Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vDPIJeq3Gp_7XbMiJtTl953ODgk.roa
File: vDPIJeq3Gp_7XbMiJtTl953ODgk.roa (raw, json)
Hash identifier: XjFRp81HXJBpZ397bvXLqBV0v3GfAdB7dlt/CRnF3+s=
Subject key identifier: BC:33:C8:25:EA:B7:1A:9F:FB:5D:B3:22:26:D4:E5:F7:9D:CE:0E:09
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40F3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vDPIJeq3Gp_7XbMiJtTl953ODgk.roa
Signing time: Mon 15 Apr 2024 04:22:53 +0000
ROA not before: Mon 15 Apr 2024 04:22:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16627 (0x40f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 04:22:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BC33C825EAB71A9FFB5DB32226D4E5F79DCE0E09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:bd:d8:03:14:08:14:bc:9e:46:9a:3a:ab:
b7:28:ad:5c:91:08:54:8d:60:ee:ac:9d:3c:4b:90:
55:9c:0e:c5:ca:1d:f1:f7:af:d2:eb:bd:87:2c:85:
b3:f9:4c:6a:5c:99:ca:f1:2b:d2:03:41:bc:62:14:
76:53:43:a8:24:48:f3:f7:09:95:3f:2d:aa:cb:38:
43:0c:29:11:1e:30:c9:c6:26:54:02:78:79:d1:62:
47:8c:72:a9:bf:11:2d:fd:df:14:12:64:76:62:bf:
b1:b3:6a:fd:65:d7:e0:14:be:66:a9:af:59:73:c3:
67:38:ee:c2:0d:9e:da:92:3b:6d:e7:19:df:a5:1a:
3d:5f:ca:a5:b7:6a:36:ec:6b:66:71:48:64:37:87:
8e:d6:73:19:16:2b:90:3c:36:51:9b:e9:e6:43:84:
aa:76:19:4a:37:4d:83:f7:34:6a:fe:1f:22:b7:c9:
c8:3c:24:95:17:c5:74:be:14:83:2a:c8:f8:73:a8:
a5:dd:09:12:ec:d4:cd:5f:f0:99:9d:72:7b:14:ed:
e2:3f:c5:58:6e:43:3d:eb:14:c6:41:07:6c:65:32:
8f:95:e3:fc:f8:2b:04:b0:53:13:62:1a:be:1c:c5:
73:dc:46:70:66:b6:c3:cb:2a:ca:a5:0e:97:35:c0:
3f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:33:C8:25:EA:B7:1A:9F:FB:5D:B3:22:26:D4:E5:F7:9D:CE:0E:09
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vDPIJeq3Gp_7XbMiJtTl953ODgk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
66:fe:6a:44:31:01:30:2b:94:40:22:11:08:57:84:ad:24:d3:
12:97:51:1a:4a:02:4a:fc:e4:1b:ed:79:43:3a:39:ee:c0:3e:
d4:9f:c1:68:ca:85:11:78:ac:fa:d2:81:10:a3:1b:58:cd:06:
27:0d:2f:e0:da:b2:e0:2a:9b:b7:6f:3c:83:68:fe:33:f8:1f:
13:a1:e6:c7:07:70:28:d0:8d:8b:35:7d:06:84:b0:6d:45:d9:
ea:3c:ee:d9:d7:67:1e:1f:87:43:c0:27:4e:16:cb:51:10:18:
97:1a:dd:76:e2:ef:a6:99:fe:3c:ea:d1:17:a7:0f:3e:4b:1d:
28:50:3d:9e:0d:bd:26:72:21:b2:37:e9:94:e2:be:c7:6d:7b:
bf:33:b5:16:c6:f3:b9:99:72:20:66:da:dd:44:13:76:cf:0b:
95:26:c9:df:21:4e:0c:92:ad:54:8b:69:90:87:fa:16:e0:e8:
75:98:c3:51:19:59:0b:5f:7d:81:5c:9c:3f:46:2b:d7:27:c1:
f7:74:c2:11:bb:bd:7f:f6:ee:b6:46:50:6d:9a:22:b1:27:30:
1d:a6:40:ce:38:ac:80:56:29:9a:5d:ec:15:fc:88:39:6a:82:
25:1b:1f:3f:b6:e4:f9:b0:c4:a3:62:51:f2:d5:85:01:f7:a3:
1b:e1:d6:19
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
NDIyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJDMzNDODI1RUFCNzFB
OUZGQjVEQjMyMjI2RDRFNUY3OURDRTBFMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7bL3YAxQIFLyeRpo6q7corVyRCFSNYO6snTxLkFWcDsXKHfH3
r9LrvYcshbP5TGpcmcrxK9IDQbxiFHZTQ6gkSPP3CZU/LarLOEMMKREeMMnGJlQC
eHnRYkeMcqm/ES393xQSZHZiv7Gzav1l1+AUvmapr1lzw2c47sINntqSO23nGd+l
Gj1fyqW3ajbsa2ZxSGQ3h47WcxkWK5A8NlGb6eZDhKp2GUo3TYP3NGr+HyK3ycg8
JJUXxXS+FIMqyPhzqKXdCRLs1M1f8JmdcnsU7eI/xVhuQz3rFMZBB2xlMo+V4/z4
KwSwUxNiGr4cxXPcRnBmtsPLKsqlDpc1wD9xAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUvDPIJeq3Gp/7XbMiJtTl953ODgkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZEUElKZXEzR3BfN1hi
TWlKdFRsOTUzT0Rnay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGb+akQxATArlEAiEQhXhK0k0xKXURpK
Akr85BvteUM6Oe7APtSfwWjKhRF4rPrSgRCjG1jNBicNL+DasuAqm7dvPINo/jP4
HxOh5scHcCjQjYs1fQaEsG1F2eo87tnXZx4fh0PAJ04Wy1EQGJca3Xbi76aZ/jzq
0RenDz5LHShQPZ4NvSZyIbI36ZTivsdte78ztRbG87mZciBm2t1EE3bPC5Umyd8h
TgySrVSLaZCH+hbg6HWYw1EZWQtffYFcnD9GK9cnwfd0whG7vX/27rZGUG2aIrEn
MB2mQM44rIBWKZpd7BX8iDlqgiUbHz+25PmwxKNiUfLVhQH3oxvh1hk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:25:37 2025 by rpki-client