Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VaYKOv85cLyx1qyYUyNnW-Fwx0Q.roa
File: VaYKOv85cLyx1qyYUyNnW-Fwx0Q.roa (raw, json)
Hash identifier: VzlXNBqCv3CeR2QtoDJU2xH8UqVFN5mrF7vLQnhOquE=
Subject key identifier: 55:A6:0A:3A:FF:39:70:BC:B1:D6:AC:98:53:23:67:5B:E1:70:C7:44
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 421F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VaYKOv85cLyx1qyYUyNnW-Fwx0Q.roa
Signing time: Tue 16 Apr 2024 17:52:58 +0000
ROA not before: Tue 16 Apr 2024 17:52:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16927 (0x421f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 17:52:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=55A60A3AFF3970BCB1D6AC985323675BE170C744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d5:64:2d:30:8d:ff:14:36:b4:fe:72:ad:6a:
de:0f:cd:6d:b2:f1:9b:4f:ee:be:cc:d9:6a:2c:6c:
18:77:ec:54:b8:d6:f1:46:45:30:7d:ac:f3:be:80:
39:a9:49:8e:ee:b2:fe:c3:75:05:e8:7f:de:33:46:
5c:fa:c7:23:09:d9:ef:db:bd:63:d1:3c:77:00:52:
ed:c9:95:a6:85:27:e2:a0:04:9d:d8:db:fd:97:be:
1d:8c:2e:d1:2a:3d:8f:3e:8a:aa:82:3a:05:42:c8:
58:ce:b9:e3:cc:84:22:ba:8e:c2:3a:01:24:60:d4:
a1:04:ca:d7:36:11:4c:f3:2a:c6:d6:85:21:64:de:
a3:c9:b4:51:82:dd:05:fe:f6:18:95:aa:e7:20:f3:
ad:2a:fa:53:50:82:5c:21:2c:d6:31:21:6f:81:05:
72:5e:5a:85:c5:46:a7:ab:d2:75:4d:6f:c3:89:69:
3c:0f:a9:de:09:ea:f2:3a:74:95:66:d1:45:9c:44:
53:f0:3e:06:17:47:06:4b:94:a6:dd:6b:9f:58:e1:
ac:5a:fb:da:7e:da:ec:05:90:36:7e:2f:e1:75:06:
90:b2:d6:60:7e:1f:e3:18:74:f0:d8:9e:cf:33:57:
d1:1d:68:e1:62:c0:d6:6d:ff:a1:fd:e2:6e:0a:1d:
12:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A6:0A:3A:FF:39:70:BC:B1:D6:AC:98:53:23:67:5B:E1:70:C7:44
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VaYKOv85cLyx1qyYUyNnW-Fwx0Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
39:d2:c2:50:24:53:ef:57:8e:68:10:01:24:d6:39:e0:18:4f:
d2:09:dd:f6:89:2e:39:e8:34:62:f3:26:bd:59:95:3f:64:86:
a1:75:97:57:30:43:f9:5e:65:09:b3:0c:d3:f0:19:63:4e:19:
2d:d1:09:75:98:a0:bd:1a:af:8b:b2:f0:63:fa:cf:6c:5c:c3:
c4:e0:2b:7d:f4:42:1b:96:57:ed:4e:22:8b:b2:ff:67:05:37:
a5:c3:ae:26:66:eb:f4:98:8f:79:bb:e9:83:fe:9e:5f:12:48:
cf:38:70:13:c5:f2:f9:22:81:29:d3:20:ff:9d:18:1d:85:00:
eb:ba:40:40:73:58:bc:77:1d:cc:fe:73:f1:cf:26:a2:c7:20:
09:d4:ca:65:5c:bc:34:64:2f:c4:60:62:1b:d0:d6:65:4b:82:
cb:2c:61:99:17:f8:72:cc:8a:59:a8:15:cf:79:4e:69:57:ff:
12:c8:bc:a2:33:20:9c:73:6f:84:a6:70:d3:e2:34:f8:01:64:
48:0a:bf:59:e8:27:40:a1:a0:02:aa:b3:b9:22:64:fa:f3:93:
53:8f:2e:b9:16:63:f8:06:eb:43:8d:94:37:ec:a3:c2:34:af:
e9:7e:29:e3:77:99:e8:3e:77:89:21:5a:23:78:ec:51:97:f9:
d4:fa:f7:ba
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQh8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYx
NzUyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU1QTYwQTNBRkYzOTcw
QkNCMUQ2QUM5ODUzMjM2NzVCRTE3MEM3NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE1WQtMI3/FDa0/nKtat4PzW2y8ZtP7r7M2WosbBh37FS41vFG
RTB9rPO+gDmpSY7usv7DdQXof94zRlz6xyMJ2e/bvWPRPHcAUu3JlaaFJ+KgBJ3Y
2/2Xvh2MLtEqPY8+iqqCOgVCyFjOuePMhCK6jsI6ASRg1KEEytc2EUzzKsbWhSFk
3qPJtFGC3QX+9hiVqucg860q+lNQglwhLNYxIW+BBXJeWoXFRqer0nVNb8OJaTwP
qd4J6vI6dJVm0UWcRFPwPgYXRwZLlKbda59Y4axa+9p+2uwFkDZ+L+F1BpCy1mB+
H+MYdPDYns8zV9EdaOFiwNZt/6H94m4KHRKlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUVaYKOv85cLyx1qyYUyNnW+Fwx0QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZhWUtPdjg1Y0x5eDFx
eVlVeU5uVy1Gd3gwUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADnSwlAkU+9XjmgQASTWOeAYT9IJ3faJ
LjnoNGLzJr1ZlT9khqF1l1cwQ/leZQmzDNPwGWNOGS3RCXWYoL0ar4uy8GP6z2xc
w8TgK330QhuWV+1OIouy/2cFN6XDriZm6/SYj3m76YP+nl8SSM84cBPF8vkigSnT
IP+dGB2FAOu6QEBzWLx3Hcz+c/HPJqLHIAnUymVcvDRkL8RgYhvQ1mVLgsssYZkX
+HLMilmoFc95TmlX/xLIvKIzIJxzb4SmcNPiNPgBZEgKv1noJ0ChoAKqs7kiZPrz
k1OPLrkWY/gG60ONlDfso8I0r+l+KeN3meg+d4khWiN47FGX+dT697o=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:14:30 2025 by rpki-client