Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/usja8KLm4f5pDUyNFzdBdd6Ol_8.roa
File: usja8KLm4f5pDUyNFzdBdd6Ol_8.roa (raw, json)
Hash identifier: ZnNoQjQksEoBGQpr5b/drnDlHOGVej3cCVs/MTxcu4M=
Subject key identifier: BA:C8:DA:F0:A2:E6:E1:FE:69:0D:4C:8D:17:37:41:75:DE:8E:97:FF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 54DB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/usja8KLm4f5pDUyNFzdBdd6Ol_8.roa
Signing time: Sat 11 May 2024 17:24:03 +0000
ROA not before: Sat 11 May 2024 17:24:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21723 (0x54db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 17:24:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BAC8DAF0A2E6E1FE690D4C8D17374175DE8E97FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:84:9f:ea:06:92:b0:6d:dc:b0:66:ea:f4:66:
5a:f8:50:72:e4:c0:56:af:c0:04:32:35:b4:89:89:
28:16:d8:e4:c8:78:53:2c:14:95:bb:0e:cf:d9:cf:
a6:f0:93:77:ef:0d:25:26:b2:6c:3b:81:ad:d7:ed:
4d:cc:e4:58:f3:a9:25:81:32:f1:65:43:28:e4:5c:
68:cc:52:ba:f4:15:2a:64:2e:ba:c4:c1:2e:65:0f:
5e:29:19:69:ec:c3:d9:64:18:96:21:f2:36:74:88:
e2:bf:ed:12:8f:97:79:11:f1:9f:fd:5f:cc:ec:0f:
6c:cb:5d:cd:fb:6d:c2:fc:16:26:de:32:ee:52:bd:
d6:ef:b6:e1:98:f0:94:4f:95:f9:de:51:5b:71:63:
e0:59:b0:53:df:77:b8:20:90:db:cb:7d:ca:8a:7a:
14:c0:95:44:ff:2b:99:a5:31:9a:d4:d9:07:06:3c:
e3:bc:40:a4:a3:bd:d9:a2:47:2e:3a:dd:ff:31:5a:
ef:92:22:9b:ad:ef:86:22:46:f0:52:75:31:ba:c7:
c5:7d:4b:20:c4:6d:07:15:89:14:eb:41:30:b0:51:
3c:20:03:55:07:28:f6:b6:07:0c:1d:97:41:44:de:
f8:a9:24:19:5d:3f:49:3a:49:4a:7a:f5:51:a5:e0:
9a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C8:DA:F0:A2:E6:E1:FE:69:0D:4C:8D:17:37:41:75:DE:8E:97:FF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/usja8KLm4f5pDUyNFzdBdd6Ol_8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6f:3e:31:71:10:dd:98:0c:e0:17:3d:9c:23:8d:a3:bb:41:ce:
2a:20:bd:58:b4:83:a8:0b:65:43:e3:6f:3f:28:27:03:e2:98:
fa:41:97:28:af:e4:aa:c2:2a:0c:03:0e:a5:61:ad:20:3e:d0:
34:5c:f0:36:60:e0:65:22:3d:30:ec:c3:e5:84:a6:ca:e7:81:
71:c5:b5:a6:a0:7c:66:b2:8b:09:2a:91:b1:bd:af:d4:22:0b:
9f:69:8d:88:4f:89:0f:a9:fa:ac:d0:22:94:37:f1:e6:93:9b:
5d:4e:e0:26:f4:66:97:28:1c:81:67:85:34:13:bf:26:49:76:
37:5f:5e:87:24:c1:14:98:8e:9f:db:3a:88:70:95:21:ae:3a:
8c:24:4d:0c:f6:e4:5e:5c:e8:15:af:f7:1e:31:18:24:13:85:
0d:b3:41:31:f6:13:99:51:82:bd:02:f0:26:23:05:cc:12:14:
96:79:26:5a:32:84:c9:4c:d4:e5:39:ea:47:3c:04:d7:bb:5c:
a2:94:96:9d:76:40:f3:30:ae:da:5b:2c:18:6d:7c:df:a7:41:
0f:a5:db:36:a6:c0:84:a1:a6:78:04:29:81:c7:ae:4c:02:59:
81:6d:41:85:e0:5b:5f:b5:d0:f1:64:0a:c2:86:f1:d2:6e:a3:
49:76:ab:92
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVNswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEx
NzI0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJBQzhEQUYwQTJFNkUx
RkU2OTBENEM4RDE3Mzc0MTc1REU4RTk3RkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5hJ/qBpKwbdywZur0Zlr4UHLkwFavwAQyNbSJiSgW2OTIeFMs
FJW7Ds/Zz6bwk3fvDSUmsmw7ga3X7U3M5FjzqSWBMvFlQyjkXGjMUrr0FSpkLrrE
wS5lD14pGWnsw9lkGJYh8jZ0iOK/7RKPl3kR8Z/9X8zsD2zLXc37bcL8FibeMu5S
vdbvtuGY8JRPlfneUVtxY+BZsFPfd7ggkNvLfcqKehTAlUT/K5mlMZrU2QcGPOO8
QKSjvdmiRy463f8xWu+SIput74YiRvBSdTG6x8V9SyDEbQcViRTrQTCwUTwgA1UH
KPa2Bwwdl0FE3vipJBldP0k6SUp69VGl4JrHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUusja8KLm4f5pDUyNFzdBdd6Ol/8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3VzamE4S0xtNGY1cERV
eU5GemRCZGQ2T2xfOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAG8+MXEQ3ZgM4Bc9nCONo7tBziogvVi0
g6gLZUPjbz8oJwPimPpBlyiv5KrCKgwDDqVhrSA+0DRc8DZg4GUiPTDsw+WEpsrn
gXHFtaagfGayiwkqkbG9r9QiC59pjYhPiQ+p+qzQIpQ38eaTm11O4Cb0ZpcoHIFn
hTQTvyZJdjdfXockwRSYjp/bOohwlSGuOowkTQz25F5c6BWv9x4xGCQThQ2zQTH2
E5lRgr0C8CYjBcwSFJZ5JloyhMlM1OU56kc8BNe7XKKUlp12QPMwrtpbLBhtfN+n
QQ+l2zamwIShpngEKYHHrkwCWYFtQYXgW1+10PFkCsKG8dJuo0l2q5I=
-----END CERTIFICATE-----
Generated at Sun Jun 22 12:08:43 2025 by rpki-client