Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/uE-2CmK_mv4oe5MRf7rT2OcOPx8.roa
File: uE-2CmK_mv4oe5MRf7rT2OcOPx8.roa (raw, json)
Hash identifier: wYI4Vs02CtCkI2fInvh9xQPWRSg6gNcdiVi9Exr41CU=
Subject key identifier: B8:4F:B6:0A:62:BF:9A:FE:28:7B:93:11:7F:BA:D3:D8:E7:0E:3F:1F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4297
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uE-2CmK_mv4oe5MRf7rT2OcOPx8.roa
Signing time: Wed 17 Apr 2024 08:53:00 +0000
ROA not before: Wed 17 Apr 2024 08:53:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17047 (0x4297)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 08:53:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B84FB60A62BF9AFE287B93117FBAD3D8E70E3F1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d6:09:9c:e7:1d:96:40:a8:cf:b7:0f:a6:6f:
f1:9c:b2:8e:e9:d3:65:3b:48:66:11:e0:8e:d6:39:
4d:71:b8:1d:2c:cf:ba:1f:66:94:20:6b:8a:fd:7d:
36:4f:9b:7f:de:89:92:9f:f9:0f:f7:8a:13:17:e1:
22:85:57:be:81:41:7a:e1:bf:9e:3e:89:b7:50:d0:
06:4d:a5:10:ac:a7:77:50:03:f6:2f:7b:5b:8b:92:
c7:22:0a:e2:03:55:b4:7e:38:e6:e0:76:47:bd:6e:
fa:0f:74:c0:4e:27:6c:00:bc:0a:a8:eb:09:56:8a:
61:84:4c:cd:0d:e3:a5:f0:c6:fe:ca:87:47:cb:9d:
d6:56:7f:fc:84:c2:28:06:84:02:3b:5a:5a:51:c0:
f8:38:4e:85:65:5e:07:b3:1e:c4:9e:d9:cd:10:88:
e3:f4:15:f6:6e:35:b3:c7:03:00:86:1d:18:25:1b:
ef:ff:3d:26:6b:03:ee:41:7e:1d:aa:ec:20:1c:74:
b0:80:95:ac:dd:55:8f:8a:67:93:79:94:53:94:07:
20:57:1c:c3:f0:1c:1b:18:e7:78:0a:46:74:f0:f0:
13:c4:81:65:3b:27:fd:d0:52:a6:4a:95:c2:0a:b7:
84:6a:40:cb:7a:ed:24:69:28:cf:a1:40:86:4d:71:
0a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4F:B6:0A:62:BF:9A:FE:28:7B:93:11:7F:BA:D3:D8:E7:0E:3F:1F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uE-2CmK_mv4oe5MRf7rT2OcOPx8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0b:a8:23:dc:12:8c:3b:a9:7e:d0:9e:3a:a1:0f:28:83:7b:0c:
8e:2b:e2:b3:1a:7f:3d:88:6e:0f:62:ce:ff:ab:60:b8:bf:4d:
57:f9:1e:fe:06:b1:94:ab:b2:cd:b1:41:c1:a3:14:25:6b:72:
b9:de:d8:55:cc:53:06:3b:60:62:fd:7f:65:5c:43:d2:0d:5e:
06:47:5e:99:08:f5:49:07:62:8f:7c:2e:96:1c:78:29:a0:03:
14:03:cb:fa:16:a1:ae:66:be:a3:a1:e1:62:e3:6a:df:69:97:
3d:11:f4:63:16:2f:a0:f7:36:11:5c:01:51:28:56:21:5e:8a:
63:5e:33:b7:61:6c:a2:4f:b6:31:21:52:54:9b:83:f4:bd:94:
b3:9e:b9:06:b9:71:c2:75:bc:12:07:17:0e:1b:21:0b:10:85:
9b:8c:2a:fe:14:74:e0:58:5e:0c:0f:d2:5c:dc:cd:e2:50:a8:
85:c3:7c:cb:18:16:79:f7:93:a6:90:8a:c6:db:ad:e1:a3:69:
8c:fe:e9:8d:19:69:08:6e:0e:b6:4b:c7:d5:e1:c1:ac:d8:9e:
38:66:98:9e:b6:33:14:6f:28:ea:36:6c:d6:ff:b3:30:06:52:
09:71:bd:1e:f2:f2:e7:aa:8f:79:33:f2:3e:87:3b:0f:67:b6:
b9:b0:eb:d3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQpcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
ODUzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI4NEZCNjBBNjJCRjlB
RkUyODdCOTMxMTdGQkFEM0Q4RTcwRTNGMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF1gmc5x2WQKjPtw+mb/Gcso7p02U7SGYR4I7WOU1xuB0sz7of
ZpQga4r9fTZPm3/eiZKf+Q/3ihMX4SKFV76BQXrhv54+ibdQ0AZNpRCsp3dQA/Yv
e1uLksciCuIDVbR+OObgdke9bvoPdMBOJ2wAvAqo6wlWimGETM0N46Xwxv7Kh0fL
ndZWf/yEwigGhAI7WlpRwPg4ToVlXgezHsSe2c0QiOP0FfZuNbPHAwCGHRglG+//
PSZrA+5Bfh2q7CAcdLCAlazdVY+KZ5N5lFOUByBXHMPwHBsY53gKRnTw8BPEgWU7
J/3QUqZKlcIKt4RqQMt67SRpKM+hQIZNcQr9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUuE+2CmK/mv4oe5MRf7rT2OcOPx8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3VFLTJDbUtfbXY0b2U1
TVJmN3JUMk9jT1B4OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAuoI9wSjDupftCeOqEPKIN7DI4r4rMa
fz2Ibg9izv+rYLi/TVf5Hv4GsZSrss2xQcGjFCVrcrne2FXMUwY7YGL9f2VcQ9IN
XgZHXpkI9UkHYo98LpYceCmgAxQDy/oWoa5mvqOh4WLjat9plz0R9GMWL6D3NhFc
AVEoViFeimNeM7dhbKJPtjEhUlSbg/S9lLOeuQa5ccJ1vBIHFw4bIQsQhZuMKv4U
dOBYXgwP0lzczeJQqIXDfMsYFnn3k6aQisbbreGjaYz+6Y0ZaQhuDrZLx9XhwazY
njhmmJ62MxRvKOo2bNb/szAGUglxvR7y8ueqj3kz8j6HOw9ntrmw69M=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:54:37 2025 by rpki-client