Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yPgBIoWSpZ33Z34IfqoqKPL6jrI.roa
File: yPgBIoWSpZ33Z34IfqoqKPL6jrI.roa (raw, json)
Hash identifier: yhrrEHs0j9A+9+UdEbeHc2+4DESpZfPX3cqGJRsJPSs=
Subject key identifier: C8:F8:01:22:85:92:A5:9D:F7:67:7E:08:7E:AA:2A:28:F2:FA:8E:B2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4CE7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yPgBIoWSpZ33Z34IfqoqKPL6jrI.roa
Signing time: Wed 01 May 2024 02:53:35 +0000
ROA not before: Wed 01 May 2024 02:53:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19687 (0x4ce7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 02:53:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C8F801228592A59DF7677E087EAA2A28F2FA8EB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1f:a6:d8:30:03:5d:dc:ee:44:b8:ac:00:b7:
6e:2a:c6:f6:be:d5:f3:ec:87:16:73:87:8b:ca:ac:
13:58:2e:98:7a:15:4b:ac:1c:30:f3:37:64:df:e2:
00:4d:1a:db:ed:0e:ee:cb:63:dd:c9:a6:19:d8:50:
a9:4e:bb:af:82:0d:a4:63:72:a9:6d:6d:63:05:bd:
4f:88:a6:89:46:9f:87:f7:c1:c2:c6:f2:b3:f2:0e:
a3:59:55:53:0e:05:08:a8:e9:bf:ff:7b:78:96:b3:
14:e7:92:1c:bb:d0:03:d0:c9:63:cd:3e:ee:e7:3b:
84:e7:a3:56:0b:53:4b:98:ab:2d:dd:47:22:48:5c:
aa:00:4d:cb:ea:8d:57:a4:e6:51:62:c5:6d:77:f9:
e9:54:64:70:a0:9a:29:70:e8:ff:9e:5f:1b:39:27:
05:20:4d:e2:b3:2f:16:68:d4:b6:86:29:99:2c:5f:
85:5c:83:01:56:e2:53:18:6e:3c:ed:83:5c:d8:6b:
04:96:3b:69:74:ad:df:2e:8a:fc:fd:98:96:93:4e:
e0:66:e3:80:fd:3e:4f:56:0c:47:ee:39:f8:11:ac:
cd:22:9d:4c:53:94:53:4b:0c:83:e2:bb:42:d0:a8:
e3:f4:b0:da:69:5f:ec:b6:83:c6:9a:a3:a5:03:d0:
c7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F8:01:22:85:92:A5:9D:F7:67:7E:08:7E:AA:2A:28:F2:FA:8E:B2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yPgBIoWSpZ33Z34IfqoqKPL6jrI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0f:ff:40:45:8d:fd:62:99:f7:24:d6:36:52:d2:56:49:3d:64:
eb:2c:8a:d7:dc:9a:c4:2a:f1:49:78:fb:88:8d:a1:12:e0:1b:
22:4e:23:eb:92:8a:13:ac:c1:0c:9a:b8:55:ee:58:2e:d1:4a:
75:15:f1:1d:e3:41:1a:60:8e:2f:cf:77:62:4d:91:6c:3f:27:
b4:85:fa:85:5d:02:f6:b1:d7:a0:5c:0b:04:af:c0:8b:66:b4:
70:11:26:3f:ec:13:8d:8c:60:1c:ee:6d:ae:4e:0e:81:98:19:
86:07:cc:c4:a6:2d:46:5f:af:95:56:22:b6:a2:ec:bb:0e:fe:
47:40:a0:b3:b0:ac:e5:9f:80:6b:ce:79:07:2b:89:a1:35:5b:
74:ff:07:1c:6b:3d:22:11:87:c8:5d:c6:73:c0:b1:c5:3b:c0:
06:a4:00:12:29:94:e8:ee:13:96:19:6e:30:81:d7:c9:09:7e:
78:a6:56:38:a5:dc:ef:62:b8:fd:91:20:1c:b9:47:92:84:8d:
f4:05:7e:83:f0:86:cf:66:70:4b:4c:cc:78:43:da:c0:ae:b0:
1d:da:6c:11:96:50:e0:cd:be:bf:2f:57:a0:00:e6:7d:dd:01:
87:a4:98:60:63:99:2a:65:ee:25:89:ea:8b:4c:6a:9c:25:f0:
43:e5:e2:44
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTOcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEw
MjUzMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM4RjgwMTIyODU5MkE1
OURGNzY3N0UwODdFQUEyQTI4RjJGQThFQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+H6bYMANd3O5EuKwAt24qxva+1fPshxZzh4vKrBNYLph6FUus
HDDzN2Tf4gBNGtvtDu7LY93JphnYUKlOu6+CDaRjcqltbWMFvU+IpolGn4f3wcLG
8rPyDqNZVVMOBQio6b//e3iWsxTnkhy70APQyWPNPu7nO4Tno1YLU0uYqy3dRyJI
XKoATcvqjVek5lFixW13+elUZHCgmilw6P+eXxs5JwUgTeKzLxZo1LaGKZksX4Vc
gwFW4lMYbjztg1zYawSWO2l0rd8uivz9mJaTTuBm44D9Pk9WDEfuOfgRrM0inUxT
lFNLDIPiu0LQqOP0sNppX+y2g8aao6UD0MdTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUyPgBIoWSpZ33Z34IfqoqKPL6jrIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3lQZ0JJb1dTcFozM1oz
NElmcW9xS1BMNmpySS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAA//QEWN/WKZ9yTWNlLSVkk9ZOssitfc
msQq8Ul4+4iNoRLgGyJOI+uSihOswQyauFXuWC7RSnUV8R3jQRpgji/Pd2JNkWw/
J7SF+oVdAvax16BcCwSvwItmtHARJj/sE42MYBzuba5ODoGYGYYHzMSmLUZfr5VW
Irai7LsO/kdAoLOwrOWfgGvOeQcriaE1W3T/BxxrPSIRh8hdxnPAscU7wAakABIp
lOjuE5YZbjCB18kJfnimVjil3O9iuP2RIBy5R5KEjfQFfoPwhs9mcEtMzHhD2sCu
sB3abBGWUODNvr8vV6AA5n3dAYekmGBjmSpl7iWJ6otMapwl8EPl4kQ=
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:00:43 2025 by rpki-client