Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pUQT31zdWcEv01z8BRaNaGF2CzQ.roa
File: pUQT31zdWcEv01z8BRaNaGF2CzQ.roa (raw, json)
Hash identifier: YU415Wj35R45U4jdEEu3kfSeKuOE4GPVN4cbRICBJhk=
Subject key identifier: A5:44:13:DF:5C:DD:59:C1:2F:D3:5C:FC:05:16:8D:68:61:76:0B:34
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D1F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pUQT31zdWcEv01z8BRaNaGF2CzQ.roa
Signing time: Wed 10 Apr 2024 01:52:41 +0000
ROA not before: Wed 10 Apr 2024 01:52:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15647 (0x3d1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 01:52:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A54413DF5CDD59C12FD35CFC05168D6861760B34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5c:d8:ca:e7:d4:e5:04:9b:e8:81:ee:95:18:
0d:f6:d3:42:e5:c2:40:f2:e7:d1:a2:0d:90:9a:64:
3f:51:58:53:81:3a:99:40:c0:99:1b:96:32:b6:be:
a7:3e:5a:5b:83:cb:69:04:71:24:8d:e6:08:b7:df:
b1:97:a8:82:2d:fe:d8:2f:9a:8a:76:cc:90:97:2e:
46:23:c9:06:7c:69:c7:9d:b9:f7:ff:e3:a3:a3:1a:
fa:ba:4e:10:f9:b7:2d:e0:1c:6e:ac:51:49:2e:8e:
4e:72:cf:f5:3a:fc:39:6c:ea:c6:e9:8e:ad:2d:b9:
3d:b2:30:ed:c1:81:a0:a4:ff:6b:93:f3:95:82:f2:
30:01:4c:1b:cc:9d:2d:f3:a5:1a:c1:d6:99:47:aa:
38:67:6d:a7:fa:a4:0b:59:7c:d3:00:25:c9:cb:0f:
f7:ab:aa:e3:33:d5:7c:68:84:9d:e9:44:e9:07:31:
e3:f8:c9:f0:32:69:6c:40:37:0a:5c:ae:63:d4:c6:
d5:35:c2:6a:45:b0:7e:02:6a:23:3c:a2:82:9d:e2:
a2:85:ac:18:2d:b4:1f:d4:78:f0:05:19:63:98:e8:
24:8f:9b:93:ba:78:38:87:6c:14:f7:2d:13:66:0e:
ff:4e:c8:29:85:0d:3d:8c:04:ba:c3:c1:3b:77:0a:
15:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:44:13:DF:5C:DD:59:C1:2F:D3:5C:FC:05:16:8D:68:61:76:0B:34
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pUQT31zdWcEv01z8BRaNaGF2CzQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
75:72:bb:f8:1f:36:94:33:82:72:83:0e:3f:12:49:45:61:d9:
4f:8d:8b:a2:66:fa:85:5f:39:39:52:31:aa:89:6d:8e:1a:f9:
ed:ad:b4:c5:d5:ff:d2:4c:36:8a:09:74:75:ab:48:a1:c0:0e:
d3:65:d4:a0:cd:f8:7e:eb:db:91:ff:62:25:b8:e7:04:c4:90:
07:91:97:1f:ae:ea:49:5b:a1:ba:b6:9b:8c:5f:83:90:80:de:
b2:da:b4:52:0e:92:3c:08:ed:57:17:85:4e:cb:98:61:60:ea:
90:85:a6:c2:51:e1:a5:0a:4a:1d:f1:c6:96:6c:09:e0:af:70:
90:0d:12:a9:73:31:9b:3a:1b:e3:6c:67:21:e1:bf:d1:23:09:
3c:f0:1a:6a:f6:27:fc:6a:ab:f6:1e:08:34:cc:cf:3d:9e:02:
bc:c2:79:9c:82:20:55:b9:49:f1:38:44:e1:41:9c:00:4a:63:
9f:dc:4c:fa:eb:8b:e0:61:31:ed:be:33:0d:4a:1e:aa:6a:0b:
64:a9:60:71:36:1c:86:ca:8c:0c:97:fe:04:98:02:30:6a:d7:
d6:36:bc:99:f1:20:9b:fd:8b:0e:a3:ce:27:9b:fa:32:e0:92:
71:bf:7b:56:8e:ac:a6:73:fa:43:bd:c0:20:40:2e:b5:a8:34:
da:b6:a8:79
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
MTUyNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE1NDQxM0RGNUNERDU5
QzEyRkQzNUNGQzA1MTY4RDY4NjE3NjBCMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZXNjK59TlBJvoge6VGA3200LlwkDy59GiDZCaZD9RWFOBOplA
wJkbljK2vqc+WluDy2kEcSSN5gi337GXqIIt/tgvmop2zJCXLkYjyQZ8aceduff/
46OjGvq6ThD5ty3gHG6sUUkujk5yz/U6/Dls6sbpjq0tuT2yMO3BgaCk/2uT85WC
8jABTBvMnS3zpRrB1plHqjhnbaf6pAtZfNMAJcnLD/erquMz1XxohJ3pROkHMeP4
yfAyaWxANwpcrmPUxtU1wmpFsH4CaiM8ooKd4qKFrBgttB/UePAFGWOY6CSPm5O6
eDiHbBT3LRNmDv9OyCmFDT2MBLrDwTt3ChXDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUpUQT31zdWcEv01z8BRaNaGF2CzQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BVUVQzMXpkV2NFdjAx
ejhCUmFOYUdGMkN6US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHVyu/gfNpQzgnKDDj8SSUVh2U+Ni6Jm
+oVfOTlSMaqJbY4a+e2ttMXV/9JMNooJdHWrSKHADtNl1KDN+H7r25H/YiW45wTE
kAeRlx+u6klbobq2m4xfg5CA3rLatFIOkjwI7VcXhU7LmGFg6pCFpsJR4aUKSh3x
xpZsCeCvcJANEqlzMZs6G+NsZyHhv9EjCTzwGmr2J/xqq/YeCDTMzz2eArzCeZyC
IFW5SfE4ROFBnABKY5/cTPrri+BhMe2+Mw1KHqpqC2SpYHE2HIbKjAyX/gSYAjBq
19Y2vJnxIJv9iw6jzieb+jLgknG/e1aOrKZz+kO9wCBALrWoNNq2qHk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 22:35:36 2025 by rpki-client