Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/F95W6BRwTgGSCS2AcxevTPNuJPY.roa
File: F95W6BRwTgGSCS2AcxevTPNuJPY.roa (raw, json)
Hash identifier: tcefGJ/SdiB+WOXrBpsPnd0WHHwigLTXl8ZzVA7ww78=
Subject key identifier: 17:DE:56:E8:14:70:4E:01:92:09:2D:80:73:17:AF:4C:F3:6E:24:F6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D03
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F95W6BRwTgGSCS2AcxevTPNuJPY.roa
Signing time: Wed 01 May 2024 06:23:37 +0000
ROA not before: Wed 01 May 2024 06:23:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19715 (0x4d03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 06:23:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=17DE56E814704E0192092D807317AF4CF36E24F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a4:31:4b:33:3a:5e:28:e8:44:dc:a3:e3:13:
d2:93:2b:58:00:ef:72:bd:97:69:3b:d6:ee:ab:68:
05:b4:78:d7:43:d4:ae:43:c9:6f:6e:dd:ef:9c:c0:
ed:99:7c:8c:a8:a1:7f:84:90:65:62:a5:a4:16:ad:
c0:6e:ee:3e:bb:cf:cb:7e:d1:55:e6:01:f0:8d:69:
1d:e8:44:1c:00:95:4b:98:33:fd:3e:38:30:fa:1d:
37:11:31:eb:80:62:93:1c:72:f9:f1:2e:d4:c7:5d:
ee:40:f7:e7:fd:aa:c5:6d:e8:e0:fe:ca:02:95:eb:
51:76:d6:92:bb:ea:33:a5:93:8a:92:45:a3:b1:75:
cc:72:24:ca:4d:c3:48:fb:9e:5b:c2:a8:69:dc:0d:
a9:75:a2:1f:63:2c:b3:96:a0:83:18:88:5a:49:46:
16:c8:b9:07:94:9a:a4:71:d4:09:6a:ad:68:30:67:
17:13:18:4d:75:b8:f8:cb:5e:3c:c5:1c:cc:f9:6e:
b0:0c:69:d4:db:3b:e3:4c:54:02:12:26:27:8f:e2:
e6:35:f9:fa:a6:8c:5f:aa:19:55:f8:47:c5:e4:39:
f0:07:1b:42:a6:ff:29:dd:40:b5:40:ae:76:f7:bf:
7b:67:94:37:e2:6b:1d:2f:33:6a:52:d7:a6:6c:00:
13:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:DE:56:E8:14:70:4E:01:92:09:2D:80:73:17:AF:4C:F3:6E:24:F6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F95W6BRwTgGSCS2AcxevTPNuJPY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
50:c5:36:0e:f0:34:15:9b:93:60:c4:87:28:07:a8:26:3d:09:
2d:54:dc:79:2d:6b:b7:a9:de:33:35:80:e6:83:60:83:5b:43:
93:d4:e7:87:b1:4c:a5:46:fb:df:67:1b:01:f4:d4:0c:61:85:
b9:7e:85:79:46:b0:f1:2a:b1:8f:ee:50:6f:32:e2:35:67:6d:
e6:a6:b2:52:c3:4b:71:9a:89:41:f1:cb:bf:19:5d:88:85:e3:
1a:e6:88:f3:82:f5:08:66:5a:a6:37:e3:ed:c5:1a:a3:11:c8:
41:05:d0:b7:48:9d:19:7f:eb:d9:f0:5c:0a:f2:71:9d:31:28:
c6:be:75:88:66:1d:87:16:53:48:45:f4:1c:dd:a0:ee:11:7a:
11:60:29:5a:5d:fb:a6:89:74:11:44:70:fd:12:31:45:44:af:
3e:44:55:40:d3:d9:8d:1f:5a:fa:e0:64:16:33:4d:61:e4:e5:
0c:54:9e:e5:d4:81:e5:b9:b3:ec:79:27:ae:51:71:79:14:fa:
29:8b:99:ef:db:11:ac:22:56:22:80:61:27:73:d7:ad:68:66:
c9:d5:50:bb:48:3c:8a:b9:cc:d8:a4:60:67:a8:83:f3:e2:c7:
e0:84:5e:ac:17:2e:f8:99:78:64:f8:e6:a6:88:c2:28:4e:03:
3a:ea:02:94
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTQMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEw
NjIzMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE3REU1NkU4MTQ3MDRF
MDE5MjA5MkQ4MDczMTdBRjRDRjM2RTI0RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCppDFLMzpeKOhE3KPjE9KTK1gA73K9l2k71u6raAW0eNdD1K5D
yW9u3e+cwO2ZfIyooX+EkGVipaQWrcBu7j67z8t+0VXmAfCNaR3oRBwAlUuYM/0+
ODD6HTcRMeuAYpMccvnxLtTHXe5A9+f9qsVt6OD+ygKV61F21pK76jOlk4qSRaOx
dcxyJMpNw0j7nlvCqGncDal1oh9jLLOWoIMYiFpJRhbIuQeUmqRx1AlqrWgwZxcT
GE11uPjLXjzFHMz5brAMadTbO+NMVAISJieP4uY1+fqmjF+qGVX4R8XkOfAHG0Km
/yndQLVArnb3v3tnlDfiax0vM2pS16ZsABPfAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUF95W6BRwTgGSCS2AcxevTPNuJPYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Y5NVc2QlJ3VGdHU0NT
MkFjeGV2VFBOdUpQWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFDFNg7wNBWbk2DEhygHqCY9CS1U3Hkt
a7ep3jM1gOaDYINbQ5PU54exTKVG+99nGwH01Axhhbl+hXlGsPEqsY/uUG8y4jVn
beamslLDS3GaiUHxy78ZXYiF4xrmiPOC9QhmWqY34+3FGqMRyEEF0LdInRl/69nw
XArycZ0xKMa+dYhmHYcWU0hF9BzdoO4RehFgKVpd+6aJdBFEcP0SMUVErz5EVUDT
2Y0fWvrgZBYzTWHk5QxUnuXUgeW5s+x5J65RcXkU+imLme/bEawiViKAYSdz161o
ZsnVULtIPIq5zNikYGeog/Pix+CEXqwXLviZeGT45qaIwihOAzrqApQ=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:24:41 2025 by rpki-client