Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BN_SwjnsUhS_y7qa61n5VKcm7FY.roa
File: BN_SwjnsUhS_y7qa61n5VKcm7FY.roa (raw, json)
Hash identifier: cE1b6+8uF04JtXiEUVYJaFmW3vS9xI8LvdZez2bVCL4=
Subject key identifier: 04:DF:D2:C2:39:EC:52:14:BF:CB:BA:9A:EB:59:F9:54:A7:26:EC:56
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 336F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BN_SwjnsUhS_y7qa61n5VKcm7FY.roa
Signing time: Thu 28 Mar 2024 03:52:01 +0000
ROA not before: Thu 28 Mar 2024 03:52:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13167 (0x336f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 03:52:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=04DFD2C239EC5214BFCBBA9AEB59F954A726EC56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5f:7c:b7:7b:4c:23:d2:db:73:ca:32:61:ec:
7e:f3:69:71:92:32:2e:0a:a1:12:1d:4b:cb:90:ce:
a5:3b:6f:c6:4f:e4:b1:0d:08:61:a3:ec:56:5c:4d:
51:c9:75:36:94:2d:aa:84:2d:fc:08:fb:65:4f:c6:
63:f1:46:81:1a:20:44:b8:5c:98:2a:33:47:16:18:
47:7a:53:b4:36:e9:56:b0:5f:59:11:24:5f:15:72:
70:0b:13:81:9c:e0:43:8e:58:be:a1:27:b6:74:99:
43:de:23:70:74:01:6c:02:a7:dd:33:a9:cc:f5:da:
e0:48:0e:76:d9:b2:d1:61:cb:51:34:f1:b0:f6:8b:
af:41:9e:37:2a:c7:8a:c6:11:7a:a7:1c:95:82:ed:
3c:93:74:4c:67:0f:a5:60:56:eb:96:6b:51:85:1d:
73:5b:c2:d8:1b:9e:38:87:73:ef:c7:0d:c0:7b:d5:
f3:52:67:f5:4e:e5:36:db:5f:0a:b2:8b:c8:72:2d:
be:42:22:04:83:92:61:19:47:05:56:b7:35:a7:f1:
a7:b9:93:ad:c1:64:5f:a2:ea:0f:c7:74:7e:52:0e:
a7:df:25:49:78:34:64:0a:f3:e0:16:80:bc:16:d4:
6b:7d:51:e9:53:16:da:18:db:20:23:2b:91:d0:b9:
6e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:DF:D2:C2:39:EC:52:14:BF:CB:BA:9A:EB:59:F9:54:A7:26:EC:56
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BN_SwjnsUhS_y7qa61n5VKcm7FY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
9c:e4:96:4e:f0:2c:ea:38:38:39:91:f5:61:97:c4:b0:bb:46:
32:92:f0:79:62:0d:52:bd:62:dd:37:2f:4f:82:a5:12:f8:30:
f7:52:9a:0f:f9:48:7e:bf:a7:25:66:c4:53:62:77:01:bc:05:
65:32:8f:a7:22:10:d5:5c:12:68:97:96:6e:ea:71:ba:66:36:
4a:4c:ce:1f:e8:fb:dd:9c:37:a0:07:1b:97:fe:e8:9c:cf:87:
99:44:b9:ef:32:75:ea:07:4a:f0:92:95:cf:5c:07:3a:d1:61:
57:ce:77:d3:e6:f1:9c:d9:3c:68:4b:04:88:e8:90:38:b5:f7:
8e:79:7c:a9:09:15:cd:12:d0:9e:50:1a:8b:0b:15:ca:51:3f:
99:dd:93:b9:4d:c9:00:79:3a:3f:55:8e:1a:b7:b2:a1:86:98:
b2:a2:0d:d2:cd:d5:d7:00:b7:4c:be:cb:5e:e4:6b:c3:2c:05:
3f:d6:7d:9f:5e:53:cc:34:38:07:58:62:85:9c:ea:60:a3:f5:
0d:86:f4:f3:a4:bb:33:65:0c:2c:de:3b:2b:2a:13:d0:bc:f2:
06:2e:b4:d6:79:21:be:a0:15:63:0d:7c:c2:75:08:92:57:84:
36:8d:38:93:4d:87:66:e6:22:5f:89:33:ca:ac:70:62:d7:0e:
c8:63:86:7b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICM28wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgw
MzUyMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA0REZEMkMyMzlFQzUy
MTRCRkNCQkE5QUVCNTlGOTU0QTcyNkVDNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3X3y3e0wj0ttzyjJh7H7zaXGSMi4KoRIdS8uQzqU7b8ZP5LEN
CGGj7FZcTVHJdTaULaqELfwI+2VPxmPxRoEaIES4XJgqM0cWGEd6U7Q26VawX1kR
JF8VcnALE4Gc4EOOWL6hJ7Z0mUPeI3B0AWwCp90zqcz12uBIDnbZstFhy1E08bD2
i69Bnjcqx4rGEXqnHJWC7TyTdExnD6VgVuuWa1GFHXNbwtgbnjiHc+/HDcB71fNS
Z/VO5TbbXwqyi8hyLb5CIgSDkmEZRwVWtzWn8ae5k63BZF+i6g/HdH5SDqffJUl4
NGQK8+AWgLwW1Gt9UelTFtoY2yAjK5HQuW47AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBN/SwjnsUhS/y7qa61n5VKcm7FYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JOX1N3am5zVWhTX3k3
cWE2MW41VktjbTdGWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJzklk7wLOo4ODmR9WGXxLC7RjKS8Hli
DVK9Yt03L0+CpRL4MPdSmg/5SH6/pyVmxFNidwG8BWUyj6ciENVcEmiXlm7qcbpm
NkpMzh/o+92cN6AHG5f+6JzPh5lEue8ydeoHSvCSlc9cBzrRYVfOd9Pm8ZzZPGhL
BIjokDi19455fKkJFc0S0J5QGosLFcpRP5ndk7lNyQB5Oj9Vjhq3sqGGmLKiDdLN
1dcAt0y+y17ka8MsBT/WfZ9eU8w0OAdYYoWc6mCj9Q2G9POkuzNlDCzeOysqE9C8
8gYutNZ5Ib6gFWMNfMJ1CJJXhDaNOJNNh2bmIl+JM8qscGLXDshjhns=
-----END CERTIFICATE-----
Generated at Sun Jun 22 18:00:36 2025 by rpki-client