Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UUpzNPJzjhbjXa66jBjQQaV_L7c.roa
File: UUpzNPJzjhbjXa66jBjQQaV_L7c.roa (raw, json)
Hash identifier: J5jLFE8K036Xea1nPWvXCK9oqcVIKwmD47rFBQ2Yyn0=
Subject key identifier: 51:4A:73:34:F2:73:8E:16:E3:5D:AE:BA:8C:18:D0:41:A5:7F:2F:B7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 402B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UUpzNPJzjhbjXa66jBjQQaV_L7c.roa
Signing time: Sun 14 Apr 2024 03:22:52 +0000
ROA not before: Sun 14 Apr 2024 03:22:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16427 (0x402b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 03:22:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=514A7334F2738E16E35DAEBA8C18D041A57F2FB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fb:41:b9:ba:6d:b8:db:30:6f:68:ea:99:59:
d6:e9:2b:71:cd:4d:6d:5f:6b:30:80:50:43:77:e5:
96:3f:00:ef:62:79:f2:2e:70:18:27:fb:be:f3:3e:
29:2b:ee:0d:6e:a5:68:95:56:46:f0:38:ae:42:92:
52:98:3e:cc:16:86:a5:84:d2:04:20:ec:80:92:ce:
4e:2a:53:2e:df:39:33:91:78:25:7d:1f:a9:30:bd:
fa:88:4c:71:cb:99:ff:eb:b4:fc:03:1d:87:9b:78:
51:f8:e2:69:f0:af:8e:35:db:b7:da:0e:5d:be:ed:
30:45:c2:e4:d3:23:68:8f:ce:50:1a:5a:78:25:3b:
03:4a:0a:12:cf:e1:0d:10:9e:ba:03:a3:35:04:94:
b7:fd:6b:09:8b:2c:33:de:de:d9:0a:1b:3e:12:fb:
29:41:7c:cc:8e:93:7b:bd:3b:8f:5a:d1:78:e5:2c:
b8:02:92:ea:78:46:07:78:08:fe:ae:1a:f4:f3:dc:
f3:4b:be:fb:33:9b:d9:26:3f:10:f0:64:0d:4a:5a:
f4:63:c8:e3:66:e7:99:06:1e:c8:9c:b4:7a:1b:dc:
9b:66:2d:4c:2f:6f:4f:47:4e:ec:8a:07:4e:32:e8:
55:4f:ae:7a:3a:34:e2:ff:c5:40:95:c3:6e:19:de:
50:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:4A:73:34:F2:73:8E:16:E3:5D:AE:BA:8C:18:D0:41:A5:7F:2F:B7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UUpzNPJzjhbjXa66jBjQQaV_L7c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
81:62:da:38:96:08:45:07:60:a7:41:ec:44:f0:37:cb:56:c6:
4e:94:7b:a6:10:1e:e6:79:d9:2c:f5:6e:0c:6f:a9:62:5e:ad:
60:7b:67:8b:0a:42:aa:55:1f:de:2c:71:83:32:be:0b:d2:b6:
ad:65:22:35:61:6b:27:e2:65:7a:75:a9:58:1a:7f:17:66:86:
82:26:cf:69:96:e6:a1:88:cf:14:5e:f4:1e:b5:32:79:7c:25:
d9:27:c0:df:af:ea:54:cc:28:f0:86:2f:69:fc:80:b1:fa:d9:
65:8e:3a:49:8a:9a:e0:b0:42:e5:19:32:6c:ba:1a:d2:46:ed:
12:5d:09:f7:6d:31:91:a4:b1:40:32:31:9a:58:cc:04:28:e5:
c3:61:0a:f2:44:f3:fe:3c:14:22:da:4a:bc:fc:bf:66:61:be:
9a:3f:54:14:09:5c:c4:d0:ff:4e:83:27:c4:0d:f1:1d:25:5f:
d9:1e:d1:2d:58:c4:78:a9:38:66:f3:0d:7b:3b:03:ac:5c:28:
c3:b3:18:70:8b:2a:32:44:11:f3:2a:9a:44:c3:88:70:59:b6:
c2:6b:3f:7d:4e:4b:34:c6:96:4d:3f:ae:c3:31:1f:e7:c8:da:
cd:59:31:ac:4b:38:5d:b1:f6:2b:16:3d:b3:b1:4b:f1:01:ff:
db:c4:84:c6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQCswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
MzIyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUxNEE3MzM0RjI3MzhF
MTZFMzVEQUVCQThDMThEMDQxQTU3RjJGQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH+0G5um242zBvaOqZWdbpK3HNTW1fazCAUEN35ZY/AO9iefIu
cBgn+77zPikr7g1upWiVVkbwOK5CklKYPswWhqWE0gQg7ICSzk4qUy7fOTOReCV9
H6kwvfqITHHLmf/rtPwDHYebeFH44mnwr44127faDl2+7TBFwuTTI2iPzlAaWngl
OwNKChLP4Q0QnroDozUElLf9awmLLDPe3tkKGz4S+ylBfMyOk3u9O49a0XjlLLgC
kup4Rgd4CP6uGvTz3PNLvvszm9kmPxDwZA1KWvRjyONm55kGHsictHob3JtmLUwv
b09HTuyKB04y6FVPrno6NOL/xUCVw24Z3lAZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUUpzNPJzjhbjXa66jBjQQaV/L7cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VVcHpOUEp6amhialhh
NjZqQmpRUWFWX0w3Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIFi2jiWCEUHYKdB7ETwN8tWxk6Ue6YQ
HuZ52Sz1bgxvqWJerWB7Z4sKQqpVH94scYMyvgvStq1lIjVhayfiZXp1qVgafxdm
hoImz2mW5qGIzxRe9B61Mnl8JdknwN+v6lTMKPCGL2n8gLH62WWOOkmKmuCwQuUZ
Mmy6GtJG7RJdCfdtMZGksUAyMZpYzAQo5cNhCvJE8/48FCLaSrz8v2Zhvpo/VBQJ
XMTQ/06DJ8QN8R0lX9ke0S1YxHipOGbzDXs7A6xcKMOzGHCLKjJEEfMqmkTDiHBZ
tsJrP31OSzTGlk0/rsMxH+fI2s1ZMaxLOF2x9isWPbOxS/EB/9vEhMY=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:47:12 2025 by rpki-client