Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yyNNlh8PD73qaF_2icbtJyMAo5Q.roa
File: yyNNlh8PD73qaF_2icbtJyMAo5Q.roa (raw, json)
Hash identifier: COJRmKq7oSbFby9SIYH9g8wWvYcQ4dxC+juvGCHeZKM=
Subject key identifier: CB:23:4D:96:1F:0F:0F:BD:EA:68:5F:F6:89:C6:ED:27:23:00:A3:94
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DAF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yyNNlh8PD73qaF_2icbtJyMAo5Q.roa
Signing time: Wed 10 Apr 2024 19:52:46 +0000
ROA not before: Wed 10 Apr 2024 19:52:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15791 (0x3daf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 19:52:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CB234D961F0F0FBDEA685FF689C6ED272300A394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:68:40:ae:f7:36:30:80:8c:80:e2:54:8b:71:
14:e0:3d:c9:78:1b:80:2a:26:b4:2b:d9:83:ca:63:
d8:d7:07:f1:31:bb:14:e8:5b:9e:83:aa:04:52:df:
02:c2:b6:39:50:f8:c4:c0:b3:e6:6f:7b:e9:6b:3e:
e4:cb:6a:56:df:66:23:71:f7:ac:db:00:ea:c5:9a:
56:f3:ce:88:6c:54:7a:59:02:aa:09:85:38:44:d0:
7a:e1:03:24:5c:82:3c:40:c4:a6:b2:55:69:b1:51:
80:ac:0e:cc:a1:ab:b3:de:9d:14:c8:0f:ce:4d:d6:
5a:db:b9:e8:31:8d:73:d9:7d:16:0f:0b:15:00:7d:
95:86:eb:3b:b9:a9:13:7e:57:d6:a2:7f:14:de:f0:
35:ff:1b:f0:60:4b:99:31:de:8c:f5:04:30:54:73:
74:ad:38:b3:3f:b3:0c:3d:70:73:6d:85:c8:c4:77:
c4:00:52:94:fa:9d:67:23:f6:6f:94:a2:ea:ec:41:
df:d3:65:33:95:0d:1b:b2:26:6c:de:6b:9b:32:a1:
11:ce:25:b9:ce:1f:9c:5a:90:f8:92:81:b0:cc:da:
19:90:d6:b0:29:72:c1:d5:3f:0b:bd:b9:41:1a:8a:
55:11:81:ce:dc:28:0e:e9:ea:67:35:26:04:2c:b2:
b0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:23:4D:96:1F:0F:0F:BD:EA:68:5F:F6:89:C6:ED:27:23:00:A3:94
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yyNNlh8PD73qaF_2icbtJyMAo5Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a6:82:93:35:e0:66:aa:d7:a1:be:7b:76:6d:7b:cc:b1:0c:16:
99:97:e1:d3:5e:5b:76:fe:ef:7a:e3:86:19:b2:3e:26:f1:a0:
d3:9a:7d:f7:0d:4c:4f:0d:58:6b:23:18:5f:7a:9e:ff:9e:01:
52:95:ee:5c:90:e0:ec:6e:e8:45:22:71:43:6c:b3:9b:3f:3b:
d8:8b:8d:56:66:c7:a4:5f:69:bf:f9:44:7c:58:9b:0a:9a:d0:
8a:f4:09:57:9a:96:3b:83:e1:ba:5a:fa:62:00:12:56:9e:0b:
f8:90:8a:2b:35:12:19:73:54:53:7d:23:65:c7:11:19:a3:a2:
2b:8d:68:5b:b7:25:6a:df:b5:65:bb:42:63:c4:df:ca:3b:3d:
aa:32:78:4c:46:f5:b6:54:36:90:a3:ff:1c:b4:5d:3c:d3:88:
ab:7e:76:ee:b3:fd:0f:4c:8e:37:4a:1c:52:9c:fd:ec:5a:94:
52:14:e2:39:aa:e8:7c:77:66:8a:f0:ae:7d:de:0e:e3:d3:0a:
0c:7c:80:d7:24:74:99:0c:df:cf:bd:ba:2f:c7:26:f8:aa:45:
bc:64:d1:c8:a8:60:e2:eb:9b:82:b7:05:e0:fb:69:65:0d:ac:
a4:c3:0d:26:d6:87:b7:69:e6:68:15:32:63:22:21:62:eb:38:
2e:9c:3c:39
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPa8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAx
OTUyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENCMjM0RDk2MUYwRjBG
QkRFQTY4NUZGNjg5QzZFRDI3MjMwMEEzOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8aECu9zYwgIyA4lSLcRTgPcl4G4AqJrQr2YPKY9jXB/ExuxTo
W56DqgRS3wLCtjlQ+MTAs+Zve+lrPuTLalbfZiNx96zbAOrFmlbzzohsVHpZAqoJ
hThE0HrhAyRcgjxAxKayVWmxUYCsDsyhq7PenRTID85N1lrbuegxjXPZfRYPCxUA
fZWG6zu5qRN+V9aifxTe8DX/G/BgS5kx3oz1BDBUc3StOLM/sww9cHNthcjEd8QA
UpT6nWcj9m+UoursQd/TZTOVDRuyJmzea5syoRHOJbnOH5xakPiSgbDM2hmQ1rAp
csHVPwu9uUEailURgc7cKA7p6mc1JgQssrCXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUyyNNlh8PD73qaF/2icbtJyMAo5QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3l5Tk5saDhQRDczcWFG
XzJpY2J0SnlNQW81US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKaCkzXgZqrXob57dm17zLEMFpmX4dNe
W3b+73rjhhmyPibxoNOaffcNTE8NWGsjGF96nv+eAVKV7lyQ4Oxu6EUicUNss5s/
O9iLjVZmx6Rfab/5RHxYmwqa0Ir0CVealjuD4bpa+mIAElaeC/iQiis1EhlzVFN9
I2XHERmjoiuNaFu3JWrftWW7QmPE38o7PaoyeExG9bZUNpCj/xy0XTzTiKt+du6z
/Q9MjjdKHFKc/exalFIU4jmq6Hx3Zorwrn3eDuPTCgx8gNckdJkM38+9ui/HJviq
Rbxk0cioYOLrm4K3BeD7aWUNrKTDDSbWh7dp5mgVMmMiIWLrOC6cPDk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:58:59 2025 by rpki-client