Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tRt11KGBIwnFXcpgnKmo4lgU-ss.roa
File: tRt11KGBIwnFXcpgnKmo4lgU-ss.roa (raw, json)
Hash identifier: m7sIj4pCsuLYp0POK6afPtx/CgOrlRjuZUXq18bsdK0=
Subject key identifier: B5:1B:75:D4:A1:81:23:09:C5:5D:CA:60:9C:A9:A8:E2:58:14:FA:CB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FE3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tRt11KGBIwnFXcpgnKmo4lgU-ss.roa
Signing time: Sat 13 Apr 2024 18:22:50 +0000
ROA not before: Sat 13 Apr 2024 18:22:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16355 (0x3fe3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 18:22:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B51B75D4A1812309C55DCA609CA9A8E25814FACB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:99:5b:cd:8f:79:6e:64:14:98:5e:47:c1:be:
c7:6b:86:4b:cd:a2:ba:64:f0:62:d4:b5:c6:df:29:
6f:84:85:b6:77:70:90:b5:76:cb:d0:b9:5c:e0:ee:
40:5e:01:56:7b:76:f8:00:a6:e6:ea:90:58:6d:02:
1a:ad:a1:4d:b4:bb:73:37:42:49:d9:c6:a3:19:a4:
9b:d5:59:92:3d:5b:a1:f7:5e:88:51:da:8e:f3:ef:
5d:2e:00:39:6b:ef:ff:1d:f9:10:8c:5c:32:e3:e2:
ab:f9:3c:e6:15:0a:4c:96:52:2a:81:2f:b4:eb:60:
18:31:7f:d9:ef:71:ca:01:ca:12:49:b6:c8:6a:25:
8e:a0:8e:19:2e:c0:c2:ec:30:93:35:d3:7e:40:75:
fb:4d:83:15:9c:11:51:c4:55:3d:5e:87:6a:31:1d:
fb:f9:d6:d4:d5:a3:96:ae:c6:fd:f5:85:5e:a9:f7:
12:72:a8:02:0e:48:2c:8f:a2:56:9e:ee:43:7e:0d:
d0:a7:54:73:4b:ed:7b:60:92:88:6f:e9:4b:a4:8a:
02:2c:20:53:1d:9a:30:ac:c7:9a:87:30:1d:c1:79:
1f:19:07:4b:00:4f:5f:65:9a:93:d6:cd:1f:e0:a7:
40:b9:8b:3a:d9:51:c1:08:4c:91:40:c1:a7:52:ff:
4f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:1B:75:D4:A1:81:23:09:C5:5D:CA:60:9C:A9:A8:E2:58:14:FA:CB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tRt11KGBIwnFXcpgnKmo4lgU-ss.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b8:95:f7:c9:99:dc:3e:a2:d4:62:fe:e3:ac:92:28:4d:01:a5:
67:17:8d:7e:e2:e9:5e:b2:c7:8d:8e:4f:6a:37:e5:3d:25:14:
6c:ab:8e:2a:6b:a3:17:db:71:ff:58:cc:6b:b8:bb:f9:61:c1:
b0:27:6b:70:20:d9:50:a6:42:6d:ce:80:1a:ca:4f:da:02:7c:
e8:da:40:d8:12:df:22:da:7e:b7:b7:3a:11:70:ac:fc:88:10:
ea:f0:88:d2:c2:69:72:e2:cd:f7:0e:3a:67:aa:90:80:16:f4:
e8:fd:18:49:f5:de:4e:2d:07:58:24:f3:e3:9e:f6:6d:49:57:
72:48:a1:81:ab:ae:3d:e5:03:b8:cb:83:66:89:fa:16:2b:d0:
a8:cb:57:eb:2c:02:33:f5:fe:85:67:f2:a7:ff:02:1c:0e:d1:
3e:05:25:96:ff:9b:63:74:d1:ed:f3:5f:3e:61:8a:30:b4:81:
6f:f9:12:5c:bd:c6:dd:29:8c:94:64:4f:3e:34:27:cd:6b:7b:
74:6a:4e:31:90:88:d0:02:4b:79:fd:3b:bf:4f:8b:ba:9b:a6:
19:7b:9d:85:d8:6f:7f:eb:9e:d9:ee:63:fd:34:a1:a1:ca:74:
9e:60:17:89:92:57:a9:ae:1a:d7:bb:d2:d3:b5:eb:ba:e6:9f:
3f:5a:60:a9
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICP+MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
ODIyNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI1MUI3NUQ0QTE4MTIz
MDlDNTVEQ0E2MDlDQTlBOEUyNTgxNEZBQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLmVvNj3luZBSYXkfBvsdrhkvNorpk8GLUtcbfKW+EhbZ3cJC1
dsvQuVzg7kBeAVZ7dvgApubqkFhtAhqtoU20u3M3QknZxqMZpJvVWZI9W6H3XohR
2o7z710uADlr7/8d+RCMXDLj4qv5POYVCkyWUiqBL7TrYBgxf9nvccoByhJJtshq
JY6gjhkuwMLsMJM1035AdftNgxWcEVHEVT1eh2oxHfv51tTVo5auxv31hV6p9xJy
qAIOSCyPolae7kN+DdCnVHNL7Xtgkohv6UukigIsIFMdmjCsx5qHMB3BeR8ZB0sA
T19lmpPWzR/gp0C5izrZUcEITJFAwadS/093AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUtRt11KGBIwnFXcpgnKmo4lgU+sswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RSdDExS0dCSXduRlhj
cGduS21vNGxnVS1zcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALiV98mZ3D6i1GL+46ySKE0BpWcXjX7i
6V6yx42OT2o35T0lFGyrjiproxfbcf9YzGu4u/lhwbAna3Ag2VCmQm3OgBrKT9oC
fOjaQNgS3yLafre3OhFwrPyIEOrwiNLCaXLizfcOOmeqkIAW9Oj9GEn13k4tB1gk
8+Oe9m1JV3JIoYGrrj3lA7jLg2aJ+hYr0KjLV+ssAjP1/oVn8qf/AhwO0T4FJZb/
m2N00e3zXz5hijC0gW/5Ely9xt0pjJRkTz40J81re3RqTjGQiNACS3n9O79Pi7qb
phl7nYXYb3/rntnuY/00oaHKdJ5gF4mSV6muGte70tO167rmnz9aYKk=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:08:15 2025 by rpki-client