Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sigTUwG4POUBv3Wm89A1TcdxhbI.roa
File: sigTUwG4POUBv3Wm89A1TcdxhbI.roa (raw, json)
Hash identifier: 3VzY7yQhglyo6ykcejmmoZFqE+NkMrdjFi5CvV5C8zI=
Subject key identifier: B2:28:13:53:01:B8:3C:E5:01:BF:75:A6:F3:D0:35:4D:C7:71:85:B2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3543
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sigTUwG4POUBv3Wm89A1TcdxhbI.roa
Signing time: Sat 30 Mar 2024 14:22:08 +0000
ROA not before: Sat 30 Mar 2024 14:22:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13635 (0x3543)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 14:22:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B228135301B83CE501BF75A6F3D0354DC77185B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:09:91:64:c4:04:16:cf:49:4d:16:77:a3:5a:
f3:ba:a6:56:a1:60:46:5f:21:65:93:47:9d:68:98:
a4:70:26:95:22:9a:2d:50:b1:0f:8d:a6:b5:19:5c:
aa:56:13:6e:e1:70:d0:6e:65:66:37:e4:07:90:af:
dc:dc:66:5f:03:67:98:a9:91:a5:ad:c0:2b:1f:f3:
14:da:88:a4:f5:0a:6b:08:86:87:61:b5:9d:ef:f3:
39:c2:68:64:9d:5e:87:51:4b:88:c8:db:f8:24:2b:
1b:32:ef:f5:07:0f:ac:34:9c:ea:64:42:8c:96:07:
8e:75:10:8e:7d:2a:65:e3:da:38:d9:cb:f0:f8:70:
b8:43:f5:4e:35:e1:23:0c:34:0b:b2:c9:f6:07:c9:
ad:3c:a5:3c:38:9b:86:b7:48:94:c7:27:df:5c:c5:
69:73:a8:00:4b:37:fd:5f:e6:47:b0:ae:ca:24:96:
a9:29:f8:6c:6a:e9:3f:9a:af:e4:ce:b1:41:65:ec:
89:47:37:59:7f:9f:97:87:81:50:37:81:3e:33:b4:
61:0d:96:e9:da:5c:02:14:43:6d:7d:9b:5a:86:d6:
81:54:15:af:bb:1c:5f:a1:c9:ca:7a:cf:18:b4:ed:
7e:2c:08:3b:25:c8:fe:e0:21:26:ab:d9:0f:15:7e:
e4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:28:13:53:01:B8:3C:E5:01:BF:75:A6:F3:D0:35:4D:C7:71:85:B2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sigTUwG4POUBv3Wm89A1TcdxhbI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
65:7e:c9:a4:8c:34:e5:fe:cd:6f:f5:0b:13:b4:9c:f7:5a:49:
72:fd:19:38:7e:58:68:09:6a:50:02:b3:ed:e7:e2:2f:22:31:
a9:90:c8:37:66:57:95:c9:f9:9a:75:48:05:5a:ad:4e:d5:b6:
61:70:34:2a:08:f8:82:a3:4d:03:ba:13:a6:2e:44:c1:d7:95:
07:6f:f2:d7:34:68:3d:ef:87:28:40:00:c1:e0:6e:41:c6:18:
12:f8:cd:fc:b1:f4:c2:a2:29:2a:c3:0d:9d:05:63:74:58:9e:
56:3c:bb:eb:f9:24:91:94:db:63:bd:84:03:88:5a:26:35:0f:
81:35:56:e0:f5:41:6a:60:fe:13:4e:88:1e:72:b3:ad:b0:da:
a5:8a:e9:e6:80:d8:45:11:c9:f2:a4:c5:f3:17:85:0d:3b:b0:
c5:af:e5:d2:7b:73:3d:bd:6a:e0:03:8c:13:d6:93:6f:ae:46:
50:d6:29:c5:1f:0a:bd:8f:d2:47:41:fa:5f:36:d3:c7:1f:05:
ff:03:37:fe:67:b2:a2:3b:e6:8a:e6:bd:4b:c7:86:e4:b3:97:
d4:4b:9e:a3:05:46:65:3d:20:5c:4c:14:cb:94:5f:4a:47:e8:
57:9c:2c:33:23:26:42:06:2d:0c:39:81:b7:ad:f4:24:68:b4:
5c:7e:b0:e0
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNUMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
NDIyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIyMjgxMzUzMDFCODND
RTUwMUJGNzVBNkYzRDAzNTREQzc3MTg1QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHCZFkxAQWz0lNFnejWvO6plahYEZfIWWTR51omKRwJpUimi1Q
sQ+NprUZXKpWE27hcNBuZWY35AeQr9zcZl8DZ5ipkaWtwCsf8xTaiKT1CmsIhodh
tZ3v8znCaGSdXodRS4jI2/gkKxsy7/UHD6w0nOpkQoyWB451EI59KmXj2jjZy/D4
cLhD9U414SMMNAuyyfYHya08pTw4m4a3SJTHJ99cxWlzqABLN/1f5kewrsoklqkp
+Gxq6T+ar+TOsUFl7IlHN1l/n5eHgVA3gT4ztGENlunaXAIUQ219m1qG1oFUFa+7
HF+hycp6zxi07X4sCDslyP7gISar2Q8VfuRTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsigTUwG4POUBv3Wm89A1TcdxhbIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NpZ1RVd0c0UE9VQnYz
V204OUExVGNkeGhiSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGV+yaSMNOX+zW/1CxO0nPdaSXL9GTh+
WGgJalACs+3n4i8iMamQyDdmV5XJ+Zp1SAVarU7VtmFwNCoI+IKjTQO6E6YuRMHX
lQdv8tc0aD3vhyhAAMHgbkHGGBL4zfyx9MKiKSrDDZ0FY3RYnlY8u+v5JJGU22O9
hAOIWiY1D4E1VuD1QWpg/hNOiB5ys62w2qWK6eaA2EURyfKkxfMXhQ07sMWv5dJ7
cz29auADjBPWk2+uRlDWKcUfCr2P0kdB+l8208cfBf8DN/5nsqI75ormvUvHhuSz
l9RLnqMFRmU9IFxMFMuUX0pH6FecLDMjJkIGLQw5gbet9CRotFx+sOA=
-----END CERTIFICATE-----
Generated at Tue Jun 17 13:58:27 2025 by rpki-client