Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/veOWCIEkahW9dk9kblXhp1CgH4Q.roa
File: veOWCIEkahW9dk9kblXhp1CgH4Q.roa (raw, json)
Hash identifier: KI63eNxlIE9xsnPSu3X1nLBQraDHytqSU30y2Nm/DKs=
Subject key identifier: BD:E3:96:08:81:24:6A:15:BD:76:4F:64:6E:55:E1:A7:50:A0:1F:84
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5343
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/veOWCIEkahW9dk9kblXhp1CgH4Q.roa
Signing time: Thu 09 May 2024 14:24:01 +0000
ROA not before: Thu 09 May 2024 14:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21315 (0x5343)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 14:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BDE3960881246A15BD764F646E55E1A750A01F84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5e:78:d5:12:21:d7:4b:bb:4c:46:a2:38:b5:
2f:ce:01:29:67:5c:56:0b:02:67:a8:09:42:9e:7b:
f3:4e:0e:4e:63:da:f6:26:6d:77:a9:6d:2e:1f:4e:
cb:8b:af:60:dd:9e:47:ea:f1:6e:69:47:12:b1:b6:
38:e3:a8:49:c3:83:55:8b:78:0a:fa:9a:b6:1e:2d:
08:62:3d:40:5f:ca:f3:62:29:5d:fd:f4:ef:22:b2:
4e:50:a6:a2:63:ca:d3:77:43:e4:5a:a1:82:75:69:
26:0e:47:41:56:ab:6a:0b:fd:68:28:66:cd:ea:df:
13:d6:d7:de:68:d8:3f:33:fc:02:1f:da:27:1d:f7:
3a:a8:de:a9:12:0d:18:01:7b:97:fa:d7:6d:0e:2e:
81:e4:0c:5e:d6:ec:1d:ff:5a:04:c5:4b:7f:9c:9b:
0b:e2:48:50:28:53:73:f1:f5:74:0b:da:40:9e:e2:
4a:32:85:99:53:43:ef:27:ad:36:d2:3b:a1:f3:59:
2c:83:71:45:ef:35:6b:25:30:49:d0:24:4c:45:b3:
45:05:81:99:49:c2:37:3f:c9:d9:80:73:f9:75:cf:
15:0a:96:d8:7f:29:13:11:21:7f:20:f7:81:f7:09:
65:14:21:d4:7b:71:c6:e8:f8:3f:60:a1:3c:1a:60:
40:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E3:96:08:81:24:6A:15:BD:76:4F:64:6E:55:E1:A7:50:A0:1F:84
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/veOWCIEkahW9dk9kblXhp1CgH4Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b6:01:ee:6a:d4:50:24:32:91:09:7c:3f:1a:dc:bb:17:58:84:
44:9d:b5:8c:5a:3a:e3:ee:6e:e7:26:25:f7:d6:60:54:78:90:
9c:05:7c:fb:d8:94:eb:c3:0a:c2:73:16:9b:c2:e6:48:41:e8:
bf:ef:1a:00:ed:7f:4a:05:fe:56:ef:81:b0:92:4d:c5:97:74:
e2:bd:22:42:7b:30:f8:ef:5d:77:a0:2e:6b:ac:1c:b3:71:be:
10:e9:b4:47:e2:71:6a:91:40:4f:4d:7c:1d:29:44:18:1c:b9:
c9:50:94:b8:f1:82:6d:1e:21:e0:d6:bc:e3:df:c2:a1:25:9d:
4f:80:4e:5b:65:cc:38:6e:95:55:6c:b3:9f:b4:14:af:c5:9b:
75:cc:64:e1:dd:e4:3b:9e:5b:0c:fe:db:3d:89:fb:c8:a4:1c:
96:be:03:1f:29:57:62:0b:91:f3:22:a6:41:d8:98:4a:ec:51:
5b:5e:d8:ca:3c:1e:8a:a5:bd:1f:3b:3f:47:0e:8b:a0:f9:68:
ca:c8:3f:7b:dd:a8:1c:8c:57:e6:48:3f:2c:c6:ab:4d:3c:29:
1a:61:7f:0d:f2:f4:0e:c1:4c:5a:c4:41:b9:2f:7d:f9:3e:54:
a4:2e:19:8d:68:e9:ef:c0:ae:a8:ad:5a:2e:51:16:1f:c0:c3:
86:02:7d:9a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU0MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
NDI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJERTM5NjA4ODEyNDZB
MTVCRDc2NEY2NDZFNTVFMUE3NTBBMDFGODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0XnjVEiHXS7tMRqI4tS/OASlnXFYLAmeoCUKee/NODk5j2vYm
bXepbS4fTsuLr2Ddnkfq8W5pRxKxtjjjqEnDg1WLeAr6mrYeLQhiPUBfyvNiKV39
9O8isk5QpqJjytN3Q+RaoYJ1aSYOR0FWq2oL/WgoZs3q3xPW195o2D8z/AIf2icd
9zqo3qkSDRgBe5f6120OLoHkDF7W7B3/WgTFS3+cmwviSFAoU3Px9XQL2kCe4koy
hZlTQ+8nrTbSO6HzWSyDcUXvNWslMEnQJExFs0UFgZlJwjc/ydmAc/l1zxUKlth/
KRMRIX8g94H3CWUUIdR7ccbo+D9goTwaYEBJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUveOWCIEkahW9dk9kblXhp1CgH4QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZlT1dDSUVrYWhXOWRr
OWtibFhocDFDZ0g0US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALYB7mrUUCQykQl8PxrcuxdYhESdtYxa
OuPubucmJffWYFR4kJwFfPvYlOvDCsJzFpvC5khB6L/vGgDtf0oF/lbvgbCSTcWX
dOK9IkJ7MPjvXXegLmusHLNxvhDptEficWqRQE9NfB0pRBgcuclQlLjxgm0eIeDW
vOPfwqElnU+ATltlzDhulVVss5+0FK/Fm3XMZOHd5DueWwz+2z2J+8ikHJa+Ax8p
V2ILkfMipkHYmErsUVte2Mo8HoqlvR87P0cOi6D5aMrIP3vdqByMV+ZIPyzGq008
KRphfw3y9A7BTFrEQbkvffk+VKQuGY1o6e/ArqitWi5RFh/Aw4YCfZo=
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:49:03 2025 by rpki-client