Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Nz-MbsZiA_j_JcfFrkw9HdgxSLk.roa
File: Nz-MbsZiA_j_JcfFrkw9HdgxSLk.roa (raw, json)
Hash identifier: XLXS3iHJrAEaQMltRfpmLmdvJz35cQ4eH2dC9C8Hm90=
Subject key identifier: 37:3F:8C:6E:C6:62:03:F8:FF:25:C7:C5:AE:4C:3D:1D:D8:31:48:B9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47C3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Nz-MbsZiA_j_JcfFrkw9HdgxSLk.roa
Signing time: Wed 24 Apr 2024 06:23:34 +0000
ROA not before: Wed 24 Apr 2024 06:23:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18371 (0x47c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 06:23:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=373F8C6EC66203F8FF25C7C5AE4C3D1DD83148B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:12:36:d4:15:ba:b4:17:21:90:67:95:62:61:
b8:88:05:dd:d3:77:2c:72:81:17:e7:52:d0:4e:4f:
47:59:ea:3c:52:81:db:a4:fd:32:b7:13:fd:8b:cd:
c9:a1:34:d2:74:67:fb:fb:b7:1e:59:bb:54:63:b2:
b0:c1:af:df:b4:49:cf:43:e2:c9:10:05:a2:72:19:
7b:62:0d:e8:00:7f:14:e9:62:62:69:98:92:6e:59:
7d:5b:34:e0:ce:a7:5c:6a:90:97:61:07:0c:0f:90:
07:5f:d6:ec:f9:2f:2d:98:6f:97:3d:ac:b6:07:d3:
57:05:3b:92:fb:60:94:57:a2:f5:52:fb:e4:00:6f:
4b:3f:a3:02:7a:98:fe:f8:72:8f:ce:7d:31:77:4a:
3e:c1:3d:58:eb:f7:bd:ec:42:5f:1c:b0:67:78:a8:
fb:cb:f2:6f:20:ad:46:ee:a0:a6:9b:c0:84:79:bc:
0d:c8:0b:7c:a0:cd:77:1b:37:68:68:46:2c:8f:f2:
cd:59:9e:22:f8:30:6f:66:f7:d0:0a:5d:23:84:5c:
76:4b:a0:75:66:50:6a:d9:fb:c1:07:a9:79:8d:ba:
65:5a:f1:48:b3:82:58:7f:7c:93:92:e1:fe:d3:0b:
00:82:7b:2b:70:5f:34:12:ad:6d:91:82:10:ee:f6:
d4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:3F:8C:6E:C6:62:03:F8:FF:25:C7:C5:AE:4C:3D:1D:D8:31:48:B9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Nz-MbsZiA_j_JcfFrkw9HdgxSLk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ba:96:e7:9b:51:84:24:18:ce:1e:18:4c:8c:a1:64:18:1f:8c:
11:b7:ab:c7:01:5a:93:e6:5c:02:a4:e2:a3:e1:10:79:a5:9a:
a2:f6:13:9d:b7:a4:de:bf:98:2c:d7:c2:a3:1a:c2:1d:da:5c:
0c:cd:b7:16:fa:6b:2b:17:f9:9c:82:ed:9a:5b:7d:0d:e4:a0:
84:2f:22:4c:2f:ca:db:d1:81:a9:1f:c4:ae:20:d5:fa:b3:e7:
e1:83:32:61:3e:b2:04:e7:d3:b9:b1:8e:a3:01:3c:0d:b9:65:
9c:b5:a4:b9:e9:67:f3:58:2c:6d:24:6b:34:e0:4f:2e:7e:5c:
6a:7f:52:e1:6b:a3:ef:47:cb:6e:1c:2b:4c:ea:9d:6b:c8:0b:
e7:79:23:83:58:b5:5d:8a:ca:d5:b3:c4:0b:38:ea:a1:06:72:
52:15:90:44:41:b7:fc:81:22:a5:e8:54:89:d5:60:bd:3d:1b:
1b:ca:95:e9:58:53:e0:51:33:30:7d:49:96:6c:9f:d2:d4:ab:
2f:85:a7:50:8c:6b:9c:8e:9a:14:5d:d2:2c:fe:0c:65:14:af:
dd:69:33:0d:a4:21:6f:41:e5:a2:b4:e9:77:47:90:7a:19:f5:
31:be:0c:67:2f:0c:89:93:87:3c:ef:74:14:1f:c3:63:a6:bf:
42:a7:4c:41
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICR8MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
NjIzMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM3M0Y4QzZFQzY2MjAz
RjhGRjI1QzdDNUFFNEMzRDFERDgzMTQ4QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYEjbUFbq0FyGQZ5ViYbiIBd3TdyxygRfnUtBOT0dZ6jxSgduk
/TK3E/2LzcmhNNJ0Z/v7tx5Zu1RjsrDBr9+0Sc9D4skQBaJyGXtiDegAfxTpYmJp
mJJuWX1bNODOp1xqkJdhBwwPkAdf1uz5Ly2Yb5c9rLYH01cFO5L7YJRXovVS++QA
b0s/owJ6mP74co/OfTF3Sj7BPVjr973sQl8csGd4qPvL8m8grUbuoKabwIR5vA3I
C3ygzXcbN2hoRiyP8s1ZniL4MG9m99AKXSOEXHZLoHVmUGrZ+8EHqXmNumVa8Uiz
glh/fJOS4f7TCwCCeytwXzQSrW2RghDu9tTTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUNz+MbsZiA/j/JcfFrkw9HdgxSLkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L056LU1ic1ppQV9qX0pj
ZkZya3c5SGRneFNMay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALqW55tRhCQYzh4YTIyhZBgfjBG3q8cB
WpPmXAKk4qPhEHmlmqL2E523pN6/mCzXwqMawh3aXAzNtxb6aysX+ZyC7ZpbfQ3k
oIQvIkwvytvRgakfxK4g1fqz5+GDMmE+sgTn07mxjqMBPA25ZZy1pLnpZ/NYLG0k
azTgTy5+XGp/UuFro+9Hy24cK0zqnWvIC+d5I4NYtV2KytWzxAs46qEGclIVkERB
t/yBIqXoVInVYL09GxvKlelYU+BRMzB9SZZsn9LUqy+Fp1CMa5yOmhRd0iz+DGUU
r91pMw2kIW9B5aK06XdHkHoZ9TG+DGcvDImThzzvdBQfw2Omv0KnTEE=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:37:10 2025 by rpki-client