Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TQE6GuTCsHqzDJ742cSQky3RCyg.roa
File: TQE6GuTCsHqzDJ742cSQky3RCyg.roa (raw, json)
Hash identifier: Pujy2zxuV7pN3Wxc09P0FyRO5HuXxAuh26+gKJ5xNR4=
Subject key identifier: 4D:01:3A:1A:E4:C2:B0:7A:B3:0C:9E:F8:D9:C4:90:93:2D:D1:0B:28
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33FF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TQE6GuTCsHqzDJ742cSQky3RCyg.roa
Signing time: Thu 28 Mar 2024 21:52:09 +0000
ROA not before: Thu 28 Mar 2024 21:52:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13311 (0x33ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 21:52:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4D013A1AE4C2B07AB30C9EF8D9C490932DD10B28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c1:7c:f5:b8:5d:d6:e4:c0:e5:ea:3e:1f:a4:
d2:48:dc:49:17:3a:93:94:10:db:b3:51:12:7b:2d:
82:aa:c1:6a:f8:5e:46:df:13:29:c7:5d:68:18:a7:
7d:ba:2f:a3:73:d8:4d:3b:46:bc:00:1b:b9:fd:63:
15:ca:10:1a:cb:40:25:7e:ad:b3:ac:b5:d1:5c:19:
58:a1:7d:8d:17:37:bd:6d:56:28:f5:55:9a:ad:25:
93:19:89:b0:70:88:5d:ea:16:87:2c:1e:a0:dc:5c:
43:8b:1e:d7:53:f2:0a:af:a6:6d:d9:6a:ac:eb:43:
82:c5:d0:22:bf:10:ed:c1:40:2c:cd:9e:bf:97:94:
62:78:5e:1b:4f:40:80:e6:6d:15:ac:b1:4b:fc:88:
9a:aa:2e:b5:c9:8b:46:b2:f7:e5:33:ac:c3:2e:0c:
54:7c:72:cf:64:2d:23:f5:35:8d:f9:30:64:6c:3a:
c5:32:66:08:02:0b:b7:d6:51:c2:44:8d:09:f5:77:
cb:ee:dc:36:3c:49:8b:cc:02:26:fc:e5:92:a4:00:
f4:2c:81:0c:b7:37:b7:ce:3f:df:5a:0c:da:ff:25:
e6:26:32:78:fc:7f:2e:65:5e:f0:35:df:0e:45:27:
68:95:85:1d:96:3e:4c:e3:06:ca:55:0b:1b:58:c9:
8b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:01:3A:1A:E4:C2:B0:7A:B3:0C:9E:F8:D9:C4:90:93:2D:D1:0B:28
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TQE6GuTCsHqzDJ742cSQky3RCyg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3e:87:10:1d:55:65:bf:43:67:01:e7:c2:8d:43:1b:6a:2a:88:
de:15:eb:4a:5d:2b:ff:8f:b1:2d:9a:79:42:37:9b:79:eb:e6:
3f:8e:d8:f4:07:93:57:f3:94:b2:30:14:b0:82:8b:a1:a7:2a:
5e:1a:1c:e1:7c:77:3e:47:88:9c:21:92:d1:fd:97:3c:dd:af:
01:de:3f:ce:d2:d6:29:e5:79:13:b6:d4:6e:18:55:00:81:aa:
04:52:d3:d8:79:25:8a:37:94:b3:c5:84:d2:60:e4:ff:50:e6:
9d:55:fc:f0:84:f5:14:16:21:a1:06:1a:32:3c:a3:b6:af:96:
f7:83:a0:5d:3e:5f:a1:45:94:be:ac:24:73:8c:0d:fa:51:ce:
b8:4b:06:37:15:c0:0e:2e:28:32:0b:a1:63:6e:0d:cf:d7:10:
b7:a0:39:09:d1:c3:54:42:80:d2:cc:05:b6:c5:34:0f:ce:f5:
5b:99:00:55:c6:02:fe:e6:82:65:e5:c9:7c:c3:87:c4:26:e6:
9e:2f:70:78:40:8f:28:1a:82:ee:90:32:21:f5:61:22:75:30:
32:95:a2:51:e7:58:4b:9c:2c:6d:b8:a0:69:26:b2:1a:67:ae:
b9:ee:93:d6:f0:6c:0a:a0:4e:b7:dd:9d:5d:b5:4c:4f:1f:52:
1d:89:01:4f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICM/8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgy
MTUyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDREMDEzQTFBRTRDMkIw
N0FCMzBDOUVGOEQ5QzQ5MDkzMkREMTBCMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSwXz1uF3W5MDl6j4fpNJI3EkXOpOUENuzURJ7LYKqwWr4Xkbf
EynHXWgYp326L6Nz2E07RrwAG7n9YxXKEBrLQCV+rbOstdFcGVihfY0XN71tVij1
VZqtJZMZibBwiF3qFocsHqDcXEOLHtdT8gqvpm3ZaqzrQ4LF0CK/EO3BQCzNnr+X
lGJ4XhtPQIDmbRWssUv8iJqqLrXJi0ay9+UzrMMuDFR8cs9kLSP1NY35MGRsOsUy
ZggCC7fWUcJEjQn1d8vu3DY8SYvMAib85ZKkAPQsgQy3N7fOP99aDNr/JeYmMnj8
fy5lXvA13w5FJ2iVhR2WPkzjBspVCxtYyYsxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUTQE6GuTCsHqzDJ742cSQky3RCygwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RRRTZHdVRDc0hxekRK
NzQyY1NRa3kzUkN5Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAD6HEB1VZb9DZwHnwo1DG2oqiN4V60pd
K/+PsS2aeUI3m3nr5j+O2PQHk1fzlLIwFLCCi6GnKl4aHOF8dz5HiJwhktH9lzzd
rwHeP87S1inleRO21G4YVQCBqgRS09h5JYo3lLPFhNJg5P9Q5p1V/PCE9RQWIaEG
GjI8o7avlveDoF0+X6FFlL6sJHOMDfpRzrhLBjcVwA4uKDILoWNuDc/XELegOQnR
w1RCgNLMBbbFNA/O9VuZAFXGAv7mgmXlyXzDh8Qm5p4vcHhAjygagu6QMiH1YSJ1
MDKVolHnWEucLG24oGkmshpnrrnuk9bwbAqgTrfdnV21TE8fUh2JAU8=
-----END CERTIFICATE-----
Generated at Sun Jun 22 13:29:37 2025 by rpki-client