Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/uo6BbO6i2CHwxbD2nx3FdqF0Qac.roa
File: uo6BbO6i2CHwxbD2nx3FdqF0Qac.roa (raw, json)
Hash identifier: RFEhA6HKRAHmMjby5TaRKP9eL64c2hhyVNNAm9ZMzNA=
Subject key identifier: BA:8E:81:6C:EE:A2:D8:21:F0:C5:B0:F6:9F:1D:C5:76:A1:74:41:A7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 523B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uo6BbO6i2CHwxbD2nx3FdqF0Qac.roa
Signing time: Wed 08 May 2024 05:23:56 +0000
ROA not before: Wed 08 May 2024 05:23:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21051 (0x523b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 05:23:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BA8E816CEEA2D821F0C5B0F69F1DC576A17441A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ff:d0:89:9e:2a:c5:9d:e2:b7:32:5b:d1:86:
43:c6:09:07:2a:4b:b1:e9:a2:94:b6:70:2d:cb:e8:
e0:78:fa:0e:a3:48:8a:67:14:f1:4d:fa:85:ec:f9:
20:95:5e:1f:7e:fc:c4:8b:de:99:87:19:f1:c9:42:
09:24:2c:15:75:32:68:c4:c1:c8:62:00:34:a3:27:
c8:12:1e:a9:7a:93:bc:e0:48:38:96:23:77:03:6d:
f1:0c:3a:bb:d4:07:50:e8:11:e0:3a:0c:79:3f:e0:
fe:99:df:c6:98:78:ed:09:69:2c:01:fa:6c:77:e9:
52:53:f9:7d:94:fa:eb:cd:01:3e:cd:4c:d4:20:1e:
aa:51:51:97:8f:01:b4:9e:59:ae:ce:c2:f4:e3:cb:
6a:3f:5f:0d:a8:87:33:4c:8b:14:29:91:d8:cd:10:
a5:a7:e4:73:e1:c5:bb:89:f4:20:21:ef:1d:d2:60:
f4:d0:76:d0:a1:89:3c:9f:31:18:2e:67:db:db:74:
9c:2b:e0:c5:9f:ba:c9:8d:f1:98:58:55:17:8a:57:
c4:ad:39:0b:15:53:84:2d:b5:52:c0:38:84:4d:58:
30:2a:be:34:a0:07:60:0d:56:27:7f:62:83:b2:36:
d1:79:5f:f0:98:7d:a1:4b:4f:83:ae:32:f4:75:c4:
a0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:8E:81:6C:EE:A2:D8:21:F0:C5:B0:F6:9F:1D:C5:76:A1:74:41:A7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uo6BbO6i2CHwxbD2nx3FdqF0Qac.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b4:60:68:87:57:74:9c:5e:09:15:8b:c8:c5:52:33:32:45:d6:
33:6b:bc:c5:73:40:e9:72:71:9d:92:6d:38:8b:c2:74:5e:04:
e3:e8:d8:b9:90:d4:d9:e8:34:98:44:f3:f7:f7:2c:c3:0f:b2:
04:61:37:82:31:a0:38:23:0c:51:40:ec:32:95:d0:66:99:88:
1e:c3:a0:9b:c1:b0:69:07:c7:b4:73:d2:b6:d5:ff:c4:f8:c3:
9c:22:9b:d1:b6:9b:8c:fb:2d:3c:c0:53:a4:00:7c:4a:8d:7b:
a8:8e:0d:a8:1f:58:d1:cf:0c:90:13:d0:02:e9:f3:d6:0e:8a:
b7:f3:8c:55:f1:d7:54:23:3f:96:a3:7c:c0:db:88:4c:c1:c9:
ee:c5:f2:44:e8:76:6c:a8:96:df:2c:1b:6f:ae:11:86:7e:f0:
c9:2e:5f:2d:c7:89:ca:06:b0:cd:ed:ef:fd:6c:87:83:3b:50:
f6:e1:6b:52:1c:db:9b:3e:0e:dd:82:e9:d4:a6:ba:42:d8:89:
fa:0c:a7:a0:d4:5d:db:d6:8e:3b:e3:bb:7d:ce:db:42:52:d9:
9d:a8:f0:11:0a:3b:dc:58:27:42:20:7b:29:14:7d:d4:48:98:
13:02:ac:a6:dd:59:65:35:1e:c9:2a:c8:ef:39:31:33:10:3b:
61:0d:0a:8b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUjswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw
NTIzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJBOEU4MTZDRUVBMkQ4
MjFGMEM1QjBGNjlGMURDNTc2QTE3NDQxQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+/9CJnirFneK3MlvRhkPGCQcqS7HpopS2cC3L6OB4+g6jSIpn
FPFN+oXs+SCVXh9+/MSL3pmHGfHJQgkkLBV1MmjEwchiADSjJ8gSHql6k7zgSDiW
I3cDbfEMOrvUB1DoEeA6DHk/4P6Z38aYeO0JaSwB+mx36VJT+X2U+uvNAT7NTNQg
HqpRUZePAbSeWa7OwvTjy2o/Xw2ohzNMixQpkdjNEKWn5HPhxbuJ9CAh7x3SYPTQ
dtChiTyfMRguZ9vbdJwr4MWfusmN8ZhYVReKV8StOQsVU4QttVLAOIRNWDAqvjSg
B2ANVid/YoOyNtF5X/CYfaFLT4OuMvR1xKDbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUuo6BbO6i2CHwxbD2nx3FdqF0QacwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3VvNkJiTzZpMkNId3hi
RDJueDNGZHFGMFFhYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALRgaIdXdJxeCRWLyMVSMzJF1jNrvMVz
QOlycZ2SbTiLwnReBOPo2LmQ1NnoNJhE8/f3LMMPsgRhN4IxoDgjDFFA7DKV0GaZ
iB7DoJvBsGkHx7Rz0rbV/8T4w5wim9G2m4z7LTzAU6QAfEqNe6iODagfWNHPDJAT
0ALp89YOirfzjFXx11QjP5ajfMDbiEzBye7F8kTodmyolt8sG2+uEYZ+8MkuXy3H
icoGsM3t7/1sh4M7UPbha1Ic25s+Dt2C6dSmukLYifoMp6DUXdvWjjvju33O20JS
2Z2o8BEKO9xYJ0IgeykUfdRImBMCrKbdWWU1HskqyO85MTMQO2ENCos=
-----END CERTIFICATE-----
Generated at Sat Jun 21 06:54:10 2025 by rpki-client