Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AawZO_exsWX80ZAmtgOosHizaxg.roa
File: AawZO_exsWX80ZAmtgOosHizaxg.roa (raw, json)
Hash identifier: XjjEOnMR03VcqF9ibDcKomcuiavTsXktgLDP63Iog8U=
Subject key identifier: 01:AC:19:3B:F7:B1:B1:65:FC:D1:90:26:B6:03:A8:B0:78:B3:6B:18
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 520B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AawZO_exsWX80ZAmtgOosHizaxg.roa
Signing time: Tue 07 May 2024 23:23:55 +0000
ROA not before: Tue 07 May 2024 23:23:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21003 (0x520b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 23:23:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=01AC193BF7B1B165FCD19026B603A8B078B36B18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:42:2c:74:02:84:7d:0f:99:e5:30:3c:f2:94:
93:07:be:74:e8:61:06:4f:3b:44:99:90:3e:05:c2:
58:4c:9c:78:e7:34:a3:33:7b:65:98:5a:43:30:53:
b5:cd:21:0b:df:84:da:c5:b4:e4:ac:3e:e3:bf:49:
a9:6b:b8:a2:f6:3f:24:ae:5c:89:14:e9:94:04:9c:
0e:3d:44:e8:8b:ec:71:45:d0:0b:44:62:06:c5:a8:
17:06:35:2b:75:e6:31:c3:c5:34:9e:2e:77:76:a0:
32:8d:20:46:73:69:b6:e0:4d:03:38:9f:25:4d:a5:
87:6f:12:33:7a:87:c3:f5:4e:10:1e:3e:09:15:c4:
30:41:67:03:7c:99:6c:48:f4:60:43:7e:60:5a:88:
a2:bd:76:61:aa:e6:94:b6:be:ca:66:46:d9:51:24:
59:cb:70:2d:28:10:d9:2a:a7:2e:15:bb:6e:13:5c:
00:f9:7b:24:ed:f5:75:96:b2:3c:8e:04:61:2c:8e:
2f:ab:b4:d5:8a:15:e7:39:77:fe:e8:68:0d:6f:a2:
b6:6e:39:64:23:36:b0:4c:1d:7e:61:21:50:c6:bc:
8b:63:fb:88:63:27:73:e9:96:ab:a6:9e:e2:1a:48:
c6:4a:b7:9f:38:d8:92:c3:40:2a:63:67:4c:54:88:
f3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:AC:19:3B:F7:B1:B1:65:FC:D1:90:26:B6:03:A8:B0:78:B3:6B:18
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AawZO_exsWX80ZAmtgOosHizaxg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
66:a7:55:c5:27:81:53:f7:85:0d:fe:90:1d:a9:a1:44:dc:c0:
d7:16:80:8a:ae:c0:2f:e7:98:a2:91:d5:94:28:24:da:13:04:
45:e8:0d:0d:35:55:82:ae:2e:4e:c6:cf:77:5f:ee:fc:9a:fa:
a0:a8:3b:87:de:32:30:84:74:a2:b7:62:a0:d8:c4:f4:a5:ae:
d2:44:e6:7e:49:58:ab:ef:60:9e:83:c9:9e:a6:8a:9a:f2:99:
66:a9:c8:72:32:23:b2:f8:38:99:61:fa:cf:b4:f3:a8:07:3e:
f9:1d:66:87:1a:4e:0d:a7:d1:08:7e:24:65:8c:57:79:b7:b2:
98:fd:c3:f1:7f:ce:b5:8a:d3:cb:11:1b:be:c4:80:ff:d8:ad:
02:cd:0d:49:6b:1c:55:00:fe:be:cd:ab:b5:eb:01:38:b3:25:
71:06:56:13:52:43:f7:f8:5d:2c:ef:a1:cd:4a:43:43:fd:fc:
5c:93:af:16:c3:52:b5:63:a8:36:84:7e:07:f6:48:3f:72:c6:
ab:ba:86:6f:a6:09:aa:49:3c:07:0c:58:80:be:97:8c:4d:83:
d3:90:27:f0:6a:4c:62:5d:77:54:63:f0:d4:a7:9b:48:b7:67:
35:86:e3:5c:4a:2f:0d:7e:dd:39:a4:03:62:95:cd:ab:c7:50:
19:35:99:67
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUgswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcy
MzIzNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAxQUMxOTNCRjdCMUIx
NjVGQ0QxOTAyNkI2MDNBOEIwNzhCMzZCMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbQix0AoR9D5nlMDzylJMHvnToYQZPO0SZkD4FwlhMnHjnNKMz
e2WYWkMwU7XNIQvfhNrFtOSsPuO/SalruKL2PySuXIkU6ZQEnA49ROiL7HFF0AtE
YgbFqBcGNSt15jHDxTSeLnd2oDKNIEZzabbgTQM4nyVNpYdvEjN6h8P1ThAePgkV
xDBBZwN8mWxI9GBDfmBaiKK9dmGq5pS2vspmRtlRJFnLcC0oENkqpy4Vu24TXAD5
eyTt9XWWsjyOBGEsji+rtNWKFec5d/7oaA1vorZuOWQjNrBMHX5hIVDGvItj+4hj
J3PplqumnuIaSMZKt5842JLDQCpjZ0xUiPMpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUAawZO/exsWX80ZAmtgOosHizaxgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Fhd1pPX2V4c1dYODBa
QW10Z09vc0hpemF4Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGanVcUngVP3hQ3+kB2poUTcwNcWgIqu
wC/nmKKR1ZQoJNoTBEXoDQ01VYKuLk7Gz3df7vya+qCoO4feMjCEdKK3YqDYxPSl
rtJE5n5JWKvvYJ6DyZ6miprymWapyHIyI7L4OJlh+s+086gHPvkdZocaTg2n0Qh+
JGWMV3m3spj9w/F/zrWK08sRG77EgP/YrQLNDUlrHFUA/r7Nq7XrATizJXEGVhNS
Q/f4XSzvoc1KQ0P9/FyTrxbDUrVjqDaEfgf2SD9yxqu6hm+mCapJPAcMWIC+l4xN
g9OQJ/BqTGJdd1Rj8NSnm0i3ZzWG41xKLw1+3TmkA2KVzavHUBk1mWc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:49:38 2025 by rpki-client