Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/s5lFFIYVSJ539N-mRZ8VJ6Eeb14.roa
File: s5lFFIYVSJ539N-mRZ8VJ6Eeb14.roa (raw, json)
Hash identifier: cTRWNnUa5C5o+e6Y6nAzyUQS+QEQYFmjVr/TMN+frYI=
Subject key identifier: B3:99:45:14:86:15:48:9E:77:F4:DF:A6:45:9F:15:27:A1:1E:6F:5E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 575F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/s5lFFIYVSJ539N-mRZ8VJ6Eeb14.roa
Signing time: Wed 15 May 2024 01:54:17 +0000
ROA not before: Wed 15 May 2024 01:54:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22367 (0x575f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 01:54:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B39945148615489E77F4DFA6459F1527A11E6F5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6e:70:18:8f:1e:1b:02:ca:9d:17:eb:dc:7a:
6a:f9:4e:f9:67:49:2d:c1:95:c1:ca:b1:97:53:59:
00:f5:97:2b:fe:04:1d:01:0a:ad:69:f2:b8:1a:d1:
44:53:87:0f:4e:60:2d:55:32:46:b1:20:1b:d3:c3:
87:f5:76:79:c6:67:c6:a2:ec:c0:2f:05:b4:a1:07:
03:dd:e0:26:89:88:7b:eb:3a:df:e8:f7:3b:b8:dd:
f4:03:9e:92:d0:d6:06:1e:f7:34:4a:a4:04:81:ff:
f4:4f:63:36:0c:26:64:45:d5:ac:53:45:80:75:48:
2c:0b:c5:f6:a7:6f:8f:2f:3f:b5:83:f1:db:56:6d:
8a:d0:da:ce:6b:43:14:77:32:24:17:6b:9c:31:41:
37:e9:52:35:ca:d0:8f:14:14:f5:ef:29:4a:87:1a:
fe:02:d4:82:96:67:b5:40:c3:38:25:d7:f2:6c:75:
37:b4:69:87:f9:d1:aa:4c:9f:d8:b4:36:6c:95:3e:
03:85:dd:a5:2b:82:1a:07:80:20:37:bb:a8:9f:27:
44:b9:57:a5:2a:51:d8:8c:22:17:28:44:d2:36:56:
91:3d:89:eb:55:58:8c:a2:36:5b:f5:2b:93:97:f9:
1e:92:e5:f2:7a:4f:f9:ae:34:de:ac:3f:49:41:d7:
72:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:99:45:14:86:15:48:9E:77:F4:DF:A6:45:9F:15:27:A1:1E:6F:5E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/s5lFFIYVSJ539N-mRZ8VJ6Eeb14.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0d:22:99:7c:aa:db:3b:74:7e:40:5f:20:7e:82:6b:27:d2:23:
07:1e:99:9f:50:d0:de:4a:e6:2e:44:6a:5d:df:de:06:70:0c:
b7:a3:12:ed:34:2e:f3:78:c8:77:5d:dd:9c:29:41:71:69:ca:
88:bd:54:5f:c6:4e:8e:ef:e8:53:4b:c9:c1:48:56:7b:6c:e2:
e8:c4:d2:75:2c:ba:8a:5d:f8:a1:70:57:93:9b:2d:bf:96:04:
9c:fd:40:c8:04:b6:1e:82:4a:46:fc:94:99:45:a1:b9:88:b7:
21:2c:1d:e5:37:cb:4e:cb:5c:87:0c:c9:71:b1:c4:46:ba:ce:
f5:e9:f7:66:1d:af:4d:de:45:4b:ae:8e:fa:44:ce:28:e3:2e:
46:02:19:bd:95:bc:2b:a2:3c:42:af:e0:a5:fb:9e:0d:8a:21:
cc:2d:c4:18:3a:4d:99:bf:6e:43:bb:4e:21:ae:65:c7:76:cb:
c8:b5:d1:c9:56:29:5e:dc:49:a8:ec:df:ab:0b:b9:ee:32:8c:
ea:51:9a:0b:26:64:3d:e4:74:14:b6:c0:7c:29:bf:e1:ad:5b:
36:ac:81:14:9c:05:87:5b:71:b0:09:a1:d3:86:fb:f7:7d:4a:
b0:4a:b9:2a:bc:9f:76:32:15:f3:3f:e6:2b:d3:58:ad:3b:21:
fc:98:24:12
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICV18wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUw
MTU0MTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIzOTk0NTE0ODYxNTQ4
OUU3N0Y0REZBNjQ1OUYxNTI3QTExRTZGNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDobnAYjx4bAsqdF+vcemr5TvlnSS3BlcHKsZdTWQD1lyv+BB0B
Cq1p8rga0URThw9OYC1VMkaxIBvTw4f1dnnGZ8ai7MAvBbShBwPd4CaJiHvrOt/o
9zu43fQDnpLQ1gYe9zRKpASB//RPYzYMJmRF1axTRYB1SCwLxfanb48vP7WD8dtW
bYrQ2s5rQxR3MiQXa5wxQTfpUjXK0I8UFPXvKUqHGv4C1IKWZ7VAwzgl1/JsdTe0
aYf50apMn9i0NmyVPgOF3aUrghoHgCA3u6ifJ0S5V6UqUdiMIhcoRNI2VpE9ietV
WIyiNlv1K5OX+R6S5fJ6T/muNN6sP0lB13K3AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUs5lFFIYVSJ539N+mRZ8VJ6Eeb14wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3M1bEZGSVlWU0o1MzlO
LW1SWjhWSjZFZWIxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAA0imXyq2zt0fkBfIH6CayfSIwcemZ9Q
0N5K5i5Eal3f3gZwDLejEu00LvN4yHdd3ZwpQXFpyoi9VF/GTo7v6FNLycFIVnts
4ujE0nUsuopd+KFwV5ObLb+WBJz9QMgEth6CSkb8lJlFobmItyEsHeU3y07LXIcM
yXGxxEa6zvXp92Ydr03eRUuujvpEzijjLkYCGb2VvCuiPEKv4KX7ng2KIcwtxBg6
TZm/bkO7TiGuZcd2y8i10clWKV7cSajs36sLue4yjOpRmgsmZD3kdBS2wHwpv+Gt
WzasgRScBYdbcbAJodOG+/d9SrBKuSq8n3YyFfM/5ivTWK07IfyYJBI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:21:26 2025 by rpki-client