Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/aP51ANoMl0YaqCKGvc_ErDrCZwo.roa
File: aP51ANoMl0YaqCKGvc_ErDrCZwo.roa (raw, json)
Hash identifier: UNT8bYdu3YfGHYxGCw8EkU6pp85gpXEWYPMdhMJsXb8=
Subject key identifier: 68:FE:75:00:DA:0C:97:46:1A:A8:22:86:BD:CF:C4:AC:3A:C2:67:0A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56F7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aP51ANoMl0YaqCKGvc_ErDrCZwo.roa
Signing time: Tue 14 May 2024 12:54:28 +0000
ROA not before: Tue 14 May 2024 12:54:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22263 (0x56f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 12:54:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=68FE7500DA0C97461AA82286BDCFC4AC3AC2670A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5f:41:02:09:d4:34:91:f3:6a:18:61:8a:4f:
b6:63:d1:94:51:12:6f:33:9d:25:26:29:1d:49:55:
bb:7e:f3:42:2a:13:b4:34:3d:81:9b:5e:62:4b:5d:
cb:2e:cd:96:c1:a3:37:dd:ec:25:10:57:f0:b3:24:
97:ec:39:bd:0c:f4:4c:b1:39:60:6c:ac:24:c3:49:
a4:31:07:cc:d7:8a:bb:a4:cc:42:58:fd:98:59:db:
4f:6e:68:80:77:f2:ba:a8:72:e5:fd:ff:b3:52:0b:
96:13:d2:d6:14:23:45:7e:5e:54:7e:4c:f1:87:b8:
35:b0:c8:ed:f3:4f:12:fc:bf:b4:d9:9d:31:c6:a4:
20:e5:5f:3e:c8:71:86:34:9a:96:0b:41:cb:29:1f:
69:98:ba:c3:03:9a:9d:d5:b5:e9:e7:71:20:03:60:
42:ce:40:ba:04:ab:72:22:c9:88:bd:3a:81:1e:fa:
c8:e7:8c:5f:d7:39:92:c0:6b:af:5c:45:3d:35:34:
c7:5f:98:38:da:a3:22:f5:68:be:7d:04:ce:e3:1b:
ae:c7:d8:09:eb:cf:b4:16:66:56:36:f3:f7:c6:cd:
59:6d:cd:80:c4:d3:e3:0a:29:d7:2d:d7:7d:27:ba:
11:73:17:ef:9c:da:e1:e8:4e:42:6f:49:7b:a7:e3:
94:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FE:75:00:DA:0C:97:46:1A:A8:22:86:BD:CF:C4:AC:3A:C2:67:0A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aP51ANoMl0YaqCKGvc_ErDrCZwo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
af:c5:e2:40:c2:bb:0e:e8:a4:2f:41:c4:31:f3:39:6e:98:60:
3e:fd:e7:5f:5f:83:9e:99:e8:bc:dc:9e:5f:e0:6d:dc:ed:02:
df:99:34:7e:8f:c4:da:c4:2d:0f:24:d2:9e:da:39:27:4b:12:
31:1b:81:73:c1:ab:fa:de:1f:3f:9e:57:2d:97:7b:d5:55:92:
16:45:c0:f1:1e:b1:a6:b8:76:70:9a:50:96:7f:ab:42:29:8f:
33:f3:dc:34:40:28:d7:57:16:38:3c:4b:ac:6e:05:aa:4b:63:
63:7d:9b:3b:1d:c6:6d:c2:7b:87:90:3c:cc:c4:57:66:3e:3b:
98:ad:be:d0:4a:56:7d:12:30:c4:9a:a6:57:52:89:eb:c3:d4:
25:30:fb:46:fb:09:22:0d:1d:c7:28:35:7c:e8:37:0d:b1:3d:
c3:44:df:41:38:aa:63:f1:28:6e:21:49:15:c4:1a:27:d6:c7:
90:3e:66:ab:54:de:6d:4f:b1:f2:e2:0a:fd:91:21:18:fb:a4:
9c:d6:ed:3a:9d:32:c6:41:77:e4:5d:d6:17:99:5b:91:61:31:
5f:65:3b:d7:b6:b0:28:af:e0:8f:50:70:cb:6c:5f:08:c2:90:
47:33:88:2e:1b:b7:ab:01:52:98:d8:cc:a7:9d:25:fa:6d:73:
84:74:ef:4b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVvcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQx
MjU0MjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY4RkU3NTAwREEwQzk3
NDYxQUE4MjI4NkJEQ0ZDNEFDM0FDMjY3MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/X0ECCdQ0kfNqGGGKT7Zj0ZRREm8znSUmKR1JVbt+80IqE7Q0
PYGbXmJLXcsuzZbBozfd7CUQV/CzJJfsOb0M9EyxOWBsrCTDSaQxB8zXirukzEJY
/ZhZ209uaIB38rqocuX9/7NSC5YT0tYUI0V+XlR+TPGHuDWwyO3zTxL8v7TZnTHG
pCDlXz7IcYY0mpYLQcspH2mYusMDmp3VtenncSADYELOQLoEq3IiyYi9OoEe+sjn
jF/XOZLAa69cRT01NMdfmDjaoyL1aL59BM7jG67H2Anrz7QWZlY28/fGzVltzYDE
0+MKKdct130nuhFzF++c2uHoTkJvSXun45SzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUaP51ANoMl0YaqCKGvc/ErDrCZwowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FQNTFBTm9NbDBZYXFD
S0d2Y19FckRyQ1p3by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAK/F4kDCuw7opC9BxDHzOW6YYD79519f
g56Z6Lzcnl/gbdztAt+ZNH6PxNrELQ8k0p7aOSdLEjEbgXPBq/reHz+eVy2Xe9VV
khZFwPEesaa4dnCaUJZ/q0IpjzPz3DRAKNdXFjg8S6xuBapLY2N9mzsdxm3Ce4eQ
PMzEV2Y+O5itvtBKVn0SMMSapldSievD1CUw+0b7CSINHccoNXzoNw2xPcNE30E4
qmPxKG4hSRXEGifWx5A+ZqtU3m1PsfLiCv2RIRj7pJzW7TqdMsZBd+Rd1heZW5Fh
MV9lO9e2sCiv4I9QcMtsXwjCkEcziC4bt6sBUpjYzKedJfptc4R070s=
-----END CERTIFICATE-----
Generated at Tue Apr 15 00:00:52 2025 by rpki-client