Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Wm9zFNVxjksJ_xOySZb6J1bMdhU.roa
File: Wm9zFNVxjksJ_xOySZb6J1bMdhU.roa (raw, json)
Hash identifier: 0F/jW50Fq+jqs3TKt98+LSz5ZiVSojHlaZOeZ7nT6Do=
Subject key identifier: 5A:6F:73:14:D5:71:8E:4B:09:FF:13:B2:49:96:FA:27:56:CC:76:15
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56FB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Wm9zFNVxjksJ_xOySZb6J1bMdhU.roa
Signing time: Tue 14 May 2024 13:24:09 +0000
ROA not before: Tue 14 May 2024 13:24:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22267 (0x56fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 13:24:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5A6F7314D5718E4B09FF13B24996FA2756CC7615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f2:23:52:7a:2c:be:e0:83:5e:83:78:83:56:
69:76:09:07:8b:65:08:95:45:9e:4e:ed:d3:b4:23:
a0:b1:d7:5d:1e:e5:f5:11:81:76:03:56:61:d8:9a:
f8:33:41:77:e3:c8:ad:6e:12:92:1d:91:46:72:17:
2e:e4:e2:4a:80:e0:6d:34:3d:bf:7a:5f:64:39:c1:
0e:fa:13:cc:10:f9:cd:87:74:cc:ad:bb:d8:79:8a:
08:6e:fe:f0:b2:90:af:9c:1c:b9:22:e6:1e:6e:f7:
7e:c6:86:59:e0:76:53:b6:17:47:5b:14:bb:a5:b8:
9b:0d:2f:86:1b:77:8e:f4:e7:ee:f1:49:97:3d:66:
02:65:08:6c:1c:32:a5:48:57:f3:9a:85:c7:3c:ce:
6c:06:82:dd:b2:d5:86:5c:21:ed:df:e5:f0:d3:dd:
83:d3:a2:c7:5b:c2:13:44:d0:f1:01:95:46:57:13:
c3:88:a3:ef:fd:f6:82:80:62:97:c5:77:40:d9:1b:
72:ba:aa:3b:41:21:71:6a:c5:d0:2c:45:6e:92:59:
92:12:1f:f4:e1:ad:42:d9:b9:9d:1a:ec:97:bd:99:
c0:89:cb:71:36:7c:fc:2f:8a:b6:00:a6:5c:75:fa:
8b:b9:08:7b:a5:97:91:f5:12:57:7f:66:f1:a7:b1:
89:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6F:73:14:D5:71:8E:4B:09:FF:13:B2:49:96:FA:27:56:CC:76:15
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Wm9zFNVxjksJ_xOySZb6J1bMdhU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5d:ea:03:94:9e:23:b3:a5:80:40:88:81:b0:83:69:15:29:36:
e4:6c:cb:a7:63:13:da:ec:77:03:52:0f:4b:24:a5:87:c1:b7:
d8:ed:7e:a9:2e:28:b4:ef:ad:da:ab:f4:eb:f0:1f:e5:29:7c:
60:3f:31:ef:f1:84:39:36:54:cd:26:da:30:87:40:bf:ca:5b:
89:53:87:22:4f:ca:e5:85:37:7e:12:ab:fc:fb:e3:4c:6e:a8:
64:34:7f:4a:43:ba:8f:bb:7d:18:d0:02:70:ad:56:95:82:68:
86:fb:15:39:98:29:98:55:87:d1:a2:ad:4f:92:68:77:2d:65:
e2:45:d5:dc:86:73:78:fe:e2:13:f7:df:46:28:c9:50:a4:d7:
fe:66:35:45:da:49:de:17:b9:b0:6d:b9:1e:ed:f4:41:b8:be:
47:36:20:d4:25:55:d1:b3:cd:4f:a0:ff:46:d1:d7:43:83:e1:
c5:2f:2d:20:9f:a1:de:bc:01:75:45:9d:02:ed:16:6d:67:07:
09:46:a8:ab:c5:69:ad:a6:73:52:5a:2c:f9:b1:3d:ff:86:dd:
37:cc:d4:80:53:12:5b:f7:a1:f4:97:59:25:bb:aa:ba:83:db:
d5:44:67:59:40:0f:0e:6b:ed:c6:a3:47:21:cb:1c:6e:c9:bd:
76:32:c3:01
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVvswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQx
MzI0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVBNkY3MzE0RDU3MThF
NEIwOUZGMTNCMjQ5OTZGQTI3NTZDQzc2MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz8iNSeiy+4INeg3iDVml2CQeLZQiVRZ5O7dO0I6Cx110e5fUR
gXYDVmHYmvgzQXfjyK1uEpIdkUZyFy7k4kqA4G00Pb96X2Q5wQ76E8wQ+c2HdMyt
u9h5ighu/vCykK+cHLki5h5u937GhlngdlO2F0dbFLuluJsNL4Ybd4705+7xSZc9
ZgJlCGwcMqVIV/Oahcc8zmwGgt2y1YZcIe3f5fDT3YPTosdbwhNE0PEBlUZXE8OI
o+/99oKAYpfFd0DZG3K6qjtBIXFqxdAsRW6SWZISH/ThrULZuZ0a7Je9mcCJy3E2
fPwvirYAplx1+ou5CHull5H1Eld/ZvGnsYkxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUWm9zFNVxjksJ/xOySZb6J1bMdhUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dtOXpGTlZ4amtzSl94
T3lTWmI2SjFiTWRoVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAF3qA5SeI7OlgECIgbCDaRUpNuRsy6dj
E9rsdwNSD0skpYfBt9jtfqkuKLTvrdqr9OvwH+UpfGA/Me/xhDk2VM0m2jCHQL/K
W4lThyJPyuWFN34Sq/z740xuqGQ0f0pDuo+7fRjQAnCtVpWCaIb7FTmYKZhVh9Gi
rU+SaHctZeJF1dyGc3j+4hP330YoyVCk1/5mNUXaSd4XubBtuR7t9EG4vkc2INQl
VdGzzU+g/0bR10OD4cUvLSCfod68AXVFnQLtFm1nBwlGqKvFaa2mc1JaLPmxPf+G
3TfM1IBTElv3ofSXWSW7qrqD29VEZ1lADw5r7cajRyHLHG7JvXYywwE=
-----END CERTIFICATE-----
Generated at Mon Jun 23 06:51:32 2025 by rpki-client