Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/EESLpmCtUuzbzyOvs0VwRH7-K58.roa
File: EESLpmCtUuzbzyOvs0VwRH7-K58.roa (raw, json)
Hash identifier: lKq1sGH27sF7MJnulrpZm9r3brEG1qMqxMi0GT79kao=
Subject key identifier: 10:44:8B:A6:60:AD:52:EC:DB:CF:23:AF:B3:45:70:44:7E:FE:2B:9F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34F3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EESLpmCtUuzbzyOvs0VwRH7-K58.roa
Signing time: Sat 30 Mar 2024 04:22:08 +0000
ROA not before: Sat 30 Mar 2024 04:22:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13555 (0x34f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 04:22:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=10448BA660AD52ECDBCF23AFB34570447EFE2B9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ef:18:a9:f0:de:b8:1b:de:df:dc:af:00:7a:
61:4c:a7:8e:82:a6:ef:2d:9d:01:bb:fb:b0:c7:71:
0e:d5:94:09:49:54:48:f4:d6:4c:b5:d1:61:9a:19:
88:39:5f:4b:de:ed:b3:0b:f6:49:e3:a8:00:0b:48:
a0:1c:ec:50:84:48:dd:65:69:e4:70:0e:4b:67:7b:
6b:a2:23:5c:2b:af:7f:f6:0c:83:e8:16:13:84:50:
23:76:2b:06:b5:e4:85:b0:b4:4d:cb:ca:40:71:28:
e4:ad:47:71:6e:cf:2e:58:7c:8b:e4:2a:cc:6b:6a:
68:14:63:b3:dd:90:fb:22:9c:c6:f4:b7:c9:21:7d:
62:a1:e1:c0:29:6c:49:be:48:7e:5f:f9:cd:f1:fd:
41:b9:b4:f3:a9:7e:63:3c:d2:c5:05:98:1f:af:b3:
e0:87:78:32:19:a2:47:5f:cc:5c:b3:b4:c7:e1:48:
4f:92:20:70:e6:3c:a2:15:72:a8:f4:ff:b9:38:02:
a1:10:17:3b:cd:aa:1c:73:4b:3d:48:36:e4:5b:be:
3a:7f:60:1e:4b:42:0b:4b:bd:09:3e:ea:3f:cb:c3:
74:8c:ce:74:2d:8b:e4:d2:db:cf:aa:a7:6e:27:c1:
c4:2e:c1:aa:02:50:f5:e6:c6:b9:24:e4:f1:71:22:
7b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:44:8B:A6:60:AD:52:EC:DB:CF:23:AF:B3:45:70:44:7E:FE:2B:9F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EESLpmCtUuzbzyOvs0VwRH7-K58.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
11:48:ef:90:55:7a:82:e2:6d:ee:97:1c:69:81:61:1a:0f:51:
96:44:b3:41:72:28:ec:99:59:32:c4:70:06:17:cf:3a:c4:a0:
ad:63:c2:c0:20:0b:14:29:53:9b:1e:1d:66:e5:b1:f9:89:b2:
f5:f0:bc:46:16:61:32:f4:21:c6:2d:61:00:9f:7b:f7:35:cf:
33:b1:77:de:ec:f1:97:07:82:61:d2:85:60:b3:01:8e:c1:f3:
23:ca:eb:29:bd:08:19:db:1b:59:b8:7a:0c:a8:31:ef:01:c7:
c9:97:88:33:35:cf:34:d8:07:57:67:23:61:3c:01:04:ca:a1:
31:3e:2a:bc:91:18:ba:c8:b1:16:ac:ff:72:32:39:91:aa:9c:
8a:c2:47:8a:45:2c:f2:8e:f7:d8:3b:74:3c:e0:fe:4c:1c:2d:
03:3e:78:5b:4a:a0:6a:6b:08:21:d5:14:5a:8e:d3:e4:50:62:
30:6e:df:51:f8:20:12:b5:05:2c:9a:9e:31:64:b7:9d:7e:30:
4f:6b:8c:ea:92:d0:dc:5c:a5:ec:5e:3f:c4:98:9a:6c:94:1d:
c1:ea:94:a3:73:7d:ca:ea:16:e8:b0:3a:0b:a3:5e:38:d1:cd:
63:df:2e:e6:68:52:1f:2d:f6:c1:fd:72:d1:ca:0f:e2:a4:a1:
3c:f4:a1:cc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
NDIyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEwNDQ4QkE2NjBBRDUy
RUNEQkNGMjNBRkIzNDU3MDQ0N0VGRTJCOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv7xip8N64G97f3K8AemFMp46Cpu8tnQG7+7DHcQ7VlAlJVEj0
1ky10WGaGYg5X0ve7bML9knjqAALSKAc7FCESN1laeRwDktne2uiI1wrr3/2DIPo
FhOEUCN2Kwa15IWwtE3LykBxKOStR3Fuzy5YfIvkKsxramgUY7PdkPsinMb0t8kh
fWKh4cApbEm+SH5f+c3x/UG5tPOpfmM80sUFmB+vs+CHeDIZokdfzFyztMfhSE+S
IHDmPKIVcqj0/7k4AqEQFzvNqhxzSz1INuRbvjp/YB5LQgtLvQk+6j/Lw3SMznQt
i+TS28+qp24nwcQuwaoCUPXmxrkk5PFxIntrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUEESLpmCtUuzbzyOvs0VwRH7+K58wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0VFU0xwbUN0VXV6Ynp5
T3ZzMFZ3Ukg3LUs1OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABFI75BVeoLibe6XHGmBYRoPUZZEs0Fy
KOyZWTLEcAYXzzrEoK1jwsAgCxQpU5seHWblsfmJsvXwvEYWYTL0IcYtYQCfe/c1
zzOxd97s8ZcHgmHShWCzAY7B8yPK6ym9CBnbG1m4egyoMe8Bx8mXiDM1zzTYB1dn
I2E8AQTKoTE+KryRGLrIsRas/3IyOZGqnIrCR4pFLPKO99g7dDzg/kwcLQM+eFtK
oGprCCHVFFqO0+RQYjBu31H4IBK1BSyanjFkt51+ME9rjOqS0NxcpexeP8SYmmyU
HcHqlKNzfcrqFuiwOgujXjjRzWPfLuZoUh8t9sH9ctHKD+KkoTz0ocw=
-----END CERTIFICATE-----
Generated at Sat Jun 21 15:33:39 2025 by rpki-client