Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/v_mNIxcWN7XPCegC04-OO8yfajw.roa
File: v_mNIxcWN7XPCegC04-OO8yfajw.roa (raw, json)
Hash identifier: fw7xvK9ggzAvDaNFpM8+wpNPY0cXAifbX0AnhG/1kDQ=
Subject key identifier: BF:F9:8D:23:17:16:37:B5:CF:09:E8:02:D3:8F:8E:3B:CC:9F:6A:3C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3AD7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/v_mNIxcWN7XPCegC04-OO8yfajw.roa
Signing time: Sun 07 Apr 2024 00:52:30 +0000
ROA not before: Sun 07 Apr 2024 00:52:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15063 (0x3ad7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 00:52:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BFF98D23171637B5CF09E802D38F8E3BCC9F6A3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0b:12:ba:8d:1e:f4:7f:a1:7e:0a:9f:e8:8c:
8c:60:e9:09:7a:73:4e:fa:6d:c0:ec:45:a5:76:68:
60:42:19:cb:fe:64:50:1f:df:ec:c0:ac:3a:a1:9e:
a8:52:06:5f:91:32:0d:1e:79:96:7d:94:25:4d:26:
4e:7c:44:e1:69:07:aa:3e:c1:77:9b:a3:d2:3f:97:
de:b2:0b:df:59:0d:6a:69:67:2f:66:2f:5d:34:07:
42:2c:2b:e3:75:86:cd:57:fa:14:07:28:5a:04:0c:
31:a6:7d:fa:bc:9e:c7:b8:8e:90:2c:75:cb:5b:57:
b0:7d:0f:d0:0f:4c:96:d5:f2:b6:f1:33:3e:35:a4:
71:0c:56:ce:9b:37:14:a6:ca:b7:a6:24:02:30:43:
72:1e:48:b6:1a:16:d9:7a:bf:2b:83:9d:56:c6:b2:
d9:1f:87:fb:b0:53:46:d3:f2:b2:bc:fe:2c:a0:3c:
37:f5:05:68:d5:5c:43:aa:f6:7a:42:cb:c4:10:1b:
53:c0:c1:0e:74:4d:d2:43:d9:ab:20:31:b2:c4:f6:
d7:63:63:38:f4:7e:f7:45:3c:70:0f:29:7b:3e:47:
32:3f:0f:74:8a:8e:3f:93:e2:b3:d2:7f:3c:d6:d9:
29:05:77:1b:f8:4e:7b:5b:88:db:4c:2f:48:ae:72:
13:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F9:8D:23:17:16:37:B5:CF:09:E8:02:D3:8F:8E:3B:CC:9F:6A:3C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/v_mNIxcWN7XPCegC04-OO8yfajw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
bc:0f:35:97:15:7b:43:87:e1:1a:3f:5b:17:1a:97:ce:88:67:
7a:0c:f2:cb:dd:67:e0:ad:34:ce:29:18:ef:df:f8:0d:83:d1:
95:6f:9d:1d:b1:d4:82:1f:5a:69:74:8d:57:50:94:1b:88:f7:
07:63:0a:cf:43:f9:f0:4c:b1:0d:0c:f8:93:00:a7:76:9a:55:
e5:9d:4c:58:a0:4e:6d:c0:d9:22:0e:2c:6a:b6:cb:5e:bc:17:
59:23:2e:2a:29:14:e7:f4:b7:c0:7f:78:56:6b:e6:b2:a2:20:
95:86:8e:0a:bc:e3:98:93:49:c1:ee:a3:d7:a6:12:74:43:a6:
16:e8:89:65:18:46:d2:ca:7f:30:d1:12:4c:22:cb:04:52:59:
31:18:f6:80:82:cf:b8:20:20:ca:96:39:fc:24:ff:6c:14:55:
1b:65:f3:bb:eb:15:79:50:2e:16:d8:ac:72:24:8d:0b:6f:06:
aa:75:c7:b9:aa:37:3f:a3:4e:58:b1:dd:4d:9d:38:c3:4c:e6:
06:93:a9:39:61:90:1f:b9:6a:1b:9e:4c:f9:3c:49:98:a8:79:
fe:9b:ee:2a:91:1f:f2:20:b1:d7:f0:92:1b:b2:4d:df:8c:63:
ca:8b:82:d1:50:ea:68:ba:c8:ea:d4:43:7a:0f:2d:f2:9c:39:
41:8d:3a:83
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOtcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
MDUyMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJGRjk4RDIzMTcxNjM3
QjVDRjA5RTgwMkQzOEY4RTNCQ0M5RjZBM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlCxK6jR70f6F+Cp/ojIxg6Ql6c076bcDsRaV2aGBCGcv+ZFAf
3+zArDqhnqhSBl+RMg0eeZZ9lCVNJk58ROFpB6o+wXebo9I/l96yC99ZDWppZy9m
L100B0IsK+N1hs1X+hQHKFoEDDGmffq8nse4jpAsdctbV7B9D9APTJbV8rbxMz41
pHEMVs6bNxSmyremJAIwQ3IeSLYaFtl6vyuDnVbGstkfh/uwU0bT8rK8/iygPDf1
BWjVXEOq9npCy8QQG1PAwQ50TdJD2asgMbLE9tdjYzj0fvdFPHAPKXs+RzI/D3SK
jj+T4rPSfzzW2SkFdxv4TntbiNtML0iuchNHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUv/mNIxcWN7XPCegC04+OO8yfajwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZfbU5JeGNXTjdYUENl
Z0MwNC1PTzh5ZmFqdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALwPNZcVe0OH4Ro/Wxcal86IZ3oM8svd
Z+CtNM4pGO/f+A2D0ZVvnR2x1IIfWml0jVdQlBuI9wdjCs9D+fBMsQ0M+JMAp3aa
VeWdTFigTm3A2SIOLGq2y168F1kjLiopFOf0t8B/eFZr5rKiIJWGjgq845iTScHu
o9emEnRDphboiWUYRtLKfzDREkwiywRSWTEY9oCCz7ggIMqWOfwk/2wUVRtl87vr
FXlQLhbYrHIkjQtvBqp1x7mqNz+jTlix3U2dOMNM5gaTqTlhkB+5ahueTPk8SZio
ef6b7iqRH/IgsdfwkhuyTd+MY8qLgtFQ6mi6yOrUQ3oPLfKcOUGNOoM=
-----END CERTIFICATE-----
Generated at Fri Jun 20 08:34:44 2025 by rpki-client