Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/v6Ezp-uwUz-sbPCLrqd54gb14AA.roa
File: v6Ezp-uwUz-sbPCLrqd54gb14AA.roa (raw, json)
Hash identifier: cloANaA1dk9pOhIsUTl1ffA6CsM2TTv/XvW+4rPz/RU=
Subject key identifier: BF:A1:33:A7:EB:B0:53:3F:AC:6C:F0:8B:AE:A7:79:E2:06:F5:E0:00
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5797
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/v6Ezp-uwUz-sbPCLrqd54gb14AA.roa
Signing time: Wed 15 May 2024 08:54:11 +0000
ROA not before: Wed 15 May 2024 08:54:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22423 (0x5797)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 08:54:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BFA133A7EBB0533FAC6CF08BAEA779E206F5E000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8a:ee:98:c6:4c:b3:12:b2:3f:dc:47:05:71:
9e:e5:1c:b6:96:db:2d:84:db:a7:9f:d9:76:08:9b:
12:83:00:1b:ed:5b:05:ea:e7:ce:2c:9c:95:fd:e1:
71:77:c5:95:bb:f7:20:6e:a6:2c:ce:24:fa:f8:fe:
b7:d8:07:d7:04:af:ba:7e:79:f4:86:43:4f:23:86:
c4:96:6e:66:81:7b:32:25:6d:af:67:e7:de:8b:72:
50:91:33:00:b4:18:0c:dc:91:50:11:57:e6:58:a6:
d3:94:a1:8a:84:71:8a:47:f2:81:f0:7c:3e:91:b2:
09:fc:70:66:ca:df:97:80:e8:2f:32:40:85:6a:dc:
6e:5b:d4:f1:8d:ee:be:76:40:27:9c:cb:d6:b9:89:
50:d5:51:82:c3:29:f0:7c:65:e2:b7:04:e1:de:4a:
f3:41:69:3a:92:e0:74:64:e4:8c:d3:68:8b:fb:1f:
8b:ba:7b:84:6f:55:d7:65:ec:8f:de:71:e0:fb:3a:
db:ff:09:84:06:19:35:a4:66:59:ab:d4:29:37:89:
14:74:42:ac:7b:e8:f8:84:a8:74:09:74:88:30:89:
be:8a:8c:a9:df:3d:c7:14:27:3f:a5:6b:e2:d6:33:
fe:f1:5b:45:27:56:75:c6:6a:d0:d2:92:a7:48:6e:
5c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A1:33:A7:EB:B0:53:3F:AC:6C:F0:8B:AE:A7:79:E2:06:F5:E0:00
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/v6Ezp-uwUz-sbPCLrqd54gb14AA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
85:fc:bd:9c:b5:4f:89:24:9d:0d:89:a7:77:5b:f3:85:19:21:
fb:e7:67:4f:d7:e6:c0:99:e7:67:7c:99:8b:ed:dc:06:9a:0d:
f0:04:75:7b:4c:b2:d7:94:6e:1d:c0:0c:6b:3c:8d:7e:40:fc:
8c:d9:24:ca:e4:0f:14:a5:89:0c:ae:1b:84:6e:31:da:06:86:
d8:d4:2b:8a:8a:61:df:8a:62:31:a5:0a:df:b9:b7:ce:14:41:
3f:0d:0f:44:23:92:b7:74:1e:9f:48:32:cd:27:c0:1a:14:63:
f9:11:c0:4f:7f:2b:c5:37:fd:1d:24:c4:28:e1:2a:9c:48:c7:
59:7d:b4:4b:66:a9:fa:94:88:ee:3e:12:cb:80:cb:be:ee:c1:
ea:4f:4d:b2:1a:1c:94:6c:a1:bf:f5:3a:ad:48:1c:7c:46:61:
0a:f4:65:cf:30:ff:e5:77:8c:84:b3:4d:c3:2f:bf:00:fd:7d:
80:53:9b:ea:a5:db:1a:d9:30:45:19:0e:0d:83:af:3f:ae:36:
a8:c1:89:b3:b4:dd:89:2c:49:d2:9e:c8:3e:0c:8e:c2:25:e2:
b5:3e:55:b9:9d:20:74:75:cb:86:e7:8e:61:e6:e1:96:c8:4b:
b8:68:9e:c3:ca:fc:2e:df:4a:61:74:0a:8a:51:50:fe:cd:09:
31:45:1e:19
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICV5cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUw
ODU0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJGQTEzM0E3RUJCMDUz
M0ZBQzZDRjA4QkFFQTc3OUUyMDZGNUUwMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdiu6YxkyzErI/3EcFcZ7lHLaW2y2E26ef2XYImxKDABvtWwXq
584snJX94XF3xZW79yBupizOJPr4/rfYB9cEr7p+efSGQ08jhsSWbmaBezIlba9n
596LclCRMwC0GAzckVARV+ZYptOUoYqEcYpH8oHwfD6Rsgn8cGbK35eA6C8yQIVq
3G5b1PGN7r52QCecy9a5iVDVUYLDKfB8ZeK3BOHeSvNBaTqS4HRk5IzTaIv7H4u6
e4RvVddl7I/eceD7Otv/CYQGGTWkZlmr1Ck3iRR0Qqx76PiEqHQJdIgwib6KjKnf
PccUJz+la+LWM/7xW0UnVnXGatDSkqdIblyHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUv6Ezp+uwUz+sbPCLrqd54gb14AAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3Y2RXpwLXV3VXotc2JQ
Q0xycWQ1NGdiMTRBQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIX8vZy1T4kknQ2Jp3db84UZIfvnZ0/X
5sCZ52d8mYvt3AaaDfAEdXtMsteUbh3ADGs8jX5A/IzZJMrkDxSliQyuG4RuMdoG
htjUK4qKYd+KYjGlCt+5t84UQT8ND0Qjkrd0Hp9IMs0nwBoUY/kRwE9/K8U3/R0k
xCjhKpxIx1l9tEtmqfqUiO4+EsuAy77uwepPTbIaHJRsob/1Oq1IHHxGYQr0Zc8w
/+V3jISzTcMvvwD9fYBTm+ql2xrZMEUZDg2Drz+uNqjBibO03YksSdKeyD4MjsIl
4rU+VbmdIHR1y4bnjmHm4ZbIS7honsPK/C7fSmF0CopRUP7NCTFFHhk=
-----END CERTIFICATE-----
Generated at Sat Jun 21 17:56:41 2025 by rpki-client