Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_ivbeC1tShRJLO4V9y08fyJ8M7g.roa
File: _ivbeC1tShRJLO4V9y08fyJ8M7g.roa (raw, json)
Hash identifier: Quztxob+5KIC0KeF0dEo3TArOsNJAKhsph+RIfb7kmc=
Subject key identifier: FE:2B:DB:78:2D:6D:4A:14:49:2C:EE:15:F7:2D:3C:7F:22:7C:33:B8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3987
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_ivbeC1tShRJLO4V9y08fyJ8M7g.roa
Signing time: Fri 05 Apr 2024 06:52:30 +0000
ROA not before: Fri 05 Apr 2024 06:52:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14727 (0x3987)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 06:52:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FE2BDB782D6D4A14492CEE15F72D3C7F227C33B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0f:08:b2:df:9f:12:bf:e0:65:81:eb:16:e7:
d1:8d:bf:e9:26:34:ee:3e:4c:27:08:82:53:62:11:
ff:a6:5a:e8:6b:89:22:ce:77:dc:be:59:32:b7:a1:
15:e8:32:a1:1f:e7:b9:5a:2b:58:7e:6f:4c:77:a6:
93:75:a9:69:f5:5e:06:32:43:02:dd:39:35:35:3f:
df:93:0a:d6:9b:10:fc:b9:8b:11:a7:7d:9c:30:d5:
d5:7a:52:08:5f:66:08:31:0c:48:6c:6c:c6:ff:fd:
f3:8d:89:26:0b:af:71:46:6d:16:bd:62:a9:65:ea:
4a:d8:9c:11:b8:62:36:17:16:fe:df:e5:ff:c6:3b:
1a:e6:98:74:2d:4a:d3:8b:54:f0:18:0b:c9:ce:98:
68:d4:a8:89:32:95:0d:23:b8:fa:a3:dd:8e:26:2f:
04:4d:27:62:35:cc:51:6f:81:32:4d:28:31:89:62:
7d:40:ed:39:1e:85:0b:ad:f3:c8:ba:01:31:62:9e:
b2:29:aa:95:35:1c:7c:ee:f7:d7:9f:7f:99:29:0e:
c3:af:b1:ee:87:43:57:91:37:91:73:c1:54:7e:fe:
d5:2c:9f:7c:bf:70:1a:09:ac:c7:60:2e:98:c2:f6:
7b:bb:65:93:b4:50:d1:1c:5a:9d:09:7f:40:a6:47:
ea:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:2B:DB:78:2D:6D:4A:14:49:2C:EE:15:F7:2D:3C:7F:22:7C:33:B8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_ivbeC1tShRJLO4V9y08fyJ8M7g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
57:b7:e1:7f:f5:03:db:c4:10:71:b6:61:e2:a3:5d:4f:66:d6:
ee:61:11:35:33:70:b6:12:65:67:09:3d:a0:30:1e:fe:46:c4:
e6:87:aa:1c:3f:93:ab:7c:08:8e:49:f1:3b:40:7b:74:5c:ec:
0f:fa:e0:0c:97:7a:35:11:50:79:1d:e9:7e:4e:d6:27:57:84:
85:3e:bb:c7:84:37:d2:c6:b4:2c:11:6b:48:03:ba:58:6f:c0:
07:b0:b7:40:28:5e:e7:ee:3d:54:8f:43:8c:30:77:58:bd:ff:
74:20:2a:59:09:cd:e5:a9:19:63:44:4c:e5:e4:bf:04:53:83:
34:cb:9a:41:6a:55:63:55:89:19:4b:c8:83:8d:92:6c:1e:da:
e3:e1:59:5d:f5:f3:35:b8:fb:91:87:b2:50:a5:3e:12:d7:57:
7e:42:cc:89:e8:78:36:fd:7e:69:c3:2c:46:27:f2:64:27:c3:
63:68:ff:50:8e:74:6a:39:87:31:24:3c:41:fa:08:6d:00:45:
59:22:ff:0e:d5:96:c1:d3:00:23:76:7b:21:a2:73:c9:ff:f5:
c4:f0:3e:61:08:cd:b2:c1:ab:66:00:f2:39:21:0a:e2:c5:ad:
da:14:bb:da:95:16:5b:68:f7:5c:a7:4c:e1:92:3b:5b:69:75:
6c:2e:95:a7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOYcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
NjUyMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZFMkJEQjc4MkQ2RDRB
MTQ0OTJDRUUxNUY3MkQzQzdGMjI3QzMzQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoDwiy358Sv+BlgesW59GNv+kmNO4+TCcIglNiEf+mWuhriSLO
d9y+WTK3oRXoMqEf57laK1h+b0x3ppN1qWn1XgYyQwLdOTU1P9+TCtabEPy5ixGn
fZww1dV6UghfZggxDEhsbMb//fONiSYLr3FGbRa9Yqll6krYnBG4YjYXFv7f5f/G
OxrmmHQtStOLVPAYC8nOmGjUqIkylQ0juPqj3Y4mLwRNJ2I1zFFvgTJNKDGJYn1A
7TkehQut88i6ATFinrIpqpU1HHzu99eff5kpDsOvse6HQ1eRN5FzwVR+/tUsn3y/
cBoJrMdgLpjC9nu7ZZO0UNEcWp0Jf0CmR+otAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU/ivbeC1tShRJLO4V9y08fyJ8M7gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19pdmJlQzF0U2hSSkxP
NFY5eTA4ZnlKOE03Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFe34X/1A9vEEHG2YeKjXU9m1u5hETUz
cLYSZWcJPaAwHv5GxOaHqhw/k6t8CI5J8TtAe3Rc7A/64AyXejURUHkd6X5O1idX
hIU+u8eEN9LGtCwRa0gDulhvwAewt0AoXufuPVSPQ4wwd1i9/3QgKlkJzeWpGWNE
TOXkvwRTgzTLmkFqVWNViRlLyIONkmwe2uPhWV318zW4+5GHslClPhLXV35CzIno
eDb9fmnDLEYn8mQnw2No/1COdGo5hzEkPEH6CG0ARVki/w7VlsHTACN2eyGic8n/
9cTwPmEIzbLBq2YA8jkhCuLFrdoUu9qVFlto91ynTOGSO1tpdWwulac=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:52:48 2025 by rpki-client