Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GCh1p1WZGv2qrgzUUpotTTsQLRg.roa
File: GCh1p1WZGv2qrgzUUpotTTsQLRg.roa (raw, json)
Hash identifier: rGiLuE+ve1gMPuYfhhhqG5M+fM6ViI2v87frLUczBCo=
Subject key identifier: 18:28:75:A7:55:99:1A:FD:AA:AE:0C:D4:52:9A:2D:4D:3B:10:2D:18
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 334B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GCh1p1WZGv2qrgzUUpotTTsQLRg.roa
Signing time: Wed 27 Mar 2024 23:22:00 +0000
ROA not before: Wed 27 Mar 2024 23:22:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13131 (0x334b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 23:22:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=182875A755991AFDAAAE0CD4529A2D4D3B102D18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:81:28:6c:14:7d:26:87:2c:30:1a:80:d9:e1:
f8:de:52:ab:26:b1:9b:72:49:6e:0d:e6:bf:b2:67:
21:85:ee:77:e9:8d:1d:90:39:2f:82:c1:92:d6:39:
17:d6:bd:0a:21:73:0a:5a:ed:8e:f9:33:35:18:41:
8b:7e:58:4d:fb:31:75:7d:70:63:c2:ab:0e:ce:48:
a4:17:74:82:bf:0b:b2:eb:25:c6:f0:08:b8:96:51:
30:ff:f6:02:fe:7d:26:7c:5e:92:e3:c7:fa:51:0f:
bd:a8:ee:10:56:c2:b3:ba:9e:9f:f8:e6:82:ff:48:
36:38:18:81:58:5a:3c:c8:d0:31:03:20:21:c8:8f:
c0:9e:ef:60:79:ab:8d:e3:5b:a2:21:ce:4b:1c:5f:
14:6b:21:2f:74:22:f9:79:2a:f4:9a:73:0b:55:2d:
bb:eb:11:f0:d5:db:ac:50:ba:bb:0a:79:ab:2e:19:
d6:94:82:88:9d:d8:4f:90:44:d4:5d:6b:bf:5f:ee:
b3:e4:a7:f4:bc:28:59:9f:cd:fb:95:c0:c3:44:f0:
56:6c:16:13:f3:75:3e:6b:e1:81:91:c1:a5:af:1c:
d6:97:dc:0a:7a:14:c3:84:49:27:12:e7:55:d3:43:
b5:5e:80:cb:0b:ec:2d:a3:c0:a6:ca:af:86:b7:b4:
b2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:28:75:A7:55:99:1A:FD:AA:AE:0C:D4:52:9A:2D:4D:3B:10:2D:18
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GCh1p1WZGv2qrgzUUpotTTsQLRg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5e:9c:5b:15:90:e3:29:8e:2d:7b:01:e1:28:23:7b:79:82:b8:
82:78:d2:20:be:e2:bf:b4:71:4f:7e:7b:33:ab:a1:81:d1:6c:
bc:a1:7e:20:9f:db:21:85:fc:02:15:a7:ee:c9:dd:75:75:eb:
02:46:4f:eb:ad:4b:8a:c9:17:34:50:3c:30:4d:9e:79:33:b6:
65:b8:a5:55:6b:da:14:18:12:7e:04:e3:70:1b:6b:35:e1:29:
53:00:7d:76:e1:e3:4a:ec:b8:eb:e6:d6:f9:91:05:d4:a0:fb:
ca:3c:c5:42:bd:b5:0e:93:d1:e8:f1:72:0d:0c:a6:62:6d:68:
95:df:e7:1a:b4:78:17:47:88:01:8d:58:1a:57:19:12:63:3a:
63:ae:c4:29:62:63:a4:7b:69:cc:32:5a:cc:5b:0b:97:ef:ed:
59:46:22:fa:fb:38:da:a7:fb:de:e1:88:ca:0a:03:71:b8:52:
79:39:47:42:8a:ed:87:03:5d:5c:e5:eb:4e:2b:8a:fd:67:8d:
0d:e9:3e:5a:67:79:1b:c6:70:98:c4:f3:39:91:4f:49:05:92:
df:39:0f:7e:a6:06:f4:a3:84:5a:29:07:31:3e:2d:9b:82:aa:
38:94:2f:56:86:b7:c3:2a:8c:5e:b2:c0:73:fc:e7:0e:85:b4:
f3:a7:9f:07
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICM0swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcy
MzIyMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4Mjg3NUE3NTU5OTFB
RkRBQUFFMENENDUyOUEyRDREM0IxMDJEMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkgShsFH0mhywwGoDZ4fjeUqsmsZtySW4N5r+yZyGF7nfpjR2Q
OS+CwZLWORfWvQohcwpa7Y75MzUYQYt+WE37MXV9cGPCqw7OSKQXdIK/C7LrJcbw
CLiWUTD/9gL+fSZ8XpLjx/pRD72o7hBWwrO6np/45oL/SDY4GIFYWjzI0DEDICHI
j8Ce72B5q43jW6IhzkscXxRrIS90Ivl5KvSacwtVLbvrEfDV26xQursKeasuGdaU
goid2E+QRNRda79f7rPkp/S8KFmfzfuVwMNE8FZsFhPzdT5r4YGRwaWvHNaX3Ap6
FMOESScS51XTQ7VegMsL7C2jwKbKr4a3tLL3AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUGCh1p1WZGv2qrgzUUpotTTsQLRgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dDaDFwMVdaR3YycXJn
elVVcG90VFRzUUxSZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAF6cWxWQ4ymOLXsB4Sgje3mCuIJ40iC+
4r+0cU9+ezOroYHRbLyhfiCf2yGF/AIVp+7J3XV16wJGT+utS4rJFzRQPDBNnnkz
tmW4pVVr2hQYEn4E43AbazXhKVMAfXbh40rsuOvm1vmRBdSg+8o8xUK9tQ6T0ejx
cg0MpmJtaJXf5xq0eBdHiAGNWBpXGRJjOmOuxCliY6R7acwyWsxbC5fv7VlGIvr7
ONqn+97hiMoKA3G4Unk5R0KK7YcDXVzl604riv1njQ3pPlpneRvGcJjE8zmRT0kF
kt85D36mBvSjhFopBzE+LZuCqjiUL1aGt8MqjF6ywHP85w6FtPOnnwc=
-----END CERTIFICATE-----
Generated at Sat Jun 21 02:21:50 2025 by rpki-client