Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/EzPhQjiFV4h7Ya3X0bO7W9QW0qE.roa
File: EzPhQjiFV4h7Ya3X0bO7W9QW0qE.roa (raw, json)
Hash identifier: XU1TGlxZmLvoji+4n1kbUavRg1ZTVI3gm/97RN6VClQ=
Subject key identifier: 13:33:E1:42:38:85:57:88:7B:61:AD:D7:D1:B3:BB:5B:D4:16:D2:A1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 420F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EzPhQjiFV4h7Ya3X0bO7W9QW0qE.roa
Signing time: Tue 16 Apr 2024 15:52:57 +0000
ROA not before: Tue 16 Apr 2024 15:52:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16911 (0x420f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 15:52:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1333E142388557887B61ADD7D1B3BB5BD416D2A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:46:2d:27:de:4b:c2:be:88:b4:41:c7:bd:7d:
fc:e5:12:8d:74:44:c3:c1:4b:1e:49:23:c0:fe:9f:
6f:c4:2a:4c:bd:52:f2:04:f2:83:93:26:ca:a5:6c:
c8:ca:5c:60:13:76:8c:ce:0a:ba:df:51:ef:80:06:
81:a9:a7:48:7d:8b:65:78:bf:84:e0:24:98:41:f4:
f4:9a:03:cb:56:58:87:db:c2:60:0b:93:a0:ed:c5:
35:3f:56:cf:23:4b:24:4b:7f:67:e7:f5:9d:bb:f4:
d7:c9:4c:9c:4a:02:ac:94:58:00:fc:cb:be:5e:52:
a6:c9:2a:1c:95:ad:12:e7:ce:b1:69:de:84:8e:43:
98:89:a2:33:05:8c:91:eb:26:e2:15:d1:5e:6d:13:
f7:ab:f9:e1:0b:e1:57:58:bd:87:2d:40:a8:9d:2f:
75:c1:ce:74:a0:21:f9:dd:43:38:0c:dc:26:4a:bd:
b7:89:c8:e4:fc:27:88:25:2e:26:ef:b3:b6:ac:1d:
2a:22:e4:ae:4d:66:32:64:6b:c8:b3:52:10:b3:4e:
1f:c3:8f:35:1c:63:ba:55:52:18:df:69:19:16:7b:
2b:38:a9:bb:99:b0:ae:45:bd:3a:e5:4a:3a:04:33:
ed:f1:c8:92:e0:7a:f9:be:47:ef:bb:d5:f7:de:3b:
f4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:33:E1:42:38:85:57:88:7B:61:AD:D7:D1:B3:BB:5B:D4:16:D2:A1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EzPhQjiFV4h7Ya3X0bO7W9QW0qE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b9:52:53:85:4e:da:19:2b:8c:65:31:60:53:da:14:91:a1:0e:
c6:b2:72:ec:49:8e:0a:9b:f7:bb:b9:07:2c:aa:91:a2:78:74:
ed:3e:3f:17:d5:ed:6f:54:cc:f5:ef:ff:94:09:5e:70:fd:30:
34:0a:9b:15:15:0b:fc:64:26:79:e7:24:89:1e:fb:1e:42:2a:
1d:88:77:40:70:52:12:c5:4c:49:f5:c4:e1:35:d1:4a:59:bd:
e9:e3:d5:8b:08:9d:16:6c:75:18:8a:d8:83:5b:ad:fe:04:59:
2b:67:74:55:a2:6d:aa:29:f9:94:12:2f:56:cb:ea:0a:d7:5a:
7b:34:9a:ca:56:01:53:b4:7b:c1:1a:dc:d3:0e:7d:e8:40:1c:
86:3a:30:5b:9b:50:e4:b9:58:10:b1:be:f1:cd:76:4b:d8:6b:
40:1a:6d:ce:f0:78:bb:76:31:5d:c5:bd:04:d8:fc:82:a2:a8:
e8:d7:76:61:86:a3:63:18:39:6e:74:9f:3f:10:f3:8f:d6:8c:
3b:2a:a0:b7:d9:10:9a:72:ab:77:c6:ca:37:12:a7:6f:a3:ea:
cb:de:36:d7:81:ec:ec:9c:e0:f6:e4:67:21:ad:47:e7:26:72:
78:1a:6d:99:64:76:e7:db:2d:dd:17:f1:cc:14:51:32:7b:4e:
8a:6d:1e:b8
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQg8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYx
NTUyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEzMzNFMTQyMzg4NTU3
ODg3QjYxQUREN0QxQjNCQjVCRDQxNkQyQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmRi0n3kvCvoi0Qce9ffzlEo10RMPBSx5JI8D+n2/EKky9UvIE
8oOTJsqlbMjKXGATdozOCrrfUe+ABoGpp0h9i2V4v4TgJJhB9PSaA8tWWIfbwmAL
k6DtxTU/Vs8jSyRLf2fn9Z279NfJTJxKAqyUWAD8y75eUqbJKhyVrRLnzrFp3oSO
Q5iJojMFjJHrJuIV0V5tE/er+eEL4VdYvYctQKidL3XBznSgIfndQzgM3CZKvbeJ
yOT8J4glLibvs7asHSoi5K5NZjJka8izUhCzTh/DjzUcY7pVUhjfaRkWeys4qbuZ
sK5FvTrlSjoEM+3xyJLgevm+R++71ffeO/R/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUEzPhQjiFV4h7Ya3X0bO7W9QW0qEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0V6UGhRamlGVjRoN1lh
M1gwYk83VzlRVzBxRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALlSU4VO2hkrjGUxYFPaFJGhDsaycuxJ
jgqb97u5ByyqkaJ4dO0+PxfV7W9UzPXv/5QJXnD9MDQKmxUVC/xkJnnnJIke+x5C
Kh2Id0BwUhLFTEn1xOE10UpZvenj1YsInRZsdRiK2INbrf4EWStndFWibaop+ZQS
L1bL6grXWns0mspWAVO0e8Ea3NMOfehAHIY6MFubUOS5WBCxvvHNdkvYa0Aabc7w
eLt2MV3FvQTY/IKiqOjXdmGGo2MYOW50nz8Q84/WjDsqoLfZEJpyq3fGyjcSp2+j
6sveNteB7Oyc4PbkZyGtR+cmcngabZlkdufbLd0X8cwUUTJ7ToptHrg=
-----END CERTIFICATE-----
Generated at Sun Jun 22 07:49:45 2025 by rpki-client