:68:ba:c7:0b:78:6a:a2:72:aa:
10:ce:16:17:06:5f:17:94:9c:df:1c:d0:64:d8:d8:
d4:bc:2c:77:20:08:61:35:9d:2f:ca:ca:0e:a8:5a:
7d:d5:9e:6a:86:72:fe:ea:c0:d7:aa:0c:5d:fb:37:
88:dc:64:2e:d2:67:74:f2:7c:09:80:ca:a3:c8:e1:
68:3e:2c:d8:b0:fc:e2:ee:87:10:d2:57:30:78:67:
66:ed:b3:6b:88:7c:89:f5:0e:ce:a6:cc:83:6a:19:
42:55:91:28:fc:61:0e:91:e3:0e:ed:01:0a:be:d7:
8e:88:ab:e9:b9:f7:b6:d9:db:c6:60:bd:08:3f:ff:
e6:a4:4c:54:8a:b6:ff:ca:3c:a1:cd:1d:63:b4:09:
cf:a7:ca:f3:ed:14:6a:47:10:99:f0:fb:3c:88:90:
8b:af:12:5d:77:17:e7:04:ee:b5:6c:10:5b:7a:bd:
ea:66:3f:7a:4d:83:c1:7c:47:57:2a:6f:16:96:45:
dc:d5:32:da:e1:a7:f3:89:1d:ed:31:6a:cb:d6:fd:
75:77:e8:f6:32:d8:ae:2b:2c:1a:a2:22:67:43:9a:
68:9d:bd:ad:b6:35:ec:82:bd:dc:b8:e9:97:fc:29:
01:d4:f0:67:16:a1:bc:17:05:27:54:89:bd:20:2d:
ac:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:82:C8:F9:49:CC:78:D0:C4:F9:A3:AD:0B:2D:66:A5:26:6A:EA:E2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/64LI-UnMeNDE-aOtCy1mpSZq6uI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0e:bd:29:68:49:71:13:5a:0f:bf:89:5f:1c:88:f8:ad:e6:aa:
94:9e:68:b4:ba:4a:1a:06:d2:f2:06:87:93:0a:55:db:b9:18:
9e:23:2d:b7:18:64:61:42:fd:a7:e5:d9:83:3c:1e:d2:2d:05:
f8:4c:06:39:2b:0b:f9:9a:54:c2:71:c1:b5:19:f8:2c:48:69:
05:1a:db:20:c0:7f:2f:d9:31:10:ae:ff:7f:14:db:db:83:c7:
1e:1a:b5:4d:0d:dd:d6:1c:ec:c5:bc:72:32:a3:86:0d:7b:48:
fa:e2:93:d7:cc:d5:e9:ca:4b:d3:e0:66:14:4b:3a:b4:7e:52:
1c:82:6c:6a:44:c5:35:af:8c:76:2e:12:b6:de:1a:e0:a1:e9:
91:ef:8f:56:93:3a:72:62:2b:cb:eb:56:dd:56:b9:82:e7:0e:
14:07:c7:9d:fe:e6:8b:0c:23:1e:ac:03:8f:c1:33:74:d8:73:
54:6c:3f:1c:63:b0:71:a0:83:5c:18:e8:5d:52:2f:73:2b:f5:
f2:53:11:d3:38:70:94:08:96:bd:4d:6b:64:00:eb:8c:08:24:
4f:db:c6:12:d3:af:5e:22:73:fe:80:1d:74:a0:68:2f:bf:60:
f2:b2:94:41:b4:2c:1a:0f:88:99:f3:96:3b:df:df:f4:f9:04:
a6:82:71:33
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ9swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
MTIzMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVCODJDOEY5NDlDQzc4
RDBDNEY5QTNBRDBCMkQ2NkE1MjY2QUVBRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLc1AHOGi6xwt4aqJyqhDOFhcGXxeUnN8c0GTY2NS8LHcgCGE1
nS/Kyg6oWn3VnmqGcv7qwNeqDF37N4jcZC7SZ3TyfAmAyqPI4Wg+LNiw/OLuhxDS
VzB4Z2bts2uIfIn1Ds6mzINqGUJVkSj8YQ6R4w7tAQq+146Iq+m597bZ28ZgvQg/
/+akTFSKtv/KPKHNHWO0Cc+nyvPtFGpHEJnw+zyIkIuvEl13F+cE7rVsEFt6vepm
P3pNg8F8R1cqbxaWRdzVMtrhp/OJHe0xasvW/XV36PYy2K4rLBqiImdDmmidva22
NeyCvdy46Zf8KQHU8GcWobwXBSdUib0gLaw9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU64LI+UnMeNDE+aOtCy1mpSZq6uIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzY0TEktVW5NZU5ERS1h
T3RDeTFtcFNacTZ1SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAA69KWhJcRNaD7+JXxyI+K3mqpSeaLS6
ShoG0vIGh5MKVdu5GJ4jLbcYZGFC/afl2YM8HtItBfhMBjkrC/maVMJxwbUZ+CxI
aQUa2yDAfy/ZMRCu/38U29uDxx4atU0N3dYc7MW8cjKjhg17SPrik9fM1enKS9Pg
ZhRLOrR+UhyCbGpExTWvjHYuErbeGuCh6ZHvj1aTOnJiK8vrVt1WuYLnDhQHx53+
5osMIx6sA4/BM3TYc1RsPxxjsHGgg1wY6F1SL3Mr9fJTEdM4cJQIlr1Na2QA64wI
JE/bxhLTr14ic/6AHXSgaC+/YPKylEG0LBoPiJnzljvf3/T5BKaCcTM=
-----END CERTIFICATE-----
Generated at Sun Jun 22 12:11:29 2025 by rpki-client