Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rT9dyOuFtfOAJpKUnHz8kkFWVaI.roa
File: rT9dyOuFtfOAJpKUnHz8kkFWVaI.roa (raw, json)
Hash identifier: nWN7/VvmWJMa5bdyM7gpbHjt9bfbw2JucdXupywTwe8=
Subject key identifier: AD:3F:5D:C8:EB:85:B5:F3:80:26:92:94:9C:7C:FC:92:41:56:55:A2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3353
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rT9dyOuFtfOAJpKUnHz8kkFWVaI.roa
Signing time: Thu 28 Mar 2024 00:22:03 +0000
ROA not before: Thu 28 Mar 2024 00:22:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13139 (0x3353)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 00:22:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AD3F5DC8EB85B5F3802692949C7CFC92415655A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:55:b0:ea:b4:84:2b:6c:a9:43:f0:e7:71:11:
9c:37:b6:62:66:5e:bc:2c:b1:df:16:4d:4b:43:f5:
aa:83:c2:97:23:fc:eb:8d:93:78:d3:00:30:70:6f:
6a:ec:d8:8c:ba:ae:36:ca:61:90:62:19:37:e5:60:
23:17:b9:e9:9e:e4:58:3b:7d:87:d0:ac:6b:69:fb:
cb:2f:65:0f:38:a8:6a:0d:4d:53:38:d1:99:36:eb:
e4:5b:94:cb:c7:9a:a3:ce:60:92:4b:8e:3d:f1:6c:
66:2a:b6:f4:8b:ce:1d:91:dd:c4:1b:af:23:c3:04:
37:b5:65:67:34:59:b5:8a:c9:55:e1:4f:cf:7d:44:
f7:70:74:a9:93:4e:46:6d:eb:1f:d2:23:84:cc:55:
70:f6:d0:ed:1d:67:e6:14:42:52:81:95:b0:cc:08:
d7:1d:ca:e3:e3:e5:f0:fc:fa:0b:1c:02:cf:55:9b:
73:b8:9d:c6:cc:a4:1f:9e:e9:31:4e:0f:91:3a:36:
51:88:b5:10:94:1b:88:41:b7:a7:99:44:4f:1b:ec:
aa:2f:2f:36:8a:b4:4a:02:c1:89:1f:3b:57:d3:2e:
d4:42:91:d3:ea:0a:82:73:be:c4:e1:63:c5:07:af:
32:4e:11:af:8d:ab:2d:a8:a6:3d:1e:51:49:a5:e9:
6e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:3F:5D:C8:EB:85:B5:F3:80:26:92:94:9C:7C:FC:92:41:56:55:A2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rT9dyOuFtfOAJpKUnHz8kkFWVaI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ba:e3:03:46:27:d9:7e:9e:94:ef:8e:09:df:b2:05:78:6f:fb:
35:e1:5b:d2:1a:e6:d9:e5:f4:a1:da:a0:93:96:14:44:be:de:
0e:56:2d:20:e0:e9:6c:f7:92:54:55:90:0b:18:be:97:3b:b2:
d2:a3:41:6a:71:d8:e8:2a:4d:1b:64:2e:d9:fb:fd:b9:43:7b:
f7:05:c8:79:e9:b0:07:72:d8:a2:c9:02:26:81:40:f7:1a:72:
15:bf:c0:37:b7:76:00:5b:b6:eb:c8:bd:6e:39:42:7c:5e:53:
42:cb:25:f8:0c:21:c2:3f:aa:6c:d5:f7:b7:4b:d2:47:bd:95:
49:00:56:75:c0:c7:b0:bc:4e:81:38:22:ae:b9:ee:c6:f6:dc:
7e:10:02:c6:d2:e3:74:da:91:33:63:03:0f:58:dd:cb:11:1f:
82:98:66:71:e3:4f:b1:03:bc:72:c6:01:13:da:f0:ff:4f:c3:
f4:f5:dd:1b:6e:02:8d:38:74:5b:42:22:cc:72:b9:f5:56:8a:
d4:a1:82:b9:7a:18:03:d5:53:d6:c6:78:fd:d8:07:4b:2a:aa:
6d:1b:1d:96:2a:c5:5b:9d:75:6c:93:9f:b7:96:68:cf:50:dd:
2d:cf:4d:45:51:9b:ed:f4:46:67:ee:a3:7e:c8:bb:9c:11:9f:
66:6e:a8:e6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICM1MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgw
MDIyMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFEM0Y1REM4RUI4NUI1
RjM4MDI2OTI5NDlDN0NGQzkyNDE1NjU1QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEVbDqtIQrbKlD8OdxEZw3tmJmXrwssd8WTUtD9aqDwpcj/OuN
k3jTADBwb2rs2Iy6rjbKYZBiGTflYCMXueme5Fg7fYfQrGtp+8svZQ84qGoNTVM4
0Zk26+RblMvHmqPOYJJLjj3xbGYqtvSLzh2R3cQbryPDBDe1ZWc0WbWKyVXhT899
RPdwdKmTTkZt6x/SI4TMVXD20O0dZ+YUQlKBlbDMCNcdyuPj5fD8+gscAs9Vm3O4
ncbMpB+e6TFOD5E6NlGItRCUG4hBt6eZRE8b7KovLzaKtEoCwYkfO1fTLtRCkdPq
CoJzvsThY8UHrzJOEa+Nqy2opj0eUUml6W6zAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUrT9dyOuFtfOAJpKUnHz8kkFWVaIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JUOWR5T3VGdGZPQUpw
S1VuSHo4a2tGV1ZhSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALrjA0Yn2X6elO+OCd+yBXhv+zXhW9Ia
5tnl9KHaoJOWFES+3g5WLSDg6Wz3klRVkAsYvpc7stKjQWpx2OgqTRtkLtn7/blD
e/cFyHnpsAdy2KLJAiaBQPcachW/wDe3dgBbtuvIvW45QnxeU0LLJfgMIcI/qmzV
97dL0ke9lUkAVnXAx7C8ToE4Iq657sb23H4QAsbS43TakTNjAw9Y3csRH4KYZnHj
T7EDvHLGARPa8P9Pw/T13RtuAo04dFtCIsxyufVWitShgrl6GAPVU9bGeP3YB0sq
qm0bHZYqxVuddWyTn7eWaM9Q3S3PTUVRm+30Rmfuo37Iu5wRn2ZuqOY=
-----END CERTIFICATE-----
Generated at Sun Jun 22 13:32:16 2025 by rpki-client