Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GBzuHjgZXJjzi85CH0ZpNnFvJp8.roa
File: GBzuHjgZXJjzi85CH0ZpNnFvJp8.roa (raw, json)
Hash identifier: tnVJGQGIbuU82ZUlqcK82tQ+ief7anhrr+FU6OUPlTE=
Subject key identifier: 18:1C:EE:1E:38:19:5C:98:F3:8B:CE:42:1F:46:69:36:71:6F:26:9F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DE7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GBzuHjgZXJjzi85CH0ZpNnFvJp8.roa
Signing time: Thu 02 May 2024 10:53:45 +0000
ROA not before: Thu 02 May 2024 10:53:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19943 (0x4de7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 10:53:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=181CEE1E38195C98F38BCE421F466936716F269F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1a:81:3d:3f:2b:fd:a4:ca:32:e6:a6:71:1b:
2e:0f:8c:b7:1c:4f:c6:2a:6a:c6:a3:a8:cc:f7:78:
a1:02:f8:a4:99:cd:28:25:52:c5:91:c5:73:13:1f:
cb:5f:fd:97:1c:66:c6:75:8f:55:87:af:da:f4:14:
05:0f:3b:38:09:4a:eb:34:cb:a5:d4:91:ea:47:a4:
73:bb:c0:b0:bf:3a:5a:c1:41:3e:3a:fd:6a:37:7c:
86:72:a9:66:fb:ab:a2:15:bb:f6:a8:e2:27:69:64:
0a:cb:6e:ea:ac:53:8a:82:55:9d:8b:54:a8:fb:04:
2e:64:fe:d6:05:24:55:b6:c4:d4:fd:0b:5e:01:ad:
d8:f9:eb:2f:0a:13:e7:ec:95:b5:bf:e5:a3:fa:72:
ab:64:ad:1b:66:15:90:e1:44:23:de:a8:50:07:5f:
11:e4:0c:4d:81:8e:e7:c5:cf:38:f6:9d:a7:f4:2d:
8e:b2:c6:ec:36:1c:f7:3f:b5:0c:8b:e6:8d:06:f6:
92:71:5f:b0:5f:bf:91:1d:81:60:3d:38:34:3f:dd:
b2:c9:85:bd:77:29:01:0a:e2:18:bd:b9:8a:f8:77:
d6:d2:22:c3:b1:ab:48:b6:1d:81:a9:41:84:21:76:
ff:c6:03:6b:45:bc:69:03:cc:5e:5e:88:10:65:3f:
68:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:1C:EE:1E:38:19:5C:98:F3:8B:CE:42:1F:46:69:36:71:6F:26:9F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GBzuHjgZXJjzi85CH0ZpNnFvJp8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
88:00:5f:91:6b:e1:87:3f:1c:b0:af:a0:cf:6e:09:1d:c6:79:
56:a2:9a:c9:d9:1e:0c:05:d7:0c:5b:7e:f5:b7:1b:99:f0:27:
db:b1:96:f5:96:77:f1:3c:3a:2a:b6:87:4f:16:fd:8f:c1:96:
86:b6:47:60:42:10:18:ad:73:b8:c5:45:2d:d7:b8:6c:85:6d:
d9:3f:0b:2f:91:7c:d0:ef:2f:b2:36:df:cf:26:a7:ef:e8:70:
2c:07:e9:7a:45:fc:dd:25:18:8a:96:a6:4a:b3:ef:7a:e9:84:
af:ea:4f:fd:e3:de:cf:54:05:ff:11:d4:8c:0e:4d:65:0c:d0:
88:d5:a3:7d:e1:bf:72:26:d4:7d:0d:bb:cd:d9:c0:4b:44:4e:
da:f5:49:bc:10:57:81:bf:87:cc:ea:94:c8:23:92:91:48:27:
e0:cf:b2:1a:b7:2f:9f:73:77:08:62:c0:f2:97:bc:6b:a7:ad:
02:54:8f:63:43:dd:a9:05:a5:22:69:59:fa:48:d2:b7:94:0d:
4e:24:ea:f6:9b:51:c9:2c:83:de:25:99:ae:42:25:3d:27:a1:
d4:af:4b:14:5c:be:c9:23:f0:55:ab:49:85:2d:ce:e4:d7:43:
3d:e8:ed:4a:17:99:f1:9b:52:90:23:a5:ca:b0:59:e0:96:4f:
de:f0:61:b9
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTecwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIx
MDUzNDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4MUNFRTFFMzgxOTVD
OThGMzhCQ0U0MjFGNDY2OTM2NzE2RjI2OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4GoE9Pyv9pMoy5qZxGy4PjLccT8YqasajqMz3eKEC+KSZzSgl
UsWRxXMTH8tf/ZccZsZ1j1WHr9r0FAUPOzgJSus0y6XUkepHpHO7wLC/OlrBQT46
/Wo3fIZyqWb7q6IVu/ao4idpZArLbuqsU4qCVZ2LVKj7BC5k/tYFJFW2xNT9C14B
rdj56y8KE+fslbW/5aP6cqtkrRtmFZDhRCPeqFAHXxHkDE2BjufFzzj2naf0LY6y
xuw2HPc/tQyL5o0G9pJxX7Bfv5EdgWA9ODQ/3bLJhb13KQEK4hi9uYr4d9bSIsOx
q0i2HYGpQYQhdv/GA2tFvGkDzF5eiBBlP2jDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUGBzuHjgZXJjzi85CH0ZpNnFvJp8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dCenVIamdaWEpqemk4
NUNIMFpwTm5GdkpwOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIgAX5Fr4Yc/HLCvoM9uCR3GeVaimsnZ
HgwF1wxbfvW3G5nwJ9uxlvWWd/E8Oiq2h08W/Y/Bloa2R2BCEBitc7jFRS3XuGyF
bdk/Cy+RfNDvL7I2388mp+/ocCwH6XpF/N0lGIqWpkqz73rphK/qT/3j3s9UBf8R
1IwOTWUM0IjVo33hv3Im1H0Nu83ZwEtETtr1SbwQV4G/h8zqlMgjkpFIJ+DPshq3
L59zdwhiwPKXvGunrQJUj2ND3akFpSJpWfpI0reUDU4k6vabUcksg94lma5CJT0n
odSvSxRcvskj8FWrSYUtzuTXQz3o7UoXmfGbUpAjpcqwWeCWT97wYbk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 13:46:34 2025 by rpki-client