Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Owoyy4PYomrFKf0DfMNT0rzzaK8.roa
File: Owoyy4PYomrFKf0DfMNT0rzzaK8.roa (raw, json)
Hash identifier: DJ/GIzpe47hFp1urhExb8fb9kIv+x8rmh332dbhMfNA=
Subject key identifier: 3B:0A:32:CB:83:D8:A2:6A:C5:29:FD:03:7C:C3:53:D2:BC:F3:68:AF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5553
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Owoyy4PYomrFKf0DfMNT0rzzaK8.roa
Signing time: Sun 12 May 2024 08:24:06 +0000
ROA not before: Sun 12 May 2024 08:24:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21843 (0x5553)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 08:24:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3B0A32CB83D8A26AC529FD037CC353D2BCF368AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:34:31:cb:aa:e7:ed:09:28:95:19:44:34:08:
a3:f2:96:a8:cb:21:57:fd:ef:1c:83:d7:ee:55:9d:
14:90:04:86:17:4a:7c:ce:d3:61:d4:28:03:a7:63:
90:a9:c9:72:24:9b:b5:f9:64:a3:ba:03:0f:90:99:
c6:de:7e:36:23:fd:23:26:67:a5:fc:ae:50:a7:3e:
d9:0f:19:b6:69:d3:3c:7b:22:4b:17:dc:46:55:a5:
fc:89:22:6a:21:5a:58:ca:7a:41:27:2f:30:28:13:
49:c1:2f:a9:01:28:8f:0b:a7:b0:6d:2e:ef:db:d0:
94:d0:e9:a2:5e:bd:3d:22:25:27:39:79:6d:42:fa:
fb:df:3f:26:cd:c0:05:cf:45:54:f7:53:79:35:97:
1d:f5:0f:07:39:27:ed:de:e6:a5:19:cc:ec:12:09:
4b:7e:4e:ba:43:fd:84:5c:b8:3c:c2:10:6a:62:f8:
83:d1:ec:dd:2d:66:dc:12:28:e8:ef:1c:4c:ca:98:
ab:59:02:18:b7:46:9b:bc:82:0f:b4:ef:fb:35:27:
a6:4f:07:80:d8:10:1e:fd:ed:10:23:2b:7c:0b:54:
50:b4:b7:7a:74:f6:33:ca:18:68:4d:16:d7:49:97:
5b:ea:9c:39:7d:5a:97:97:be:e3:aa:45:a5:18:42:
fe:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:0A:32:CB:83:D8:A2:6A:C5:29:FD:03:7C:C3:53:D2:BC:F3:68:AF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Owoyy4PYomrFKf0DfMNT0rzzaK8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
47:f2:ae:27:83:6e:a9:68:71:20:0b:20:4b:d2:63:05:e8:1a:
db:ae:15:65:65:c0:21:60:75:68:1e:ee:b1:f3:89:df:94:6c:
b4:ad:36:6e:30:e1:ea:10:5f:99:f3:f7:71:fe:97:20:41:da:
a8:75:f5:75:98:19:aa:57:2b:d0:84:f2:ae:a5:06:8d:c2:d7:
00:72:94:ce:dd:4d:f3:93:56:fd:bb:ab:c5:b0:34:26:94:59:
21:4e:de:e5:81:c3:2b:54:01:b9:fb:88:a8:ae:ce:dd:6f:6d:
96:d3:8b:d4:4b:05:28:fa:4f:0a:d9:a8:e2:9e:fa:42:cc:d6:
1a:b4:10:29:6f:c4:e1:8b:b6:e5:e3:a8:d4:59:a9:1a:30:8d:
b9:83:f8:dc:34:f5:67:c6:06:8e:ab:08:44:d7:14:87:c0:c7:
40:ca:c3:3d:45:0a:e4:4e:96:a1:5b:59:9c:f3:a2:99:b8:72:
ba:64:9d:15:b5:c3:75:ff:f7:09:2c:d6:e7:61:41:1f:05:e0:
09:7f:45:dc:a7:db:ee:3e:1e:49:70:62:d8:79:b8:69:29:1e:
11:73:b6:aa:31:23:c0:06:cd:d8:5c:f6:41:f3:5e:d5:59:06:
05:01:44:c8:cb:b2:7e:eb:a2:54:62:b8:70:d3:c4:4d:66:94:
d5:57:e7:f3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVVMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIw
ODI0MDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNCMEEzMkNCODNEOEEy
NkFDNTI5RkQwMzdDQzM1M0QyQkNGMzY4QUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8NDHLquftCSiVGUQ0CKPylqjLIVf97xyD1+5VnRSQBIYXSnzO
02HUKAOnY5CpyXIkm7X5ZKO6Aw+QmcbefjYj/SMmZ6X8rlCnPtkPGbZp0zx7IksX
3EZVpfyJImohWljKekEnLzAoE0nBL6kBKI8Lp7BtLu/b0JTQ6aJevT0iJSc5eW1C
+vvfPybNwAXPRVT3U3k1lx31Dwc5J+3e5qUZzOwSCUt+TrpD/YRcuDzCEGpi+IPR
7N0tZtwSKOjvHEzKmKtZAhi3Rpu8gg+07/s1J6ZPB4DYEB797RAjK3wLVFC0t3p0
9jPKGGhNFtdJl1vqnDl9WpeXvuOqRaUYQv4vAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOwoyy4PYomrFKf0DfMNT0rzzaK8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L093b3l5NFBZb21yRktm
MERmTU5UMHJ6emFLOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEfyrieDbqlocSALIEvSYwXoGtuuFWVl
wCFgdWge7rHzid+UbLStNm4w4eoQX5nz93H+lyBB2qh19XWYGapXK9CE8q6lBo3C
1wBylM7dTfOTVv27q8WwNCaUWSFO3uWBwytUAbn7iKiuzt1vbZbTi9RLBSj6TwrZ
qOKe+kLM1hq0EClvxOGLtuXjqNRZqRowjbmD+Nw09WfGBo6rCETXFIfAx0DKwz1F
CuROlqFbWZzzopm4crpknRW1w3X/9wks1udhQR8F4Al/Rdyn2+4+HklwYth5uGkp
HhFztqoxI8AGzdhc9kHzXtVZBgUBRMjLsn7rolRiuHDTxE1mlNVX5/M=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:37:50 2025 by rpki-client