Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Utvg2iPk5V6n5Uwgs6Uj_ZCudGU.roa
File: Utvg2iPk5V6n5Uwgs6Uj_ZCudGU.roa (raw, json)
Hash identifier: omm05nhwHxom9+N9dwFGFCWAwWb6otIrF8N1b/BOOIg=
Subject key identifier: 52:DB:E0:DA:23:E4:E5:5E:A7:E5:4C:20:B3:A5:23:FD:90:AE:74:65
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5083
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Utvg2iPk5V6n5Uwgs6Uj_ZCudGU.roa
Signing time: Sun 05 May 2024 22:23:54 +0000
ROA not before: Sun 05 May 2024 22:23:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20611 (0x5083)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 22:23:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=52DBE0DA23E4E55EA7E54C20B3A523FD90AE7465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3b:3f:b7:16:97:71:e0:0a:21:0a:c8:44:48:
6b:a8:c8:55:c4:03:a9:07:2c:a4:ed:34:fe:a3:3a:
50:38:0f:49:1b:64:2e:ad:77:0f:65:fe:fa:52:9c:
34:31:e7:d8:a4:0f:5e:58:db:f5:36:be:67:e2:88:
87:04:17:0f:27:59:9f:ce:ba:48:d4:c4:b0:df:24:
bd:c4:37:66:3e:99:6a:79:cf:1f:5a:56:83:6c:bc:
14:4e:6d:ed:10:18:05:88:11:0f:e4:9b:7d:97:63:
c3:9d:d7:bf:62:cb:8c:e0:6d:da:13:14:0a:d7:65:
02:e0:68:d5:6d:2a:bc:33:aa:ce:69:12:f2:89:79:
2b:c2:65:98:68:13:9f:eb:76:0e:dc:70:48:0b:3f:
f2:eb:af:d2:bd:8b:d1:b5:f1:d0:b2:b1:06:77:3f:
7e:a1:4b:29:ff:47:08:a7:c9:b2:4a:9f:87:b1:86:
3a:44:8a:3e:71:24:d6:ed:66:0c:21:c3:07:cf:ee:
97:a7:33:1a:78:84:73:38:53:60:8d:c7:4b:63:58:
63:ac:5c:2f:61:30:0d:3f:25:99:20:a6:b7:33:4b:
fb:d2:b5:75:b9:56:69:82:95:bb:c2:63:b6:32:71:
c5:27:cf:7e:98:bb:b0:df:d7:ed:cc:fa:bf:9d:32:
cf:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DB:E0:DA:23:E4:E5:5E:A7:E5:4C:20:B3:A5:23:FD:90:AE:74:65
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Utvg2iPk5V6n5Uwgs6Uj_ZCudGU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0b:8e:f5:85:4e:20:b0:19:8b:f7:fb:82:23:d4:6b:bb:4d:4e:
af:e6:6e:96:e9:d8:b7:b9:66:87:ac:4b:76:f9:7d:58:d8:6a:
9e:fb:03:73:28:32:3f:b1:15:55:73:17:e7:f0:7c:d1:74:6b:
50:53:4c:56:6d:c7:1b:c3:14:c8:9a:9a:f5:a2:c7:b8:da:05:
02:87:99:cb:3f:2b:fc:d0:73:0e:4f:60:3d:c5:00:d4:45:7e:
cd:7f:26:24:41:a7:bf:09:0b:54:5e:79:e1:de:a7:94:94:30:
72:4c:33:c2:a3:a1:7c:7f:35:23:84:58:67:d2:dc:af:06:b0:
d8:fc:f8:c7:0a:b1:e5:0b:a7:2a:d8:f0:c1:e5:78:d9:b7:15:
11:7a:eb:7b:37:c8:8c:22:2d:d1:8a:ae:e4:b1:00:6b:dd:a9:
22:cb:14:6d:6d:6f:94:c6:65:c4:df:ba:46:d9:0e:5d:f3:af:
a1:e8:a4:19:94:6d:19:48:e6:da:78:06:07:07:a5:59:df:85:
6b:e4:3d:40:c5:64:a2:ef:f7:75:7c:db:33:21:c3:ef:52:e7:
c0:54:42:18:1b:47:52:30:29:eb:da:3a:fe:a4:87:55:9d:67:
b2:06:b2:c3:00:05:d9:d5:d8:66:da:3d:91:d2:eb:40:67:07:
16:42:2e:9e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUIMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUy
MjIzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUyREJFMERBMjNFNEU1
NUVBN0U1NEMyMEIzQTUyM0ZEOTBBRTc0NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4Oz+3Fpdx4AohCshESGuoyFXEA6kHLKTtNP6jOlA4D0kbZC6t
dw9l/vpSnDQx59ikD15Y2/U2vmfiiIcEFw8nWZ/OukjUxLDfJL3EN2Y+mWp5zx9a
VoNsvBRObe0QGAWIEQ/km32XY8Od179iy4zgbdoTFArXZQLgaNVtKrwzqs5pEvKJ
eSvCZZhoE5/rdg7ccEgLP/Lrr9K9i9G18dCysQZ3P36hSyn/RwinybJKn4exhjpE
ij5xJNbtZgwhwwfP7penMxp4hHM4U2CNx0tjWGOsXC9hMA0/JZkgprczS/vStXW5
VmmClbvCY7YyccUnz36Yu7Df1+3M+r+dMs9fAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUtvg2iPk5V6n5Uwgs6Uj/ZCudGUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1V0dmcyaVBrNVY2bjVV
d2dzNlVqX1pDdWRHVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAuO9YVOILAZi/f7giPUa7tNTq/mbpbp
2Le5ZoesS3b5fVjYap77A3MoMj+xFVVzF+fwfNF0a1BTTFZtxxvDFMiamvWix7ja
BQKHmcs/K/zQcw5PYD3FANRFfs1/JiRBp78JC1ReeeHep5SUMHJMM8KjoXx/NSOE
WGfS3K8GsNj8+McKseULpyrY8MHleNm3FRF663s3yIwiLdGKruSxAGvdqSLLFG1t
b5TGZcTfukbZDl3zr6HopBmUbRlI5tp4BgcHpVnfhWvkPUDFZKLv93V82zMhw+9S
58BUQhgbR1IwKevaOv6kh1WdZ7IGssMABdnV2GbaPZHS60BnBxZCLp4=
-----END CERTIFICATE-----
Generated at Sat Jun 21 22:45:58 2025 by rpki-client