Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/gkarLVmuT5x0vU-5fM7ZoqmDadg.roa
File: gkarLVmuT5x0vU-5fM7ZoqmDadg.roa (raw, json)
Hash identifier: x3L61dtwZx2vFYSTaPZnGtyOJAjl9iEW6LdxnoPp+qk=
Subject key identifier: 82:46:AB:2D:59:AE:4F:9C:74:BD:4F:B9:7C:CE:D9:A2:A9:83:69:D8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C2F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gkarLVmuT5x0vU-5fM7ZoqmDadg.roa
Signing time: Mon 08 Apr 2024 19:53:00 +0000
ROA not before: Mon 08 Apr 2024 19:53:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15407 (0x3c2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 19:53:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8246AB2D59AE4F9C74BD4FB97CCED9A2A98369D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9c:20:7d:7f:cf:38:d0:28:5b:cb:f0:0e:51:
be:a7:0d:86:f4:d8:5c:e0:53:2d:6b:60:b8:11:4e:
c6:9c:3e:61:74:f9:58:97:f1:81:91:6a:8c:cf:32:
d2:a0:0f:28:bb:58:82:11:35:42:81:73:5e:ec:42:
49:6f:b7:8c:e1:2c:36:d8:dd:39:14:c7:b0:13:17:
50:c8:86:76:43:a3:f4:9a:35:35:68:5a:19:3d:72:
49:6f:c6:16:92:05:74:6b:62:bb:55:20:89:7d:2e:
b5:3c:ae:23:00:76:1f:3d:dc:f9:c9:12:ba:7c:04:
f3:27:b6:ce:b5:e2:70:a1:49:0a:fa:fe:aa:ca:71:
65:9e:1e:83:c4:2a:d1:ec:23:82:52:96:0e:05:9a:
aa:da:ab:5f:ad:b2:19:4b:26:33:9e:eb:29:b7:cd:
b0:c0:26:2e:d6:61:dc:2d:59:4d:0d:94:8d:ef:75:
1a:f3:b3:77:d9:73:17:c3:b8:0c:c9:6a:43:f1:39:
e1:43:20:2f:72:fa:f8:5f:83:c9:80:4f:2d:6b:56:
f1:58:c9:a8:ca:c4:85:cb:75:5f:e5:4f:5a:7d:2d:
97:62:18:2c:e3:4c:ae:c8:b4:a7:4a:7c:b1:47:f7:
66:0f:9f:73:39:da:3f:f4:41:94:7d:0e:2c:62:5a:
e0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:46:AB:2D:59:AE:4F:9C:74:BD:4F:B9:7C:CE:D9:A2:A9:83:69:D8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gkarLVmuT5x0vU-5fM7ZoqmDadg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a0:c9:44:10:54:4b:47:73:11:1f:c4:57:05:73:ce:4f:34:a5:
d1:6a:90:9b:ee:1a:82:25:f9:ea:cc:92:16:cf:e0:f1:13:8d:
e5:be:fe:a3:a3:e9:69:1a:07:fc:71:e8:23:f5:39:cc:9b:13:
4c:bf:ca:7b:37:ec:ae:3b:5b:0b:bb:89:83:c4:47:56:8d:cf:
fd:6f:57:ab:ee:0d:3e:e4:fb:c0:4f:93:01:ac:30:ba:d5:13:
54:c1:c2:49:35:c2:09:d3:45:f9:63:4e:ae:bd:f6:b3:15:71:
8a:36:02:94:5f:fb:86:0e:39:ec:12:81:d4:64:62:f7:c3:01:
dc:b6:c4:12:9d:45:50:8b:ce:3e:4e:97:37:8d:65:0a:9c:94:
a5:92:8c:a9:55:97:e4:d4:bb:85:42:63:bc:85:fe:1c:7c:55:
84:e9:00:4b:12:82:11:49:c5:8b:64:1c:db:6f:40:e6:5e:c5:
13:7e:ab:b0:95:b3:3a:73:af:c4:04:d7:53:08:f4:1d:ca:7c:
b3:8f:fc:28:9d:73:b2:81:96:ec:7b:39:15:43:d7:7f:43:a7:
45:39:df:e0:ee:bb:3b:cc:43:c1:e2:f3:78:cc:87:f1:6d:2e:
f0:8b:55:f3:05:9f:26:74:e9:1f:ed:d7:27:70:06:7a:fd:83:
e6:2c:9a:a0
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPC8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgx
OTUzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgyNDZBQjJENTlBRTRG
OUM3NEJENEZCOTdDQ0VEOUEyQTk4MzY5RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4nCB9f8840Chby/AOUb6nDYb02FzgUy1rYLgRTsacPmF0+ViX
8YGRaozPMtKgDyi7WIIRNUKBc17sQklvt4zhLDbY3TkUx7ATF1DIhnZDo/SaNTVo
Whk9cklvxhaSBXRrYrtVIIl9LrU8riMAdh893PnJErp8BPMnts614nChSQr6/qrK
cWWeHoPEKtHsI4JSlg4Fmqraq1+tshlLJjOe6ym3zbDAJi7WYdwtWU0NlI3vdRrz
s3fZcxfDuAzJakPxOeFDIC9y+vhfg8mATy1rVvFYyajKxIXLdV/lT1p9LZdiGCzj
TK7ItKdKfLFH92YPn3M52j/0QZR9DixiWuDjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUgkarLVmuT5x0vU+5fM7ZoqmDadgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2drYXJMVm11VDV4MHZV
LTVmTTdab3FtRGFkZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKDJRBBUS0dzER/EVwVzzk80pdFqkJvu
GoIl+erMkhbP4PETjeW+/qOj6WkaB/xx6CP1OcybE0y/yns37K47Wwu7iYPER1aN
z/1vV6vuDT7k+8BPkwGsMLrVE1TBwkk1wgnTRfljTq699rMVcYo2ApRf+4YOOewS
gdRkYvfDAdy2xBKdRVCLzj5OlzeNZQqclKWSjKlVl+TUu4VCY7yF/hx8VYTpAEsS
ghFJxYtkHNtvQOZexRN+q7CVszpzr8QE11MI9B3KfLOP/Cidc7KBlux7ORVD139D
p0U53+DuuzvMQ8Hi83jMh/FtLvCLVfMFnyZ06R/t1ydwBnr9g+YsmqA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:28:28 2025 by rpki-client