Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WUxIJ21NtCUXzQqZlc04EAo5QYU.roa
File: WUxIJ21NtCUXzQqZlc04EAo5QYU.roa (raw, json)
Hash identifier: FGdfUgGQy80rSaCO2cgMFOQURNKkJOoNXIAmjtBS0gI=
Subject key identifier: 59:4C:48:27:6D:4D:B4:25:17:CD:0A:99:95:CD:38:10:0A:39:41:85
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F7F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WUxIJ21NtCUXzQqZlc04EAo5QYU.roa
Signing time: Sat 13 Apr 2024 05:53:20 +0000
ROA not before: Sat 13 Apr 2024 05:53:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16255 (0x3f7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 05:53:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=594C48276D4DB42517CD0A9995CD38100A394185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ab:97:61:a7:e4:1d:2b:c1:9e:1e:e2:6f:b0:
4e:d8:26:69:3d:ff:65:b1:e2:2c:f6:09:04:08:6e:
76:82:14:76:35:ab:f3:18:f4:ad:f8:15:06:f1:b0:
27:0d:1e:8d:1d:98:c6:7b:1a:29:18:82:ad:8d:da:
65:e1:83:3f:bc:09:e1:e8:2a:e2:ad:12:d1:f7:f7:
a9:d3:7f:0d:32:b2:c1:84:12:b6:07:43:7d:df:fa:
1a:85:4e:35:cf:5a:8b:b4:e8:09:08:f3:a4:71:59:
42:bb:10:ea:72:b5:4a:cd:a1:91:6f:32:9e:7e:08:
9e:81:48:32:02:cd:32:94:5c:e3:80:fb:3d:28:fa:
f3:f0:46:53:3f:0c:09:35:3e:ce:6e:fa:2c:37:84:
57:b3:04:16:e6:2d:f2:8e:88:b9:0a:95:24:33:d3:
0f:3b:00:6f:92:e7:19:85:f1:7f:6f:c4:2f:45:63:
71:5b:71:7a:6c:59:6d:9d:a7:bc:23:da:c2:67:89:
2b:02:87:12:84:16:71:c2:a2:ca:bf:46:d4:57:e0:
85:f2:e7:db:e8:8a:a2:fa:3c:4f:89:e1:cd:3e:30:
22:8d:cf:40:6e:cb:3d:6e:2a:ff:87:d6:d7:97:81:
85:af:70:22:c3:0b:62:30:a6:f7:ff:f1:ee:66:53:
17:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:4C:48:27:6D:4D:B4:25:17:CD:0A:99:95:CD:38:10:0A:39:41:85
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WUxIJ21NtCUXzQqZlc04EAo5QYU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
42:63:c4:10:06:46:c8:04:b1:d8:b2:76:22:32:ac:82:2d:0f:
af:01:ae:75:0f:ef:89:12:79:37:04:1b:c0:04:41:d7:ab:f0:
f1:33:d8:3b:70:67:c8:e4:3f:4a:f6:38:05:18:8a:22:a8:0a:
17:e2:b3:75:85:06:ae:84:55:c3:55:58:6e:0d:17:ab:95:b3:
5b:b9:cd:be:eb:89:46:5f:c3:bc:bf:4e:1b:3c:96:55:17:a7:
8c:69:9a:76:3c:9a:2e:f1:b8:9d:68:23:f4:e9:16:10:31:3e:
35:4b:8e:7e:24:7c:55:cd:18:0e:7c:f2:b1:93:3e:d2:ac:f6:
9e:e6:77:50:7e:dd:52:0d:8b:b4:20:d1:a6:36:e7:55:f0:40:
09:59:1e:1e:a2:3e:2c:9f:a7:72:d6:50:0a:14:3d:19:1d:95:
cd:b4:29:ca:7c:0e:6e:94:b2:da:04:54:e9:9e:cd:5e:2a:6a:
55:e1:97:c1:40:0d:ae:98:1c:60:a6:b8:73:ac:4b:07:64:5f:
c5:d7:b1:d4:f5:af:c5:e0:df:0e:40:de:27:e6:63:9f:0c:01:
66:25:b4:37:f6:d5:ff:54:ed:b9:ed:9c:37:11:32:5a:fe:ee:
ac:fc:ee:a8:2b:42:9e:ca:35:24:eb:ed:0f:e6:8a:fd:d4:91:
14:95:ba:d9
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICP38wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMw
NTUzMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU5NEM0ODI3NkQ0REI0
MjUxN0NEMEE5OTk1Q0QzODEwMEEzOTQxODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpq5dhp+QdK8GeHuJvsE7YJmk9/2Wx4iz2CQQIbnaCFHY1q/MY
9K34FQbxsCcNHo0dmMZ7GikYgq2N2mXhgz+8CeHoKuKtEtH396nTfw0yssGEErYH
Q33f+hqFTjXPWou06AkI86RxWUK7EOpytUrNoZFvMp5+CJ6BSDICzTKUXOOA+z0o
+vPwRlM/DAk1Ps5u+iw3hFezBBbmLfKOiLkKlSQz0w87AG+S5xmF8X9vxC9FY3Fb
cXpsWW2dp7wj2sJniSsChxKEFnHCosq/RtRX4IXy59voiqL6PE+J4c0+MCKNz0Bu
yz1uKv+H1teXgYWvcCLDC2Iwpvf/8e5mUxdRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUWUxIJ21NtCUXzQqZlc04EAo5QYUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dVeElKMjFOdENVWHpR
cVpsYzA0RUFvNVFZVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEJjxBAGRsgEsdiydiIyrIItD68BrnUP
74kSeTcEG8AEQder8PEz2DtwZ8jkP0r2OAUYiiKoChfis3WFBq6EVcNVWG4NF6uV
s1u5zb7riUZfw7y/Ths8llUXp4xpmnY8mi7xuJ1oI/TpFhAxPjVLjn4kfFXNGA58
8rGTPtKs9p7md1B+3VINi7Qg0aY251XwQAlZHh6iPiyfp3LWUAoUPRkdlc20Kcp8
Dm6UstoEVOmezV4qalXhl8FADa6YHGCmuHOsSwdkX8XXsdT1r8Xg3w5A3ifmY58M
AWYltDf21f9U7bntnDcRMlr+7qz87qgrQp7KNSTr7Q/miv3UkRSVutk=
-----END CERTIFICATE-----
Generated at Sat Jun 21 23:34:35 2025 by rpki-client