Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WOkS5oHjgeBqPOny_KX5mCOn3m0.roa
File: WOkS5oHjgeBqPOny_KX5mCOn3m0.roa (raw, json)
Hash identifier: aCjN33s9azDfcWZcxlIx7inejdsK0OaMHWpkLRs0/Ig=
Subject key identifier: 58:E9:12:E6:81:E3:81:E0:6A:3C:E9:F2:FC:A5:F9:98:23:A7:DE:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 51BB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WOkS5oHjgeBqPOny_KX5mCOn3m0.roa
Signing time: Tue 07 May 2024 13:24:02 +0000
ROA not before: Tue 07 May 2024 13:24:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20923 (0x51bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 13:24:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=58E912E681E381E06A3CE9F2FCA5F99823A7DE6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dd:c8:37:8e:e1:46:7a:cd:6c:b2:f6:56:93:
5a:70:24:17:13:f1:6d:60:80:af:ad:16:44:be:de:
57:c8:51:20:4b:50:0e:3e:33:c1:6c:ac:10:a1:bb:
77:4b:88:6f:2c:a4:c2:31:f8:0a:70:d6:2b:62:82:
81:00:5d:b3:b6:b2:29:c7:1e:ed:b4:91:e4:c0:a5:
80:34:de:6d:dd:3f:2a:9f:05:4b:cb:37:16:ef:84:
dd:42:1e:80:b9:e9:34:bc:08:5e:86:72:93:b4:f0:
71:e9:e3:de:a4:55:c3:c5:23:bd:27:b9:50:5a:4f:
ce:c2:0b:f8:80:0c:e8:d1:b6:1b:2b:84:e2:26:1a:
3b:f8:fb:67:2f:19:d8:8c:70:d5:49:90:b0:7b:31:
03:35:68:44:76:b5:a5:01:00:8b:b8:93:b0:23:6f:
11:8b:4b:55:b9:9d:43:e6:23:ab:79:5f:fc:7c:6b:
2e:03:56:9a:b7:ca:80:44:6f:99:00:a3:82:64:8f:
c2:3c:0f:c9:33:d0:a9:16:1e:35:0e:ee:54:1d:da:
05:00:28:9e:db:a7:ec:ba:cd:cd:e8:4e:91:e5:f8:
54:75:88:23:ff:c2:de:95:b6:3c:4c:11:ed:70:2e:
6e:18:3d:ee:01:ec:7f:84:f7:ad:f8:d7:93:a8:20:
7a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E9:12:E6:81:E3:81:E0:6A:3C:E9:F2:FC:A5:F9:98:23:A7:DE:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WOkS5oHjgeBqPOny_KX5mCOn3m0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4a:c7:cc:cf:a6:99:57:72:a4:69:ec:d4:1f:23:4b:15:98:7c:
c4:a4:4a:50:87:68:1a:33:71:08:bb:53:a3:3a:b4:47:17:0d:
b1:59:9b:23:5a:73:76:4a:aa:97:2a:0c:d6:ed:8b:a1:7e:2a:
50:37:38:f4:ef:f4:e8:b9:a5:f2:7d:77:bc:3f:a1:4d:e9:0f:
24:7a:0c:9d:90:33:7d:89:4c:fa:57:fd:8b:0d:5b:61:41:b3:
63:0e:ad:65:a5:a8:a6:9d:bf:1e:19:d3:e6:f1:c3:0e:30:0a:
e2:89:a0:f6:54:df:38:7d:d0:be:04:91:66:6d:01:5a:1d:a7:
8e:84:30:71:18:94:b7:60:0b:2c:64:db:07:6c:3f:b8:ba:80:
db:95:64:fe:e7:18:23:1b:f0:81:10:7e:db:b5:c5:c5:94:a3:
a4:2b:7c:3f:84:ac:8a:5e:ab:3f:ad:8e:cf:74:b8:12:f5:5a:
86:14:32:7b:06:7f:6a:fb:c8:2f:d4:9d:66:3e:84:f0:ec:4a:
4a:2c:6d:4c:7b:4a:12:67:52:16:ea:77:ab:91:bc:a5:53:83:
6b:bb:93:10:8a:73:54:2b:11:f9:c4:4f:17:5b:02:2d:cd:0e:
85:43:57:11:d5:78:87:b6:a9:c9:ab:8d:01:51:08:73:ba:58:
b6:4f:f9:0b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUbswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcx
MzI0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU4RTkxMkU2ODFFMzgx
RTA2QTNDRTlGMkZDQTVGOTk4MjNBN0RFNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC43cg3juFGes1ssvZWk1pwJBcT8W1ggK+tFkS+3lfIUSBLUA4+
M8FsrBChu3dLiG8spMIx+Apw1itigoEAXbO2sinHHu20keTApYA03m3dPyqfBUvL
NxbvhN1CHoC56TS8CF6GcpO08HHp496kVcPFI70nuVBaT87CC/iADOjRthsrhOIm
Gjv4+2cvGdiMcNVJkLB7MQM1aER2taUBAIu4k7AjbxGLS1W5nUPmI6t5X/x8ay4D
Vpq3yoBEb5kAo4Jkj8I8D8kz0KkWHjUO7lQd2gUAKJ7bp+y6zc3oTpHl+FR1iCP/
wt6VtjxMEe1wLm4YPe4B7H+E963415OoIHqzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUWOkS5oHjgeBqPOny/KX5mCOn3m0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dPa1M1b0hqZ2VCcVBP
bnlfS1g1bUNPbjNtMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAErHzM+mmVdypGns1B8jSxWYfMSkSlCH
aBozcQi7U6M6tEcXDbFZmyNac3ZKqpcqDNbti6F+KlA3OPTv9Oi5pfJ9d7w/oU3p
DyR6DJ2QM32JTPpX/YsNW2FBs2MOrWWlqKadvx4Z0+bxww4wCuKJoPZU3zh90L4E
kWZtAVodp46EMHEYlLdgCyxk2wdsP7i6gNuVZP7nGCMb8IEQftu1xcWUo6QrfD+E
rIpeqz+tjs90uBL1WoYUMnsGf2r7yC/UnWY+hPDsSkosbUx7ShJnUhbqd6uRvKVT
g2u7kxCKc1QrEfnETxdbAi3NDoVDVxHVeIe2qcmrjQFRCHO6WLZP+Qs=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:47:05 2025 by rpki-client