Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sO7Eu1E2RQPW01zeLuQyBrcv3UY.roa
File: sO7Eu1E2RQPW01zeLuQyBrcv3UY.roa (raw, json)
Hash identifier: GQzP2OJseBrJxx6iFOGWMe06FUSYWLaUC3rAtvbpk9o=
Subject key identifier: B0:EE:C4:BB:51:36:45:03:D6:D3:5C:DE:2E:E4:32:06:B7:2F:DD:46
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 454B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sO7Eu1E2RQPW01zeLuQyBrcv3UY.roa
Signing time: Sat 20 Apr 2024 23:23:07 +0000
ROA not before: Sat 20 Apr 2024 23:23:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17739 (0x454b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 23:23:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B0EEC4BB51364503D6D35CDE2EE43206B72FDD46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:99:88:2b:d7:f2:ed:04:64:ef:5f:40:46:be:
d9:60:27:cb:f4:33:2b:ef:c9:3d:0c:fe:0d:ab:7d:
36:a3:87:10:69:18:f4:77:0d:c2:8c:03:24:79:79:
87:5a:d2:c2:ba:09:6e:65:67:f2:ca:16:8c:9c:2b:
e3:82:08:dc:75:12:54:55:39:0a:83:a1:a9:0d:3a:
c7:3f:90:c6:69:d1:2c:9b:51:09:17:0c:3e:99:62:
05:00:f1:6f:9b:9d:61:96:d2:94:03:f1:10:de:64:
9e:5c:d0:e4:4d:59:9f:e7:30:ea:01:b8:06:5f:0a:
b9:39:ab:66:89:4e:0d:1f:ae:d6:60:57:79:3c:d9:
51:30:e0:9f:fd:e2:a8:a6:72:0a:20:21:61:df:1b:
f8:12:0c:2c:15:e6:a4:7e:9a:0a:2f:b1:ba:43:6c:
25:ea:de:f1:40:af:16:40:6f:ad:e5:30:82:3c:4b:
ec:1f:40:4b:c6:a0:cf:5b:bf:5e:3f:81:b5:59:98:
d4:bd:a9:16:a1:02:02:a1:f0:30:f3:76:a3:90:da:
0a:44:5b:52:17:ce:c6:ba:fd:66:f5:d9:9b:30:fb:
57:50:eb:39:f4:29:e6:e5:61:87:78:39:db:40:09:
18:66:55:a8:0e:39:72:46:ca:91:a2:ba:ff:55:69:
4b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:EE:C4:BB:51:36:45:03:D6:D3:5C:DE:2E:E4:32:06:B7:2F:DD:46
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sO7Eu1E2RQPW01zeLuQyBrcv3UY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2d:bb:9f:12:f7:46:56:69:74:a7:9e:10:66:b3:a0:d6:80:8b:
56:da:9c:9c:0d:ba:1c:08:73:cc:3b:98:4d:b0:58:c4:16:8c:
1f:55:21:b6:e5:e4:b0:84:70:cf:0c:d5:c9:91:98:97:ff:9f:
6f:e2:b7:0a:23:7f:1f:25:ae:ec:6c:7e:03:04:2d:37:ff:d5:
e6:c9:f3:3c:68:06:92:b8:7b:9c:a3:20:14:dc:d3:88:ac:4b:
3e:8d:94:5b:00:c2:ee:1f:70:7c:b5:e5:b6:67:11:cd:4e:02:
53:1f:10:12:7f:82:87:fc:e9:bb:13:87:9b:c3:e2:3b:cd:6e:
81:fc:72:57:cb:8d:ad:fe:7c:3e:5c:5c:9b:00:3a:b7:48:90:
bd:d3:6e:51:ef:80:5f:a4:5a:02:d7:d8:8c:71:35:90:ca:66:
83:7c:a1:17:61:8e:19:d9:cb:cf:19:85:e1:26:7c:c5:f5:c2:
8e:e6:ea:71:a9:d6:9f:22:78:86:ca:f5:78:d7:62:66:2d:fc:
c6:e9:a8:b6:7d:85:74:0c:e6:d9:ce:c3:73:ee:db:46:fa:34:
e5:c6:82:da:99:7f:88:c9:8c:c2:f6:6a:66:0b:ed:38:37:29:
52:33:ec:63:71:1b:17:bd:55:14:6a:bb:bb:e3:b1:f7:00:3a:
84:37:db:9d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRUswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAy
MzIzMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIwRUVDNEJCNTEzNjQ1
MDNENkQzNUNERTJFRTQzMjA2QjcyRkRENDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGmYgr1/LtBGTvX0BGvtlgJ8v0MyvvyT0M/g2rfTajhxBpGPR3
DcKMAyR5eYda0sK6CW5lZ/LKFoycK+OCCNx1ElRVOQqDoakNOsc/kMZp0SybUQkX
DD6ZYgUA8W+bnWGW0pQD8RDeZJ5c0ORNWZ/nMOoBuAZfCrk5q2aJTg0frtZgV3k8
2VEw4J/94qimcgogIWHfG/gSDCwV5qR+mgovsbpDbCXq3vFArxZAb63lMII8S+wf
QEvGoM9bv14/gbVZmNS9qRahAgKh8DDzdqOQ2gpEW1IXzsa6/Wb12Zsw+1dQ6zn0
KeblYYd4OdtACRhmVagOOXJGypGiuv9VaUsPAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsO7Eu1E2RQPW01zeLuQyBrcv3UYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NPN0V1MUUyUlFQVzAx
emVMdVF5QnJjdjNVWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAC27nxL3RlZpdKeeEGazoNaAi1banJwN
uhwIc8w7mE2wWMQWjB9VIbbl5LCEcM8M1cmRmJf/n2/itwojfx8lruxsfgMELTf/
1ebJ8zxoBpK4e5yjIBTc04isSz6NlFsAwu4fcHy15bZnEc1OAlMfEBJ/gof86bsT
h5vD4jvNboH8clfLja3+fD5cXJsAOrdIkL3TblHvgF+kWgLX2IxxNZDKZoN8oRdh
jhnZy88ZheEmfMX1wo7m6nGp1p8ieIbK9XjXYmYt/MbpqLZ9hXQM5tnOw3Pu20b6
NOXGgtqZf4jJjML2amYL7Tg3KVIz7GNxGxe9VRRqu7vjsfcAOoQ3250=
-----END CERTIFICATE-----
Generated at Fri Jun 20 16:29:31 2025 by rpki-client