Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6_AOVstUaAInQbjq03-M1tDtsOQ.roa
File: 6_AOVstUaAInQbjq03-M1tDtsOQ.roa (raw, json)
Hash identifier: OUiuXZHCA9ou36PTfit2QNrRYOrBrFu4qKA6L3WFxn8=
Subject key identifier: EB:F0:0E:56:CB:54:68:02:27:41:B8:EA:D3:7F:8C:D6:D0:ED:B0:E4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FAF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6_AOVstUaAInQbjq03-M1tDtsOQ.roa
Signing time: Sat 04 May 2024 19:54:03 +0000
ROA not before: Sat 04 May 2024 19:54:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20399 (0x4faf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 19:54:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EBF00E56CB5468022741B8EAD37F8CD6D0EDB0E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:24:91:3b:19:cd:44:4d:98:41:30:5b:b2:10:
42:2b:fd:49:c1:11:7a:78:38:40:a4:0c:31:db:bc:
ff:b1:1c:3a:0d:db:74:1a:e3:6e:a1:64:8d:9e:fd:
3e:87:22:79:47:ad:d6:ca:dc:ae:a9:66:09:6f:7d:
f8:f7:c2:08:23:86:69:4a:f0:73:f0:65:bc:35:5e:
61:88:31:14:5f:24:4f:bf:d1:21:e5:2e:22:2f:1d:
f9:b2:6d:fa:56:e3:9b:77:ab:32:d2:80:d9:e4:54:
34:49:3c:68:36:37:a0:e3:b9:e0:d8:5d:a1:70:e2:
d0:2c:04:f0:2b:4f:d3:58:b3:18:5e:5e:70:7c:80:
c4:54:b2:9f:b3:67:88:91:81:1e:10:ed:45:0d:28:
28:75:ec:09:f0:6c:4e:33:d7:df:b0:2b:8e:cf:50:
7a:9b:09:d2:e1:c0:ee:a8:12:96:ad:4b:af:bb:e9:
52:4f:34:35:76:9e:ea:b8:3d:58:13:65:8f:83:7f:
c9:46:dd:91:3a:91:0e:f2:aa:6e:73:36:91:0a:dd:
f8:c2:e8:c7:95:c0:20:ed:b8:92:d2:e6:45:55:e0:
fb:3c:9a:a9:9f:ae:7a:38:4f:18:a8:bf:63:69:4a:
f8:91:ef:79:06:04:e1:0c:da:e1:4c:19:a1:db:c2:
64:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:F0:0E:56:CB:54:68:02:27:41:B8:EA:D3:7F:8C:D6:D0:ED:B0:E4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6_AOVstUaAInQbjq03-M1tDtsOQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
82:93:39:d0:dd:42:4a:d9:28:c7:27:03:08:9a:10:31:7a:d5:
2a:50:3a:38:a9:2f:58:5b:95:b0:71:81:aa:26:a8:18:65:28:
ec:6e:79:99:6f:02:25:c3:53:6a:b7:3e:7b:ac:0a:08:03:f1:
e0:34:cb:81:45:13:4c:b7:7f:6b:f4:88:7c:70:25:d3:76:eb:
7a:ab:02:8a:9c:4b:b5:d4:cb:77:be:65:bf:29:a3:30:89:6e:
85:da:c9:50:d0:ea:62:0d:16:20:08:fa:97:22:4b:d1:1f:76:
a3:09:e3:36:5e:ed:8c:5d:4f:80:f0:34:2e:47:52:25:99:58:
54:ab:d6:d1:10:e6:ed:20:1c:2a:6c:d6:8a:29:bf:2b:05:bb:
7d:06:50:f8:f7:13:f5:12:ba:db:a6:62:b7:06:70:f3:e7:b8:
f6:a8:81:b6:06:05:cc:09:ae:71:d1:b9:86:fd:6f:fe:44:4c:
3e:ac:7f:53:94:e6:73:78:78:9d:57:98:b5:77:da:04:42:4c:
30:9c:9b:0a:1b:35:0c:c1:80:03:c5:5c:8b:e5:21:5e:05:f2:
e3:53:3d:71:a5:9c:30:0c:28:2c:c6:3c:3f:0b:b7:1b:ce:62:
40:58:81:7d:92:d3:40:70:20:f1:6b:fb:15:73:c0:80:a5:74:
18:8b:7f:54
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICT68wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQx
OTU0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVCRjAwRTU2Q0I1NDY4
MDIyNzQxQjhFQUQzN0Y4Q0Q2RDBFREIwRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+JJE7Gc1ETZhBMFuyEEIr/UnBEXp4OECkDDHbvP+xHDoN23Qa
426hZI2e/T6HInlHrdbK3K6pZglvffj3wggjhmlK8HPwZbw1XmGIMRRfJE+/0SHl
LiIvHfmybfpW45t3qzLSgNnkVDRJPGg2N6DjueDYXaFw4tAsBPArT9NYsxheXnB8
gMRUsp+zZ4iRgR4Q7UUNKCh17AnwbE4z19+wK47PUHqbCdLhwO6oEpatS6+76VJP
NDV2nuq4PVgTZY+Df8lG3ZE6kQ7yqm5zNpEK3fjC6MeVwCDtuJLS5kVV4Ps8mqmf
rno4Txiov2NpSviR73kGBOEM2uFMGaHbwmQTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU6/AOVstUaAInQbjq03+M1tDtsOQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZfQU9Wc3RVYUFJblFi
anEwMy1NMXREdHNPUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIKTOdDdQkrZKMcnAwiaEDF61SpQOjip
L1hblbBxgaomqBhlKOxueZlvAiXDU2q3PnusCggD8eA0y4FFE0y3f2v0iHxwJdN2
63qrAoqcS7XUy3e+Zb8pozCJboXayVDQ6mINFiAI+pciS9EfdqMJ4zZe7YxdT4Dw
NC5HUiWZWFSr1tEQ5u0gHCps1oopvysFu30GUPj3E/USutumYrcGcPPnuPaogbYG
BcwJrnHRuYb9b/5ETD6sf1OU5nN4eJ1XmLV32gRCTDCcmwobNQzBgAPFXIvlIV4F
8uNTPXGlnDAMKCzGPD8LtxvOYkBYgX2S00BwIPFr+xVzwICldBiLf1Q=
-----END CERTIFICATE-----
Generated at Sun Jun 22 06:13:19 2025 by rpki-client