Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Pk9SpIt2RMobIomcEnCF8TTQfo8.roa
File: Pk9SpIt2RMobIomcEnCF8TTQfo8.roa (raw, json)
Hash identifier: FWglbyy7s9mhMNPDIeTL1wQrk74CngaHQmVf2/HDSjU=
Subject key identifier: 3E:4F:52:A4:8B:76:44:CA:1B:22:89:9C:12:70:85:F1:34:D0:7E:8F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4E53
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Pk9SpIt2RMobIomcEnCF8TTQfo8.roa
Signing time: Fri 03 May 2024 00:23:58 +0000
ROA not before: Fri 03 May 2024 00:23:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20051 (0x4e53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 00:23:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3E4F52A48B7644CA1B22899C127085F134D07E8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:82:61:df:7f:ac:3b:61:d8:a6:ca:b4:96:bd:
7b:ed:8e:9d:94:be:e4:fe:15:e4:a2:09:8b:66:da:
c1:49:25:11:0d:f0:fc:5d:d3:85:12:90:a3:ee:25:
c3:2f:4e:29:ab:35:55:3a:c6:09:ab:2a:2d:2f:f8:
f3:34:95:71:f8:85:da:6b:c2:96:cc:c0:28:f9:67:
4a:22:64:16:9a:8f:57:82:e5:26:ec:ee:fd:9a:62:
27:d9:b4:15:9a:06:2f:71:58:77:91:40:3d:e9:46:
24:a8:78:e0:e8:f8:38:fa:56:fa:14:0d:82:0a:66:
eb:03:b3:19:38:ab:8d:09:cb:46:7d:cc:23:f7:43:
cd:e6:2a:27:88:af:9f:73:95:9e:2b:07:f4:d2:bd:
1c:69:46:a9:cf:35:a0:f2:85:20:7f:00:2b:7a:2c:
3c:97:66:c4:cc:25:00:fc:08:29:86:20:87:5f:04:
b1:50:b1:68:bd:5f:90:db:9a:aa:ee:0f:d1:a9:a7:
fb:83:8a:55:d6:4d:18:de:9b:71:ee:11:01:b3:3f:
cc:c9:b2:72:ea:bc:fe:4a:2b:04:41:3c:3d:9e:0b:
45:17:06:08:ff:e1:44:db:47:34:f4:91:57:b3:46:
e2:c9:42:9f:ae:ec:11:b4:e0:cd:43:a9:4d:73:84:
19:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4F:52:A4:8B:76:44:CA:1B:22:89:9C:12:70:85:F1:34:D0:7E:8F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Pk9SpIt2RMobIomcEnCF8TTQfo8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
04:d0:81:e9:f3:98:94:b8:50:cd:18:60:50:5d:68:a5:f4:71:
8c:8b:a1:39:35:b3:0a:6d:4a:1c:24:c9:6d:c7:48:f4:62:ef:
6a:0d:f9:7f:36:59:bd:4f:39:d5:2a:53:cb:e7:68:5a:77:6b:
46:e3:23:f0:34:c5:fe:6f:3b:f5:eb:b0:83:0e:0a:1c:0e:7c:
47:a4:d8:00:ca:2f:4c:50:65:9b:d1:2e:14:c4:5f:11:bd:ff:
2b:c7:51:f3:df:fe:a4:74:98:a5:d5:43:01:91:41:64:3e:da:
96:fc:16:7a:49:60:f1:2f:3a:85:c3:e2:29:f9:77:8c:97:21:
74:1d:05:9d:da:38:f5:82:4c:7e:31:95:78:02:b1:41:75:ce:
29:66:3b:57:2a:1c:af:5d:d2:f9:0e:0f:12:fd:37:32:8b:99:
b4:56:20:7b:07:25:a0:d8:c8:98:26:4b:f5:84:5d:2d:d4:07:
05:5b:15:e5:de:27:e7:84:81:73:49:89:81:07:0d:38:75:20:
12:90:c6:e6:4f:e4:a1:41:97:be:70:f1:a2:10:1d:45:fb:6e:
4c:7f:92:9f:d6:0e:43:1a:85:49:b5:82:d0:96:43:46:a0:17:
73:37:13:b6:11:79:44:0e:2b:97:80:42:54:9d:cb:27:75:89:
97:0e:f5:e5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTlMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMw
MDIzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNFNEY1MkE0OEI3NjQ0
Q0ExQjIyODk5QzEyNzA4NUYxMzREMDdFOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAgmHff6w7YdimyrSWvXvtjp2UvuT+FeSiCYtm2sFJJREN8Pxd
04USkKPuJcMvTimrNVU6xgmrKi0v+PM0lXH4hdprwpbMwCj5Z0oiZBaaj1eC5Sbs
7v2aYifZtBWaBi9xWHeRQD3pRiSoeODo+Dj6VvoUDYIKZusDsxk4q40Jy0Z9zCP3
Q83mKieIr59zlZ4rB/TSvRxpRqnPNaDyhSB/ACt6LDyXZsTMJQD8CCmGIIdfBLFQ
sWi9X5DbmqruD9Gpp/uDilXWTRjem3HuEQGzP8zJsnLqvP5KKwRBPD2eC0UXBgj/
4UTbRzT0kVezRuLJQp+u7BG04M1DqU1zhBkJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUPk9SpIt2RMobIomcEnCF8TTQfo8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1BrOVNwSXQyUk1vYklv
bWNFbkNGOFRUUWZvOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAATQgenzmJS4UM0YYFBdaKX0cYyLoTk1
swptShwkyW3HSPRi72oN+X82Wb1POdUqU8vnaFp3a0bjI/A0xf5vO/XrsIMOChwO
fEek2ADKL0xQZZvRLhTEXxG9/yvHUfPf/qR0mKXVQwGRQWQ+2pb8FnpJYPEvOoXD
4in5d4yXIXQdBZ3aOPWCTH4xlXgCsUF1zilmO1cqHK9d0vkODxL9NzKLmbRWIHsH
JaDYyJgmS/WEXS3UBwVbFeXeJ+eEgXNJiYEHDTh1IBKQxuZP5KFBl75w8aIQHUX7
bkx/kp/WDkMahUm1gtCWQ0agF3M3E7YReUQOK5eAQlSdyyd1iZcO9eU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:57:04 2025 by rpki-client