Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bcNtIdUl2Slxa78KHn6Puj7w9V4.roa
File: bcNtIdUl2Slxa78KHn6Puj7w9V4.roa (raw, json)
Hash identifier: 2+8qGoC/wdWcZJo+IbVl0zGXELWDnXqmgs2s9Ju+jCM=
Subject key identifier: 6D:C3:6D:21:D5:25:D9:29:71:6B:BF:0A:1E:7E:8F:BA:3E:F0:F5:5E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3433
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bcNtIdUl2Slxa78KHn6Puj7w9V4.roa
Signing time: Fri 29 Mar 2024 04:22:04 +0000
ROA not before: Fri 29 Mar 2024 04:22:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13363 (0x3433)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 04:22:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6DC36D21D525D929716BBF0A1E7E8FBA3EF0F55E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:db:c3:30:d4:7b:ac:f9:01:9a:a1:ff:c6:2a:
f0:e3:8c:d1:bf:98:02:17:e1:3e:0e:80:4d:3a:c0:
19:05:e0:a4:1e:a9:02:59:55:38:cd:cb:1b:ae:f2:
1a:7b:5f:d1:32:bd:1a:2d:05:4e:33:1f:5a:8e:15:
a7:a9:90:8b:a9:35:f1:43:bd:6d:4c:0f:89:d3:04:
5e:90:13:9a:09:9b:6b:6c:dd:ce:5d:50:8b:5c:18:
0d:4a:d9:44:7b:99:f3:3c:14:82:4b:90:90:1b:ac:
e6:13:e1:40:91:78:1a:d1:a3:cd:61:5e:94:2b:f6:
d4:fa:c9:07:d1:8b:0f:8a:d1:aa:df:0e:a8:08:81:
87:d8:6a:47:0a:d9:26:80:de:1a:ae:74:07:42:63:
4b:b0:b3:0e:ee:e4:ea:33:1e:7a:04:cf:dd:e3:27:
fd:85:30:41:36:0f:d4:d3:72:3c:78:31:e5:c1:dc:
2d:c5:49:32:0f:9b:a2:4b:90:9f:ab:f6:cb:23:6a:
d9:9e:40:59:5c:a2:78:4d:7e:40:b0:31:7a:27:03:
c5:08:a4:0d:22:8f:90:ae:01:b5:28:12:c3:8d:f6:
16:c3:d3:c5:c5:87:58:ca:23:ee:07:9f:bf:89:9b:
e1:48:06:55:15:26:0d:22:d5:b0:03:09:41:d9:22:
88:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C3:6D:21:D5:25:D9:29:71:6B:BF:0A:1E:7E:8F:BA:3E:F0:F5:5E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bcNtIdUl2Slxa78KHn6Puj7w9V4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ab:5b:21:db:ca:7c:01:d5:07:23:b1:fa:b7:14:ca:ed:60:34:
0c:e1:80:dc:2d:22:4e:99:34:61:cf:54:da:e9:54:0e:d2:0e:
fa:65:37:9d:b5:a9:72:b2:e1:e9:6f:07:29:c5:34:80:b6:60:
3f:8d:f8:6a:d6:b4:4d:54:09:d7:cd:ec:37:4f:54:5f:30:67:
69:3d:25:b8:d4:27:f7:b7:24:88:72:ac:89:fb:5e:90:6e:c8:
b7:f3:ae:14:34:80:e3:b2:ee:ad:ff:89:e0:62:76:b2:ae:a2:
21:37:61:28:b2:35:46:37:e8:69:e0:19:fa:5d:8b:43:46:dd:
3d:3c:fd:4b:a2:5a:e2:d4:0a:67:f8:4b:85:82:51:3d:37:ba:
f8:0b:2f:e8:39:45:f2:22:c5:1a:cb:39:c3:40:9b:ec:98:70:
4a:78:4c:43:72:1e:4c:ea:7f:61:98:1d:e3:f4:48:15:32:02:
0a:48:6a:a7:29:d3:76:b6:e7:e0:23:cf:73:ae:28:5f:66:70:
89:cd:5b:09:0c:07:74:a6:a4:1f:4e:d2:6f:2e:95:c6:24:49:
80:5f:2f:5f:e5:39:6e:95:e4:75:17:d8:a8:4d:5f:73:12:b4:
97:be:02:1f:6a:34:6d:a8:90:99:b4:a9:ac:a5:4f:33:d0:b8:
71:fb:92:d2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNDMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
NDIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZEQzM2RDIxRDUyNUQ5
Mjk3MTZCQkYwQTFFN0U4RkJBM0VGMEY1NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw28Mw1Hus+QGaof/GKvDjjNG/mAIX4T4OgE06wBkF4KQeqQJZ
VTjNyxuu8hp7X9EyvRotBU4zH1qOFaepkIupNfFDvW1MD4nTBF6QE5oJm2ts3c5d
UItcGA1K2UR7mfM8FIJLkJAbrOYT4UCReBrRo81hXpQr9tT6yQfRiw+K0arfDqgI
gYfYakcK2SaA3hqudAdCY0uwsw7u5OozHnoEz93jJ/2FMEE2D9TTcjx4MeXB3C3F
STIPm6JLkJ+r9ssjatmeQFlconhNfkCwMXonA8UIpA0ij5CuAbUoEsON9hbD08XF
h1jKI+4Hn7+Jm+FIBlUVJg0i1bADCUHZIohBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUbcNtIdUl2Slxa78KHn6Puj7w9V4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JjTnRJZFVsMlNseGE3
OEtIbjZQdWo3dzlWNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKtbIdvKfAHVByOx+rcUyu1gNAzhgNwt
Ik6ZNGHPVNrpVA7SDvplN521qXKy4elvBynFNIC2YD+N+GrWtE1UCdfN7DdPVF8w
Z2k9JbjUJ/e3JIhyrIn7XpBuyLfzrhQ0gOOy7q3/ieBidrKuoiE3YSiyNUY36Gng
Gfpdi0NG3T08/UuiWuLUCmf4S4WCUT03uvgLL+g5RfIixRrLOcNAm+yYcEp4TENy
Hkzqf2GYHeP0SBUyAgpIaqcp03a25+Ajz3OuKF9mcInNWwkMB3SmpB9O0m8ulcYk
SYBfL1/lOW6V5HUX2KhNX3MStJe+Ah9qNG2okJm0qaylTzPQuHH7ktI=
-----END CERTIFICATE-----
Generated at Sat Jun 21 08:58:12 2025 by rpki-client