Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_qeZxVUDAkJShHYKYyqbfZ53JT0.roa
File: _qeZxVUDAkJShHYKYyqbfZ53JT0.roa (raw, json)
Hash identifier: 2vDDqImRzBtQ62RHBjpGG9AFszEG/V+71XSkatmekaI=
Subject key identifier: FE:A7:99:C5:55:03:02:42:52:84:76:0A:63:2A:9B:7D:9E:77:25:3D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4CDB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_qeZxVUDAkJShHYKYyqbfZ53JT0.roa
Signing time: Wed 01 May 2024 01:23:36 +0000
ROA not before: Wed 01 May 2024 01:23:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19675 (0x4cdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 01:23:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FEA799C5550302425284760A632A9B7D9E77253D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:30:09:23:4f:76:25:15:b5:84:a2:42:01:ef:
24:17:bf:b9:38:30:62:65:9d:ab:a1:6e:2d:0b:5f:
d2:dc:26:20:70:6b:71:26:9a:74:b7:65:f3:f9:84:
68:d1:99:e1:a0:cb:14:a4:8e:22:49:4b:6a:6b:d5:
d4:bc:e0:a9:13:e8:89:28:12:51:29:bc:9e:32:a6:
b0:5e:10:ba:07:55:69:3e:91:65:49:b8:1a:42:a0:
4f:9c:e7:c2:57:13:22:f6:e1:d5:3c:69:9f:43:ad:
8e:f9:0e:b6:f0:5a:97:b5:20:eb:67:41:2d:b7:48:
e9:e3:a2:f7:52:af:63:c4:fe:d6:b1:c2:62:53:ab:
4f:ca:89:c7:80:53:c5:b6:f5:62:c4:bd:91:81:f9:
ce:7d:b0:be:46:64:ca:f6:b0:b2:eb:b3:c9:d0:02:
97:b2:91:f4:ba:0a:09:e9:09:00:76:43:54:7e:08:
4c:4d:b7:7c:05:45:ee:3a:5c:66:ae:90:34:19:f8:
3a:29:5c:2a:6a:4f:ef:ef:da:e8:ae:05:5d:21:0a:
51:1d:d2:9b:0f:d0:7d:54:62:8b:6f:5d:82:5b:b8:
74:67:70:1c:f5:5a:6e:f9:f1:2f:d2:6a:0f:19:09:
c6:27:46:bc:66:46:68:1a:13:32:c7:6e:db:04:2d:
07:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A7:99:C5:55:03:02:42:52:84:76:0A:63:2A:9B:7D:9E:77:25:3D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_qeZxVUDAkJShHYKYyqbfZ53JT0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
41:9a:e0:7d:8a:53:67:b3:ad:41:52:1d:71:e5:bb:96:f7:c1:
bb:3c:e5:d4:3f:35:26:7d:3f:c6:a8:63:f7:fd:02:60:60:46:
35:8e:ae:37:8b:e5:12:5a:1b:a0:19:e3:47:b9:67:95:01:52:
0a:8f:6a:bc:8d:91:c9:09:9a:17:90:a7:2b:87:19:17:1d:a6:
8e:65:22:79:05:cf:35:9b:e9:7a:48:f6:e3:3f:57:e8:b9:60:
b2:2f:23:62:36:58:40:4c:63:d3:78:9d:7f:0f:fc:94:69:2b:
5e:1e:52:34:44:b9:8c:0f:4d:4f:d8:94:81:4c:63:a5:3b:48:
51:fd:5a:c0:c1:6c:ef:8f:72:22:13:d8:44:a9:c0:60:ce:58:
86:f6:0b:22:41:5a:2c:3f:a2:5e:56:60:84:53:c1:0b:25:bf:
e1:bd:96:9b:53:75:5b:cd:8f:cc:72:ae:4f:a6:26:fd:c8:d6:
d6:73:ef:c8:28:1a:41:e7:b9:83:61:52:59:45:80:ac:23:ed:
5e:fc:ce:ee:3f:d6:67:99:12:72:b1:33:9d:1d:4d:bc:18:39:
fd:d5:97:c6:27:02:e7:70:75:ae:4e:1b:88:71:ef:7e:47:3b:
52:50:92:6a:b7:b0:43:2b:69:14:6f:c5:53:6f:e2:fc:7c:53:
c1:ea:1c:dc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTNswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEw
MTIzMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZFQTc5OUM1NTUwMzAy
NDI1Mjg0NzYwQTYzMkE5QjdEOUU3NzI1M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoMAkjT3YlFbWEokIB7yQXv7k4MGJlnauhbi0LX9LcJiBwa3Em
mnS3ZfP5hGjRmeGgyxSkjiJJS2pr1dS84KkT6IkoElEpvJ4yprBeELoHVWk+kWVJ
uBpCoE+c58JXEyL24dU8aZ9DrY75DrbwWpe1IOtnQS23SOnjovdSr2PE/taxwmJT
q0/KiceAU8W29WLEvZGB+c59sL5GZMr2sLLrs8nQApeykfS6CgnpCQB2Q1R+CExN
t3wFRe46XGaukDQZ+DopXCpqT+/v2uiuBV0hClEd0psP0H1UYotvXYJbuHRncBz1
Wm758S/Sag8ZCcYnRrxmRmgaEzLHbtsELQcVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU/qeZxVUDAkJShHYKYyqbfZ53JT0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19xZVp4VlVEQWtKU2hI
WUtZeXFiZlo1M0pUMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEGa4H2KU2ezrUFSHXHlu5b3wbs85dQ/
NSZ9P8aoY/f9AmBgRjWOrjeL5RJaG6AZ40e5Z5UBUgqParyNkckJmheQpyuHGRcd
po5lInkFzzWb6XpI9uM/V+i5YLIvI2I2WEBMY9N4nX8P/JRpK14eUjREuYwPTU/Y
lIFMY6U7SFH9WsDBbO+PciIT2ESpwGDOWIb2CyJBWiw/ol5WYIRTwQslv+G9lptT
dVvNj8xyrk+mJv3I1tZz78goGkHnuYNhUllFgKwj7V78zu4/1meZEnKxM50dTbwY
Of3Vl8YnAudwda5OG4hx735HO1JQkmq3sEMraRRvxVNv4vx8U8HqHNw=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:08:47 2025 by rpki-client