Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wjsTGnrclDFRaNvFzjQKuKuBoDI.roa
File: wjsTGnrclDFRaNvFzjQKuKuBoDI.roa (raw, json)
Hash identifier: cP0a3vnozSXB7gh/ybrV7kN1l7gSt3c8eeJBjE0UVRE=
Subject key identifier: C2:3B:13:1A:7A:DC:94:31:51:68:DB:C5:CE:34:0A:B8:AB:81:A0:32
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56CB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wjsTGnrclDFRaNvFzjQKuKuBoDI.roa
Signing time: Tue 14 May 2024 07:24:25 +0000
ROA not before: Tue 14 May 2024 07:24:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22219 (0x56cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 07:24:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C23B131A7ADC94315168DBC5CE340AB8AB81A032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9c:6a:7d:37:b6:ea:26:05:36:55:f5:a4:aa:
28:25:e7:b1:fb:42:25:ed:63:53:82:8d:98:24:81:
11:0c:ad:ca:fa:bf:ce:8c:3b:25:3e:5a:fd:4a:ba:
fd:9f:8c:40:19:47:50:51:62:1c:c5:c5:1a:99:dd:
02:ba:39:3c:ad:2e:8d:cc:d6:8e:05:f6:59:51:04:
27:5e:f3:fd:b7:41:45:ab:bf:01:89:48:da:88:94:
21:de:e0:26:f3:d0:da:53:4d:c3:13:b0:34:6d:ec:
c9:20:38:89:a0:d9:e0:ae:a9:bd:fe:9c:8a:57:11:
11:52:54:59:d8:e8:b9:60:7d:b8:d6:62:49:fd:3a:
15:cc:ac:b8:94:80:a3:09:f1:db:58:28:05:44:58:
7b:e1:8a:50:1c:c6:ae:96:db:07:d5:fd:6c:19:ed:
d9:ad:6e:34:ad:81:96:d2:af:16:fa:89:99:58:f5:
ce:21:ef:d3:25:fa:97:cb:59:03:c1:4b:3d:5b:25:
54:42:74:3c:0b:af:44:bd:d3:dd:2d:e1:6a:71:23:
b7:6e:fa:3f:09:80:43:cf:41:6d:b8:f1:1b:3a:32:
91:5a:7e:47:be:78:c2:77:c3:f0:a1:4f:b1:1b:b7:
33:41:c2:5b:cb:e2:48:55:3e:a3:a2:de:54:ac:5d:
4d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:3B:13:1A:7A:DC:94:31:51:68:DB:C5:CE:34:0A:B8:AB:81:A0:32
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wjsTGnrclDFRaNvFzjQKuKuBoDI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1a:84:43:98:a6:0e:b4:fa:cd:86:8f:31:d2:4e:1e:6c:3d:aa:
b7:82:1e:e0:b0:3c:41:e6:52:6b:42:e2:8f:0b:6e:0f:a2:c7:
86:69:e6:a5:8f:04:e1:bf:33:51:52:08:44:e3:3b:f6:a9:5b:
9c:fc:3f:46:6f:ab:13:3d:4f:69:e0:82:70:fe:e3:e9:49:a4:
e5:6c:f8:5e:50:ad:f1:cc:51:77:e3:c8:d9:8a:7e:9a:26:89:
94:90:82:68:70:9a:8c:a9:57:b2:cc:e4:d1:fc:24:00:4a:d3:
56:be:ea:85:d5:e7:ee:6f:e8:84:53:0c:f3:f8:fd:71:9b:1b:
85:03:59:48:f9:8b:4f:ae:b3:d3:0e:a8:ef:9e:06:6f:a8:37:
2a:7e:25:6e:42:dc:40:92:c6:7b:55:11:b3:a7:62:10:b5:82:
b0:fe:5c:fb:ec:a1:3d:5a:55:fa:23:5a:62:e2:ad:dd:93:94:
44:e8:70:8d:96:16:80:b1:90:46:b8:71:ab:e7:e2:db:97:77:
33:ba:9b:be:93:b6:27:f9:2c:07:8b:3b:bf:b3:2e:e4:6f:1c:
29:2a:c3:bd:8e:2c:13:e2:c6:52:70:8c:9f:6f:24:ba:68:81:
59:2f:54:d1:68:ef:68:c0:fa:32:b6:fa:80:c3:74:b2:57:17:
47:d5:a6:8f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVsswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQw
NzI0MjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMyM0IxMzFBN0FEQzk0
MzE1MTY4REJDNUNFMzQwQUI4QUI4MUEwMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmnGp9N7bqJgU2VfWkqigl57H7QiXtY1OCjZgkgREMrcr6v86M
OyU+Wv1Kuv2fjEAZR1BRYhzFxRqZ3QK6OTytLo3M1o4F9llRBCde8/23QUWrvwGJ
SNqIlCHe4Cbz0NpTTcMTsDRt7MkgOImg2eCuqb3+nIpXERFSVFnY6LlgfbjWYkn9
OhXMrLiUgKMJ8dtYKAVEWHvhilAcxq6W2wfV/WwZ7dmtbjStgZbSrxb6iZlY9c4h
79Ml+pfLWQPBSz1bJVRCdDwLr0S9090t4WpxI7du+j8JgEPPQW248Rs6MpFafke+
eMJ3w/ChT7EbtzNBwlvL4khVPqOi3lSsXU2BAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUwjsTGnrclDFRaNvFzjQKuKuBoDIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3dqc1RHbnJjbERGUmFO
dkZ6alFLdUt1Qm9ESS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABqEQ5imDrT6zYaPMdJOHmw9qreCHuCw
PEHmUmtC4o8Lbg+ix4Zp5qWPBOG/M1FSCETjO/apW5z8P0ZvqxM9T2nggnD+4+lJ
pOVs+F5QrfHMUXfjyNmKfpomiZSQgmhwmoypV7LM5NH8JABK01a+6oXV5+5v6IRT
DPP4/XGbG4UDWUj5i0+us9MOqO+eBm+oNyp+JW5C3ECSxntVEbOnYhC1grD+XPvs
oT1aVfojWmLird2TlETocI2WFoCxkEa4cavn4tuXdzO6m76Ttif5LAeLO7+zLuRv
HCkqw72OLBPixlJwjJ9vJLpogVkvVNFo72jA+jK2+oDDdLJXF0fVpo8=
-----END CERTIFICATE-----
Generated at Mon Apr 14 05:53:15 2025 by rpki-client