Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UDlLN7vKtWnvA4YhLGsiHbMWlU0.roa
File: UDlLN7vKtWnvA4YhLGsiHbMWlU0.roa (raw, json)
Hash identifier: EVcoSIyC778Q7w3CaFs8E2PtrevS1hNW348RNsu3h04=
Subject key identifier: 50:39:4B:37:BB:CA:B5:69:EF:03:86:21:2C:6B:22:1D:B3:16:95:4D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 368F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UDlLN7vKtWnvA4YhLGsiHbMWlU0.roa
Signing time: Mon 01 Apr 2024 07:52:13 +0000
ROA not before: Mon 01 Apr 2024 07:52:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13967 (0x368f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 07:52:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=50394B37BBCAB569EF0386212C6B221DB316954D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:87:da:04:e5:f5:23:c4:dd:46:3d:f1:ce:33:
87:01:e4:e6:20:1f:6d:b8:02:a6:92:8f:d7:28:9f:
df:16:a0:d9:39:2c:a7:a4:e8:33:65:e9:93:8b:c3:
4d:6a:0a:b3:8c:59:96:09:b4:8f:d6:92:36:06:2a:
3e:d0:be:e3:b3:25:86:7b:39:2d:56:6f:d4:3c:48:
d4:66:57:a2:c4:6e:15:31:13:26:8b:3a:7a:75:36:
e0:34:e7:5a:67:3a:89:96:5a:8e:63:e3:98:d1:d5:
91:5d:de:b5:fd:34:3b:0f:55:e7:b5:8e:89:28:fc:
5b:87:e1:35:98:3d:8e:b4:d7:4b:1d:0e:3f:ab:f3:
3e:6e:1d:25:ad:6e:e0:fd:ca:a1:1b:a2:7a:4f:63:
1f:4e:47:28:9b:7e:31:a8:9f:16:87:44:8a:3c:a2:
f3:5e:76:73:ee:ad:c8:5d:cc:97:a0:a2:66:ef:18:
85:76:e4:f5:93:ac:82:0b:57:23:9b:a6:aa:76:8d:
52:6d:64:67:40:5e:ce:77:de:d7:d7:68:a0:42:cd:
4a:16:24:0a:68:bd:19:51:7c:f0:56:24:ce:1a:d5:
4d:17:51:e2:30:a2:2e:70:2f:40:33:d5:47:1e:13:
53:03:ed:bd:43:87:ef:05:06:82:82:2f:d6:11:ae:
02:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:39:4B:37:BB:CA:B5:69:EF:03:86:21:2C:6B:22:1D:B3:16:95:4D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UDlLN7vKtWnvA4YhLGsiHbMWlU0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b8:7b:b8:4d:19:6d:3e:90:5c:6b:fe:b2:26:98:98:d6:a6:a8:
48:b0:89:a0:f6:eb:9e:ad:83:4f:5d:6a:20:db:25:1b:6a:9a:
df:16:2e:23:8b:8e:b7:d3:8a:86:d0:65:b2:e8:18:27:10:85:
1b:12:bc:c9:96:83:ab:18:30:84:2f:97:e4:f6:ba:7f:b6:04:
b6:47:70:2a:4d:c6:81:a2:65:83:e6:df:d6:a3:c1:bd:10:37:
af:98:e3:23:75:a2:63:4e:5d:21:8e:05:43:56:32:45:66:6b:
9e:b1:0a:ad:7c:30:92:8a:14:74:83:d7:bb:58:43:30:8b:e8:
34:f9:9f:c6:63:d1:a6:38:76:c0:34:57:ee:12:c3:26:7c:18:
8d:0c:21:3b:cb:bb:a9:1c:47:12:2a:90:27:dc:f9:de:ba:2d:
49:c6:e1:b9:6d:2f:ae:23:65:65:ba:a9:2a:c7:31:e2:ad:70:
af:96:41:bc:ae:ea:51:17:3e:95:c2:fa:04:e7:e2:a6:eb:13:
62:cc:6f:ca:80:1e:cd:da:da:26:a5:0e:87:c8:ec:3d:68:43:
04:25:b5:5d:c7:81:cd:2d:bd:50:86:5e:8a:55:e4:fd:f4:f6:
f8:86:42:f1:36:12:e3:d0:b0:dc:81:84:96:31:46:80:c7:ba:
f7:b0:da:72
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNo8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEw
NzUyMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUwMzk0QjM3QkJDQUI1
NjlFRjAzODYyMTJDNkIyMjFEQjMxNjk1NEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZh9oE5fUjxN1GPfHOM4cB5OYgH224AqaSj9con98WoNk5LKek
6DNl6ZOLw01qCrOMWZYJtI/WkjYGKj7QvuOzJYZ7OS1Wb9Q8SNRmV6LEbhUxEyaL
Onp1NuA051pnOomWWo5j45jR1ZFd3rX9NDsPVee1joko/FuH4TWYPY6010sdDj+r
8z5uHSWtbuD9yqEbonpPYx9ORyibfjGonxaHRIo8ovNednPurchdzJegombvGIV2
5PWTrIILVyObpqp2jVJtZGdAXs533tfXaKBCzUoWJApovRlRfPBWJM4a1U0XUeIw
oi5wL0Az1UceE1MD7b1Dh+8FBoKCL9YRrgINAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUDlLN7vKtWnvA4YhLGsiHbMWlU0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VEbExON3ZLdFdudkE0
WWhMR3NpSGJNV2xVMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALh7uE0ZbT6QXGv+siaYmNamqEiwiaD2
656tg09daiDbJRtqmt8WLiOLjrfTiobQZbLoGCcQhRsSvMmWg6sYMIQvl+T2un+2
BLZHcCpNxoGiZYPm39ajwb0QN6+Y4yN1omNOXSGOBUNWMkVma56xCq18MJKKFHSD
17tYQzCL6DT5n8Zj0aY4dsA0V+4SwyZ8GI0MITvLu6kcRxIqkCfc+d66LUnG4blt
L64jZWW6qSrHMeKtcK+WQbyu6lEXPpXC+gTn4qbrE2LMb8qAHs3a2ialDofI7D1o
QwQltV3Hgc0tvVCGXopV5P309viGQvE2EuPQsNyBhJYxRoDHuvew2nI=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:35:54 2025 by rpki-client