Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hsv-ceNinIq1Rc4LxeGSzokOVDM.roa
File: hsv-ceNinIq1Rc4LxeGSzokOVDM.roa (raw, json)
Hash identifier: i2QwmG6k8kogRvUBQFcoD9KpxBA+E5n5kc+33s7uYYw=
Subject key identifier: 86:CB:FE:71:E3:62:9C:8A:B5:45:CE:0B:C5:E1:92:CE:89:0E:54:33
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DCB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hsv-ceNinIq1Rc4LxeGSzokOVDM.roa
Signing time: Thu 02 May 2024 07:23:42 +0000
ROA not before: Thu 02 May 2024 07:23:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19915 (0x4dcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 07:23:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=86CBFE71E3629C8AB545CE0BC5E192CE890E5433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b7:6e:f8:51:2a:79:01:44:c8:6c:28:18:09:
97:16:25:a1:27:72:db:3a:21:a4:bb:b1:3e:c9:3c:
84:cc:0b:35:0b:02:52:aa:63:59:e9:f1:1d:c5:ae:
ce:40:31:48:c4:7d:b2:e1:53:ad:19:6f:38:8a:13:
4c:c1:e8:30:30:aa:69:67:6c:01:d2:d1:de:30:7c:
63:ef:f9:ba:b0:90:e8:2b:04:c4:6c:0f:76:ea:90:
34:6f:82:c2:bd:c2:90:f8:75:18:01:4f:bc:71:27:
45:11:40:23:e6:0a:90:cd:38:f2:1f:d9:86:32:53:
74:1a:75:48:ef:d8:9f:eb:43:90:c6:f5:d7:3e:f0:
b3:81:22:33:30:8e:29:b8:de:94:1f:ed:90:27:36:
00:99:c3:1e:51:f3:4f:f7:54:6e:d6:b3:8f:c1:1c:
83:4e:14:09:40:db:26:ba:12:14:09:b9:b3:22:f2:
7f:dc:24:27:51:1a:a0:64:f3:6a:e9:0a:d4:d6:65:
36:7b:fb:15:09:b0:44:13:ff:40:89:3b:2a:7a:fe:
14:19:cb:db:06:2d:79:79:88:ef:ea:64:9b:e0:f3:
81:ac:12:bb:c7:68:e2:0a:25:b4:26:80:28:cc:73:
f4:90:8e:57:dd:e2:d4:f3:49:44:c8:c8:bc:95:95:
e2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CB:FE:71:E3:62:9C:8A:B5:45:CE:0B:C5:E1:92:CE:89:0E:54:33
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hsv-ceNinIq1Rc4LxeGSzokOVDM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1c:02:65:33:1c:41:68:9a:01:bf:20:42:8e:34:aa:6d:c3:f9:
40:f2:60:7b:44:e1:4e:23:00:ed:22:32:94:a2:38:4c:c4:77:
7a:ae:40:13:38:18:24:d3:02:51:67:f2:cf:42:1c:81:62:5b:
df:90:26:27:37:2b:23:5e:f8:7e:65:ca:d9:c9:98:cd:28:8e:
4b:58:55:f4:c2:8f:12:03:80:7a:76:c1:4c:8b:55:38:41:18:
11:15:8b:52:be:5c:12:92:8b:6e:8e:2b:76:87:a3:e8:49:91:
05:af:3c:1a:96:cd:3a:8e:67:e9:a6:7e:ef:c2:9d:62:71:4d:
af:7e:67:c0:d9:ff:30:42:18:10:3c:14:7b:1a:f2:b7:34:72:
86:5c:44:ad:75:ad:b9:3e:30:1e:e5:29:56:60:ff:dd:4e:5b:
ea:08:d2:20:a8:41:2b:26:0d:ee:1f:c5:fa:01:a5:e4:35:1c:
f8:0b:2e:b5:15:7c:88:b1:74:2f:1e:9b:4a:f4:2f:bc:89:81:
c3:e2:e6:b4:e6:04:6e:dc:7e:e6:1b:e4:5a:f7:39:04:bb:eb:
9e:d0:73:b6:2e:7c:6f:68:e9:56:75:5d:95:4d:49:a0:9b:62:
5b:c7:5a:e5:99:82:dd:83:2a:b2:1a:08:79:72:99:70:32:1b:
6c:0e:1d:11
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTcswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIw
NzIzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg2Q0JGRTcxRTM2MjlD
OEFCNTQ1Q0UwQkM1RTE5MkNFODkwRTU0MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRt274USp5AUTIbCgYCZcWJaEncts6IaS7sT7JPITMCzULAlKq
Y1np8R3Frs5AMUjEfbLhU60ZbziKE0zB6DAwqmlnbAHS0d4wfGPv+bqwkOgrBMRs
D3bqkDRvgsK9wpD4dRgBT7xxJ0URQCPmCpDNOPIf2YYyU3QadUjv2J/rQ5DG9dc+
8LOBIjMwjim43pQf7ZAnNgCZwx5R80/3VG7Ws4/BHINOFAlA2ya6EhQJubMi8n/c
JCdRGqBk82rpCtTWZTZ7+xUJsEQT/0CJOyp6/hQZy9sGLXl5iO/qZJvg84GsErvH
aOIKJbQmgCjMc/SQjlfd4tTzSUTIyLyVleLRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUhsv+ceNinIq1Rc4LxeGSzokOVDMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hzdi1jZU5pbklxMVJj
NEx4ZUdTem9rT1ZETS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABwCZTMcQWiaAb8gQo40qm3D+UDyYHtE
4U4jAO0iMpSiOEzEd3quQBM4GCTTAlFn8s9CHIFiW9+QJic3KyNe+H5lytnJmM0o
jktYVfTCjxIDgHp2wUyLVThBGBEVi1K+XBKSi26OK3aHo+hJkQWvPBqWzTqOZ+mm
fu/CnWJxTa9+Z8DZ/zBCGBA8FHsa8rc0coZcRK11rbk+MB7lKVZg/91OW+oI0iCo
QSsmDe4fxfoBpeQ1HPgLLrUVfIixdC8em0r0L7yJgcPi5rTmBG7cfuYb5Fr3OQS7
657Qc7YufG9o6VZ1XZVNSaCbYlvHWuWZgt2DKrIaCHlymXAyG2wOHRE=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:08:40 2025 by rpki-client