Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WScsCHP39i7k-o2n12bpMM48Vws.roa
File: WScsCHP39i7k-o2n12bpMM48Vws.roa (raw, json)
Hash identifier: ENp7fH6eOfckOM0ZnVoP3ypt22vXnjME+CdiMQx1CWw=
Subject key identifier: 59:27:2C:08:73:F7:F6:2E:E4:FA:8D:A7:D7:66:E9:30:CE:3C:57:0B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44CF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WScsCHP39i7k-o2n12bpMM48Vws.roa
Signing time: Sat 20 Apr 2024 07:53:13 +0000
ROA not before: Sat 20 Apr 2024 07:53:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17615 (0x44cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 07:53:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=59272C0873F7F62EE4FA8DA7D766E930CE3C570B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c2:9d:12:bf:2d:c9:52:34:07:8f:30:58:7f:
6a:e8:11:c0:8c:2d:36:98:d2:42:ec:28:af:86:82:
ba:a8:0d:b1:d7:68:18:7a:65:d0:dd:9e:a1:e8:1e:
27:27:39:b5:4c:a8:11:7b:83:c7:8b:64:e3:e9:71:
fc:62:d2:80:1c:43:2e:d9:94:48:98:e6:b9:2d:b4:
a8:f5:60:f2:6f:23:88:44:c9:f7:e3:9e:ed:52:16:
d8:26:aa:75:ae:c6:0a:da:b7:13:6f:ff:fa:2c:b4:
ec:7b:52:45:c7:ff:fb:9b:cb:3a:9d:f6:b4:83:74:
7f:1c:1c:51:bf:f8:01:e5:ab:91:04:e7:24:19:ac:
e9:1e:db:9c:d1:d0:ad:da:1d:b4:8c:86:04:f0:06:
94:cf:08:bd:06:d5:b2:5f:85:f6:4d:84:f6:5f:3d:
99:be:11:08:cd:d3:4b:07:4f:7a:69:67:d0:79:d2:
01:e2:5b:6e:b0:89:0a:84:57:8e:28:52:6c:49:7a:
f0:d9:3a:06:5a:13:50:a6:ee:7b:41:c4:5a:c2:52:
b4:fa:75:ee:85:8e:e4:c3:d7:9c:e5:e9:47:56:25:
00:28:71:2d:03:50:7e:47:4b:30:08:d1:b9:63:04:
00:ff:b0:eb:48:25:6a:4a:21:a2:73:99:79:e2:a3:
3a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:27:2C:08:73:F7:F6:2E:E4:FA:8D:A7:D7:66:E9:30:CE:3C:57:0B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WScsCHP39i7k-o2n12bpMM48Vws.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
38:dc:a2:a9:a2:1b:c8:3d:b2:e9:76:73:92:a6:3d:23:45:f8:
f0:27:e1:c7:9e:27:1d:f7:d1:35:24:51:e7:d2:f8:c6:fa:1e:
18:20:fe:8f:61:d7:14:1a:7a:2b:c3:59:ab:b4:17:0f:7b:ee:
c2:47:d8:d2:8d:8e:cf:4d:7e:da:75:8f:76:aa:b4:f8:aa:2c:
86:a8:d0:f8:77:3b:de:99:6d:e5:cd:e5:82:79:ee:0d:28:cd:
b3:40:cc:2a:e7:3c:1a:8f:6f:c1:82:39:1f:1d:b0:a1:00:93:
e7:6d:a1:b3:92:07:7b:3c:b3:f5:9a:21:b4:d7:32:f6:6e:80:
bd:a9:f5:eb:52:f8:1d:86:2a:6d:f5:b2:15:6d:03:f0:d1:21:
98:2c:aa:da:20:c2:9f:27:4c:b3:82:68:2e:00:b5:27:2c:17:
2c:dc:04:87:ee:79:f2:4f:31:66:c8:3d:b6:33:1e:33:73:8a:
d4:ec:66:b2:61:d7:0a:67:e9:c5:20:7c:40:a3:66:1e:4e:fb:
55:a8:8d:cf:a6:b8:06:b0:9e:53:b6:bc:0a:48:da:0f:26:81:
c9:ce:d5:ba:c0:66:81:3a:62:dd:b2:a5:0c:98:b4:f9:36:75:
37:0d:9e:40:79:7e:73:c4:ec:07:e4:a0:8a:f0:e3:5d:77:43:
a3:ef:ca:a8
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
NzUzMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU5MjcyQzA4NzNGN0Y2
MkVFNEZBOERBN0Q3NjZFOTMwQ0UzQzU3MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTwp0Svy3JUjQHjzBYf2roEcCMLTaY0kLsKK+GgrqoDbHXaBh6
ZdDdnqHoHicnObVMqBF7g8eLZOPpcfxi0oAcQy7ZlEiY5rkttKj1YPJvI4hEyffj
nu1SFtgmqnWuxgratxNv//ostOx7UkXH//ubyzqd9rSDdH8cHFG/+AHlq5EE5yQZ
rOke25zR0K3aHbSMhgTwBpTPCL0G1bJfhfZNhPZfPZm+EQjN00sHT3ppZ9B50gHi
W26wiQqEV44oUmxJevDZOgZaE1Cm7ntBxFrCUrT6de6FjuTD15zl6UdWJQAocS0D
UH5HSzAI0bljBAD/sOtIJWpKIaJzmXniozrjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUWScsCHP39i7k+o2n12bpMM48VwswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dTY3NDSFAzOWk3ay1v
Mm4xMmJwTU00OFZ3cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADjcoqmiG8g9sul2c5KmPSNF+PAn4cee
Jx330TUkUefS+Mb6Hhgg/o9h1xQaeivDWau0Fw977sJH2NKNjs9Nftp1j3aqtPiq
LIao0Ph3O96ZbeXN5YJ57g0ozbNAzCrnPBqPb8GCOR8dsKEAk+dtobOSB3s8s/Wa
IbTXMvZugL2p9etS+B2GKm31shVtA/DRIZgsqtogwp8nTLOCaC4AtScsFyzcBIfu
efJPMWbIPbYzHjNzitTsZrJh1wpn6cUgfECjZh5O+1Wojc+muAawnlO2vApI2g8m
gcnO1brAZoE6Yt2ypQyYtPk2dTcNnkB5fnPE7AfkoIrw4113Q6Pvyqg=
-----END CERTIFICATE-----
Generated at Fri Jun 20 12:02:15 2025 by rpki-client