Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jG5WO6rybohDbWXg3uS5Otucsl8.roa
File: jG5WO6rybohDbWXg3uS5Otucsl8.roa (raw, json)
Hash identifier: CszQ2MZmLFo4c6BIYi+Zf+zDh2v8Ef9klCHVrqWC9xw=
Subject key identifier: 8C:6E:56:3B:AA:F2:6E:88:43:6D:65:E0:DE:E4:B9:3A:DB:9C:B2:5F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40E7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jG5WO6rybohDbWXg3uS5Otucsl8.roa
Signing time: Mon 15 Apr 2024 02:52:53 +0000
ROA not before: Mon 15 Apr 2024 02:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16615 (0x40e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 02:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8C6E563BAAF26E88436D65E0DEE4B93ADB9CB25F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7a:6c:5b:42:d0:a3:11:b4:e9:55:f1:15:b6:
a5:18:94:6b:db:1c:ac:62:c7:a0:87:19:82:c2:1f:
a2:9f:d6:4a:cb:4e:e5:d6:e9:89:2e:e6:d2:b9:96:
81:be:7d:df:da:b3:da:6a:3e:a1:4f:2f:34:fc:14:
2b:3b:b6:86:4d:ae:f8:8e:61:4c:10:04:f6:25:27:
c1:3d:b1:ad:e0:ed:67:e8:da:49:9d:67:48:6d:90:
fb:da:a7:bd:c0:2f:bf:48:de:5a:a9:26:72:69:9d:
be:c8:bd:c1:c4:ca:5c:e8:cb:21:85:66:59:b7:99:
28:09:aa:5a:11:a9:a4:e6:66:d5:01:cd:78:ee:02:
50:38:f5:fc:34:04:89:a7:08:63:b8:ae:5f:ef:9a:
57:6a:bf:f6:33:b7:9e:8a:fa:30:c2:65:d5:6a:1b:
c7:c2:6d:26:7f:49:4b:79:c8:e6:d1:9e:cf:01:7c:
82:23:64:1f:49:41:64:5e:d1:3d:b1:b3:60:d8:69:
c1:86:b2:da:ef:2a:c4:c9:27:9b:1b:07:1c:37:15:
5a:ab:7f:3a:32:de:86:f5:d5:15:ca:37:3a:0a:7b:
22:d5:c3:19:8f:eb:69:8b:c0:75:3f:e0:83:36:71:
97:79:3e:0e:75:58:a7:e0:cf:0e:9c:2d:d8:24:1c:
8c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:6E:56:3B:AA:F2:6E:88:43:6D:65:E0:DE:E4:B9:3A:DB:9C:B2:5F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jG5WO6rybohDbWXg3uS5Otucsl8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
03:38:56:f9:56:f0:92:86:23:cd:0b:8d:ca:af:74:7d:bd:31:
0a:ab:b1:f2:e7:86:13:7d:e1:2d:72:fc:94:f3:2d:60:7e:72:
57:f0:43:4b:5b:67:e1:40:78:d5:b6:d6:3b:2e:d1:48:c8:1f:
b9:6e:49:bc:9a:20:e0:55:27:93:f4:05:89:10:05:b1:3c:70:
63:4e:bc:96:dc:f2:7d:56:c1:14:27:3e:e3:93:39:63:dc:75:
dd:6b:cb:85:ed:f2:0f:da:0e:34:8c:50:83:a2:be:e9:e8:c6:
ad:02:d9:df:46:dc:79:e2:0f:e1:52:39:20:97:a0:4d:29:a8:
cf:b8:f3:70:51:49:ba:8b:d5:c1:cc:91:9a:a2:6d:82:23:f6:
57:b8:17:34:7e:91:8d:07:02:cd:77:43:59:02:7e:2c:7c:39:
3c:09:b0:bc:fc:b2:6b:2e:6d:4f:c7:c0:35:a9:2b:3c:b1:92:
19:ab:25:d9:1d:78:e3:66:2a:34:74:15:ea:4e:9b:54:51:28:
b7:aa:ef:d7:d1:2b:11:d4:76:a9:2f:1b:5c:76:af:d7:0e:6d:
14:6c:33:1e:ac:d4:84:dc:60:fd:ae:4d:ca:fe:6d:ac:23:41:
3d:0e:67:cf:1a:79:06:95:0e:10:25:8d:d1:d7:2f:26:3f:ed:
64:b2:71:13
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQOcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
MjUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhDNkU1NjNCQUFGMjZF
ODg0MzZENjVFMERFRTRCOTNBREI5Q0IyNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJemxbQtCjEbTpVfEVtqUYlGvbHKxix6CHGYLCH6Kf1krLTuXW
6Yku5tK5loG+fd/as9pqPqFPLzT8FCs7toZNrviOYUwQBPYlJ8E9sa3g7Wfo2kmd
Z0htkPvap73AL79I3lqpJnJpnb7IvcHEylzoyyGFZlm3mSgJqloRqaTmZtUBzXju
AlA49fw0BImnCGO4rl/vmldqv/Yzt56K+jDCZdVqG8fCbSZ/SUt5yObRns8BfIIj
ZB9JQWRe0T2xs2DYacGGstrvKsTJJ5sbBxw3FVqrfzoy3ob11RXKNzoKeyLVwxmP
62mLwHU/4IM2cZd5Pg51WKfgzw6cLdgkHIwvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUjG5WO6rybohDbWXg3uS5Otucsl8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pHNVdPNnJ5Ym9oRGJX
WGczdVM1T3R1Y3NsOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAM4VvlW8JKGI80LjcqvdH29MQqrsfLn
hhN94S1y/JTzLWB+clfwQ0tbZ+FAeNW21jsu0UjIH7luSbyaIOBVJ5P0BYkQBbE8
cGNOvJbc8n1WwRQnPuOTOWPcdd1ry4Xt8g/aDjSMUIOivunoxq0C2d9G3HniD+FS
OSCXoE0pqM+483BRSbqL1cHMkZqibYIj9le4FzR+kY0HAs13Q1kCfix8OTwJsLz8
smsubU/HwDWpKzyxkhmrJdkdeONmKjR0FepOm1RRKLeq79fRKxHUdqkvG1x2r9cO
bRRsMx6s1ITcYP2uTcr+bawjQT0OZ88aeQaVDhAljdHXLyY/7WSycRM=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:37:00 2025 by rpki-client