Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RT0RygE0lNWkMF0ymvh1QMjaceQ.roa
File: RT0RygE0lNWkMF0ymvh1QMjaceQ.roa (raw, json)
Hash identifier: bna4SPGP7snMbNhZfjwquQTDkWW154FWindxLyuQxG0=
Subject key identifier: 45:3D:11:CA:01:34:94:D5:A4:30:5D:32:9A:F8:75:40:C8:DA:71:E4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47DF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RT0RygE0lNWkMF0ymvh1QMjaceQ.roa
Signing time: Wed 24 Apr 2024 09:53:17 +0000
ROA not before: Wed 24 Apr 2024 09:53:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18399 (0x47df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 09:53:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=453D11CA013494D5A4305D329AF87540C8DA71E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:74:48:10:2b:6d:8b:b1:7c:e5:7a:01:85:e3:
a1:0d:39:a5:da:56:1c:ac:c3:2e:1a:3a:4b:b1:ee:
16:11:21:b8:a2:3b:51:9e:e0:a7:77:02:67:53:7c:
8d:f8:97:cd:16:e8:3c:ad:53:b6:15:00:f1:d9:cd:
9a:9d:53:e6:92:06:b1:9d:a4:7d:d4:34:d2:b7:3a:
6c:b8:bc:15:5a:46:fc:2d:18:cf:b0:65:ac:c5:d7:
5b:7c:c1:a3:24:a5:f9:ef:55:4b:9e:2d:35:75:56:
be:de:8e:b7:0f:67:2e:a7:02:de:53:72:23:36:17:
56:8c:98:b8:d7:5d:01:8f:63:aa:b1:19:62:23:ec:
22:55:8e:a0:f0:5f:b8:68:a5:13:ad:1c:2e:82:41:
3f:25:b1:fe:0a:f0:b1:75:be:36:35:16:69:b0:ed:
86:0c:9c:4f:9c:87:0b:2d:4b:95:9e:dc:f4:20:97:
0c:4e:34:15:66:81:50:bb:f3:0a:39:c4:22:32:e7:
50:be:0d:39:8c:88:d3:98:dd:9f:8d:3a:ad:ee:ad:
be:90:2b:9c:a3:8e:60:f7:24:e3:46:23:08:b2:13:
22:a0:36:a4:38:cf:0e:15:24:0b:3e:d5:2c:9a:e2:
29:50:a2:6e:97:d0:51:1e:e2:9a:b7:21:af:40:2e:
b7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:3D:11:CA:01:34:94:D5:A4:30:5D:32:9A:F8:75:40:C8:DA:71:E4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RT0RygE0lNWkMF0ymvh1QMjaceQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6a:5c:b1:a0:5d:37:f2:33:7f:5c:6b:42:96:60:14:4c:26:c0:
98:63:18:e4:e7:1d:bb:5a:7a:c8:34:d6:0c:09:c6:b8:91:ca:
c5:8e:9a:e3:98:bd:37:d3:52:54:a2:f0:67:1d:b6:96:6a:c8:
6d:a1:ed:0f:ab:66:43:b2:58:8c:22:12:1a:c8:ba:15:89:85:
8c:e2:74:f0:38:35:fb:e4:24:3d:56:9d:eb:3f:e1:03:a6:58:
c8:f6:ba:ef:00:e1:12:bd:43:4d:f4:84:f5:94:e6:e3:2d:07:
80:b6:0f:3c:5e:75:be:3f:cf:d2:c9:38:73:4e:ba:7b:30:cd:
dd:2f:59:0d:e2:27:00:17:b6:b8:7f:91:e6:a9:1e:3f:79:63:
60:d0:4e:96:7b:fc:e0:41:bf:97:7c:9a:70:1a:75:62:55:9b:
f8:a3:f4:4e:6d:8c:50:9e:52:be:9e:60:28:3e:2f:c4:0a:58:
9f:6f:7c:3f:4c:2d:16:26:c9:be:5e:7f:65:a4:3f:79:5e:1c:
28:48:df:87:08:03:03:0f:bc:39:2d:82:eb:10:32:a1:53:9c:
c5:8f:65:a1:a5:e3:bd:6b:aa:a1:7f:60:e1:24:5e:c5:1f:12:
68:63:1b:b9:7d:bb:6c:03:dc:29:4a:65:ae:70:94:9b:62:95:
35:ed:0a:42
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICR98wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
OTUzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ1M0QxMUNBMDEzNDk0
RDVBNDMwNUQzMjlBRjg3NTQwQzhEQTcxRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsdEgQK22LsXzlegGF46ENOaXaVhyswy4aOkux7hYRIbiiO1Ge
4Kd3AmdTfI34l80W6DytU7YVAPHZzZqdU+aSBrGdpH3UNNK3Omy4vBVaRvwtGM+w
ZazF11t8waMkpfnvVUueLTV1Vr7ejrcPZy6nAt5TciM2F1aMmLjXXQGPY6qxGWIj
7CJVjqDwX7hopROtHC6CQT8lsf4K8LF1vjY1Fmmw7YYMnE+chwstS5We3PQglwxO
NBVmgVC78wo5xCIy51C+DTmMiNOY3Z+NOq3urb6QK5yjjmD3JONGIwiyEyKgNqQ4
zw4VJAs+1Sya4ilQom6X0FEe4pq3Ia9ALre9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQURT0RygE0lNWkMF0ymvh1QMjaceQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JUMFJ5Z0UwbE5Xa01G
MHltdmgxUU1qYWNlUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGpcsaBdN/Izf1xrQpZgFEwmwJhjGOTn
Hbtaesg01gwJxriRysWOmuOYvTfTUlSi8GcdtpZqyG2h7Q+rZkOyWIwiEhrIuhWJ
hYzidPA4NfvkJD1Wnes/4QOmWMj2uu8A4RK9Q030hPWU5uMtB4C2Dzxedb4/z9LJ
OHNOunswzd0vWQ3iJwAXtrh/keapHj95Y2DQTpZ7/OBBv5d8mnAadWJVm/ij9E5t
jFCeUr6eYCg+L8QKWJ9vfD9MLRYmyb5ef2WkP3leHChI34cIAwMPvDktgusQMqFT
nMWPZaGl471rqqF/YOEkXsUfEmhjG7l9u2wD3ClKZa5wlJtilTXtCkI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:55:49 2025 by rpki-client