Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/b7_00JXJCUQwS87sAmEUNu6OnzE.roa
File: b7_00JXJCUQwS87sAmEUNu6OnzE.roa (raw, json)
Hash identifier: tv8I58eojXKaBUvPVE+mHpZZwwgCDEAf8rsaejRY7Lk=
Subject key identifier: 6F:BF:F4:D0:95:C9:09:44:30:4B:CE:EC:02:61:14:36:EE:8E:9F:31
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 478B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/b7_00JXJCUQwS87sAmEUNu6OnzE.roa
Signing time: Tue 23 Apr 2024 23:23:17 +0000
ROA not before: Tue 23 Apr 2024 23:23:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18315 (0x478b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 23 23:23:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6FBFF4D095C90944304BCEEC02611436EE8E9F31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b7:fd:8f:b4:35:f3:58:de:ae:d0:ad:4c:3b:
f9:c3:85:c7:86:f4:88:90:2f:f4:ae:b5:f3:05:59:
ed:e9:ee:7f:4e:4c:36:ef:6c:58:76:db:95:c1:25:
b2:93:bc:37:e9:bc:1e:03:b1:58:1d:24:76:88:00:
10:71:50:a0:d9:23:0d:45:38:3d:c1:14:04:19:a3:
fe:0a:e3:02:39:a3:0d:fb:6a:07:51:89:1b:e8:91:
f0:7d:c4:45:7b:ba:6d:5c:e8:1b:d8:43:dd:d2:1d:
42:d1:a9:1b:45:19:55:24:e9:f1:9b:99:25:53:27:
52:ba:ac:a6:44:34:81:16:a7:07:93:23:1d:b5:30:
72:4b:23:44:ae:97:3d:54:87:6a:f3:56:56:bd:b2:
a2:28:48:6b:66:f3:32:e3:04:2a:c7:4c:b3:2c:78:
5e:db:40:b9:21:7c:15:12:6f:ff:d6:80:17:58:5a:
7d:41:7f:2d:75:f4:1c:09:ce:b1:32:12:04:ca:18:
6b:da:09:13:45:a7:ef:f7:c1:6a:ca:aa:d2:cb:11:
14:df:9f:ee:5c:d6:f9:ef:25:c9:c8:69:75:0d:0b:
e6:3e:87:94:ff:f2:f0:e8:63:7a:4e:4d:18:c1:04:
4d:d5:86:55:63:c4:c2:1b:25:81:3c:00:90:5f:7a:
40:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BF:F4:D0:95:C9:09:44:30:4B:CE:EC:02:61:14:36:EE:8E:9F:31
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/b7_00JXJCUQwS87sAmEUNu6OnzE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
02:72:6f:51:54:76:c0:e4:35:e7:2b:19:f1:4d:a6:93:80:a5:
98:0c:bc:aa:50:4b:7b:2d:f0:0c:28:0a:8b:98:90:f0:2f:63:
b6:ca:89:8d:db:9f:49:2c:b1:48:26:ea:a9:0a:5a:32:c6:d5:
57:f7:ae:c6:ad:45:3c:3a:6b:30:9b:ff:b3:23:34:21:14:c7:
f0:ad:db:52:5a:fa:7c:57:5f:4d:6e:cd:81:a6:4b:c1:11:b5:
7a:a3:c9:4d:13:49:5c:07:0b:d8:4d:f4:f9:5e:19:29:a1:93:
11:72:b0:ac:19:56:97:f4:c6:03:c4:cb:9a:40:c1:31:19:74:
16:f9:97:62:5c:e4:34:1e:33:ff:d1:ab:f0:29:df:bb:ab:c2:
a5:89:f1:e3:19:02:66:72:86:ff:3a:7a:44:a3:dc:ab:c4:e8:
fd:cd:13:1a:70:77:2d:7a:c6:98:2b:3b:b8:a2:a4:52:ac:e8:
3f:47:f6:7f:9f:f5:c7:50:85:f8:c3:69:df:d6:64:90:b1:07:
8e:53:3c:dd:dd:97:21:ed:08:b5:99:4b:ad:14:24:bc:0f:c8:
c2:8c:7c:61:9b:31:f0:ca:06:57:c1:0f:76:40:bd:12:a2:e1:
dd:67:93:be:0f:a5:b9:1d:db:87:31:10:49:3b:58:41:22:92:
be:c4:0f:32
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICR4swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjMy
MzIzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZGQkZGNEQwOTVDOTA5
NDQzMDRCQ0VFQzAyNjExNDM2RUU4RTlGMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtt/2PtDXzWN6u0K1MO/nDhceG9IiQL/SutfMFWe3p7n9OTDbv
bFh225XBJbKTvDfpvB4DsVgdJHaIABBxUKDZIw1FOD3BFAQZo/4K4wI5ow37agdR
iRvokfB9xEV7um1c6BvYQ93SHULRqRtFGVUk6fGbmSVTJ1K6rKZENIEWpweTIx21
MHJLI0Sulz1Uh2rzVla9sqIoSGtm8zLjBCrHTLMseF7bQLkhfBUSb//WgBdYWn1B
fy119BwJzrEyEgTKGGvaCRNFp+/3wWrKqtLLERTfn+5c1vnvJcnIaXUNC+Y+h5T/
8vDoY3pOTRjBBE3VhlVjxMIbJYE8AJBfekA1AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUb7/00JXJCUQwS87sAmEUNu6OnzEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2I3XzAwSlhKQ1VRd1M4
N3NBbUVVTnU2T256RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAJyb1FUdsDkNecrGfFNppOApZgMvKpQ
S3st8AwoCouYkPAvY7bKiY3bn0kssUgm6qkKWjLG1Vf3rsatRTw6azCb/7MjNCEU
x/Ct21Ja+nxXX01uzYGmS8ERtXqjyU0TSVwHC9hN9PleGSmhkxFysKwZVpf0xgPE
y5pAwTEZdBb5l2Jc5DQeM//Rq/Ap37urwqWJ8eMZAmZyhv86ekSj3KvE6P3NExpw
dy16xpgrO7iipFKs6D9H9n+f9cdQhfjDad/WZJCxB45TPN3dlyHtCLWZS60UJLwP
yMKMfGGbMfDKBlfBD3ZAvRKi4d1nk74Ppbkd24cxEEk7WEEikr7EDzI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 02:05:01 2025 by rpki-client