Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/HWniGIrRJuuJ1o1rc3bH__SIO6k.roa
File: HWniGIrRJuuJ1o1rc3bH__SIO6k.roa (raw, json)
Hash identifier: xds4IqbVbuopLEN38agjcXTv3Mps/8vJiw3/ezzsZRI=
Subject key identifier: 1D:69:E2:18:8A:D1:26:EB:89:D6:8D:6B:73:76:C7:FF:F4:88:3B:A9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35D7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HWniGIrRJuuJ1o1rc3bH__SIO6k.roa
Signing time: Sun 31 Mar 2024 08:52:15 +0000
ROA not before: Sun 31 Mar 2024 08:52:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13783 (0x35d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 08:52:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1D69E2188AD126EB89D68D6B7376C7FFF4883BA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2c:b9:83:55:83:2c:03:fd:35:59:95:30:cd:
7a:b5:6e:67:45:ba:54:3a:fd:45:c3:16:2e:ce:6f:
08:88:5f:24:f5:ed:4c:3d:71:cb:48:52:75:f4:19:
6c:eb:98:5c:32:9b:8d:8f:ea:13:68:13:65:91:14:
e5:93:c9:56:c3:87:5a:3f:50:19:e4:e2:16:34:35:
b9:67:3e:cd:69:27:1c:f5:29:21:9c:8f:28:12:5a:
df:04:e7:3f:c4:b9:42:b3:d7:79:74:5b:d7:d3:9a:
8c:5c:81:42:09:3b:d5:56:16:f0:b5:11:04:1a:1d:
ff:81:05:19:5d:a3:be:84:a4:a0:30:72:74:6a:67:
6e:29:7d:0b:f5:54:4b:55:f5:58:4f:86:65:5c:1e:
49:07:e2:ce:ec:c1:16:2d:c8:10:99:f6:1e:7a:a4:
f8:23:d0:93:8f:7f:6c:80:cb:3f:3d:60:36:eb:b4:
a9:23:c5:e9:aa:66:49:3a:a7:9a:58:97:84:b9:45:
a7:5d:32:0c:cf:d1:bf:3f:b2:33:b0:58:42:4e:43:
c9:76:9f:08:24:cd:ee:2d:0e:f1:51:48:73:4d:27:
7b:ba:5b:3f:04:46:ec:28:e9:9a:30:8d:d0:90:ba:
26:49:8a:32:23:23:13:6d:07:34:0b:10:2a:5d:bf:
18:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:69:E2:18:8A:D1:26:EB:89:D6:8D:6B:73:76:C7:FF:F4:88:3B:A9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HWniGIrRJuuJ1o1rc3bH__SIO6k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0c:fa:ab:ff:7c:12:ab:1e:02:bd:38:92:99:99:e3:b8:1e:65:
0c:bd:43:f1:fc:b2:af:14:3e:2a:24:c1:9b:0c:7c:b2:86:a8:
81:7f:fe:62:d6:55:b3:21:cf:69:db:34:89:45:ba:ca:a4:84:
c2:23:a5:57:e0:4f:1e:e5:a5:a2:67:d6:f3:45:4a:76:d6:73:
6b:b7:83:08:a0:8f:9a:52:16:7e:52:a1:c2:09:f3:4f:3e:81:
ac:59:19:df:7d:cb:fa:e3:4c:1a:05:fe:8c:f7:09:f5:ca:d3:
64:94:94:5e:c1:78:f1:88:70:b9:ec:1e:f9:34:4e:a2:f0:e2:
2c:15:06:53:d1:93:5d:67:a1:ca:6d:e2:47:f0:bc:ee:a2:86:
f8:4d:90:6b:a7:35:87:68:bb:ba:e9:58:2e:e1:45:01:3a:6f:
d1:dd:ff:48:f5:0e:2b:ca:7c:b3:42:0d:de:ef:28:58:87:e4:
3f:79:3d:14:6b:2f:61:37:b2:5b:f6:09:56:5d:0c:3b:8b:f3:
c4:34:2b:87:d9:51:1c:06:2a:23:53:c1:38:10:00:15:e8:da:
a8:ed:8a:0a:f7:af:35:dd:ef:b2:88:5a:8b:ec:e4:17:5c:7c:
2a:27:55:54:f2:69:1a:f5:4e:fc:e1:af:6a:80:1f:e3:76:25:
47:02:e2:1b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNdcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
ODUyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFENjlFMjE4OEFEMTI2
RUI4OUQ2OEQ2QjczNzZDN0ZGRjQ4ODNCQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiLLmDVYMsA/01WZUwzXq1bmdFulQ6/UXDFi7ObwiIXyT17Uw9
cctIUnX0GWzrmFwym42P6hNoE2WRFOWTyVbDh1o/UBnk4hY0NblnPs1pJxz1KSGc
jygSWt8E5z/EuUKz13l0W9fTmoxcgUIJO9VWFvC1EQQaHf+BBRldo76EpKAwcnRq
Z24pfQv1VEtV9VhPhmVcHkkH4s7swRYtyBCZ9h56pPgj0JOPf2yAyz89YDbrtKkj
xemqZkk6p5pYl4S5RaddMgzP0b8/sjOwWEJOQ8l2nwgkze4tDvFRSHNNJ3u6Wz8E
Ruwo6ZowjdCQuiZJijIjIxNtBzQLECpdvxjPAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUHWniGIrRJuuJ1o1rc3bH//SIO6kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0hXbmlHSXJSSnV1SjFv
MXJjM2JIX19TSU82ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAz6q/98EqseAr04kpmZ47geZQy9Q/H8
sq8UPiokwZsMfLKGqIF//mLWVbMhz2nbNIlFusqkhMIjpVfgTx7lpaJn1vNFSnbW
c2u3gwigj5pSFn5SocIJ808+gaxZGd99y/rjTBoF/oz3CfXK02SUlF7BePGIcLns
Hvk0TqLw4iwVBlPRk11nocpt4kfwvO6ihvhNkGunNYdou7rpWC7hRQE6b9Hd/0j1
DivKfLNCDd7vKFiH5D95PRRrL2E3slv2CVZdDDuL88Q0K4fZURwGKiNTwTgQABXo
2qjtigr3rzXd77KIWovs5BdcfConVVTyaRr1Tvzhr2qAH+N2JUcC4hs=
-----END CERTIFICATE-----
Generated at Sat Jun 21 03:27:42 2025 by rpki-client