Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/pAdIfVD4TegvN15N0-A-Mxh9usg.roa
File: pAdIfVD4TegvN15N0-A-Mxh9usg.roa (raw, json)
Hash identifier: C45rYV9sN1M1gbfL4obwJbBATaptOZqCUW2XXRNtiEI=
Subject key identifier: A4:07:48:7D:50:F8:4D:E8:2F:37:5E:4D:D3:E0:3E:33:18:7D:BA:C8
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 11E8
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/pAdIfVD4TegvN15N0-A-Mxh9usg.roa
Signing time: Thu 14 Nov 2024 08:20:01 +0000
ROA not before: Thu 14 Nov 2024 08:20:01 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 34549
IP address blocks: 114.66.149.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4584 (0x11e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Nov 14 08:20:01 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A407487D50F84DE82F375E4DD3E03E33187DBAC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0d:8b:49:f3:33:7b:a6:96:72:d6:24:83:3d:
0e:0c:cd:d3:dc:8a:a4:a8:fc:e1:b4:03:81:80:f0:
23:4e:06:ee:8b:17:74:de:fe:8e:d5:21:9d:73:76:
c4:8c:99:83:40:b5:14:7d:29:f8:9b:51:43:62:14:
2c:29:ff:1e:2c:99:30:ce:1a:d8:dd:6d:af:25:0e:
02:16:32:d2:78:99:4a:7b:2b:0d:34:07:22:28:e3:
e5:54:ac:14:91:4c:79:ca:47:58:f1:d8:df:9e:7d:
9d:e8:8e:88:95:b4:65:79:63:87:ef:86:38:99:8c:
36:6b:b7:1a:e0:bc:b9:61:77:50:0f:e2:d8:bb:62:
9d:b9:da:a7:4e:19:58:5d:c5:8f:00:e4:dd:5d:ff:
de:ec:1b:73:77:99:38:73:0e:7d:96:1c:6e:2c:35:
3f:b5:74:d9:c3:43:2a:f2:9e:fd:15:e7:06:7a:11:
fd:d6:48:8e:1e:0f:22:0a:d7:81:83:41:c4:13:28:
3b:13:be:d1:58:49:76:fd:0c:73:18:95:d3:99:86:
e3:a5:10:c2:5d:2c:5b:49:91:36:0f:58:04:21:27:
3b:2d:d9:c6:58:19:73:66:b0:4d:dc:93:32:57:bb:
68:6a:65:3c:c6:6a:5c:2f:3c:19:4b:34:18:e3:43:
93:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:07:48:7D:50:F8:4D:E8:2F:37:5E:4D:D3:E0:3E:33:18:7D:BA:C8
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/pAdIfVD4TegvN15N0-A-Mxh9usg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.66.149.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:cc:0f:09:2b:0a:b0:27:d9:a5:45:58:f1:81:2f:ba:c5:25:
4b:e6:0e:16:e7:b6:69:31:8d:71:bf:58:ec:96:86:db:ba:40:
9e:cd:f1:01:34:2d:bf:8d:ee:90:cd:a4:1f:2d:82:d0:d6:0f:
e1:73:3f:f3:24:cb:30:a2:1e:34:74:10:53:5f:af:aa:4e:63:
74:d3:67:5c:55:1a:79:a0:b1:65:c2:5c:3d:1c:1d:3e:77:70:
cd:38:dc:25:6f:33:f4:4c:5a:ba:a0:8c:9e:31:34:af:8c:71:
0f:fa:c1:17:5d:cb:18:39:f2:3f:89:b1:16:14:3d:e4:fb:80:
8f:f5:b2:1f:8e:62:46:fc:56:88:c9:a2:b7:ae:c0:e0:0f:48:
3c:5e:8c:f8:4a:43:0a:60:e3:43:9f:7a:7d:c4:86:14:3e:69:
e3:f8:74:0e:06:dc:ac:2a:53:fb:47:0d:cc:7a:3f:97:f9:41:
fb:3b:4e:cf:f7:0d:cd:c8:30:fd:3f:b6:8b:eb:0a:d8:e0:aa:
df:8b:a8:2e:75:71:88:8f:4f:1f:13:2f:f7:68:a4:fb:a6:d8:
fc:ee:4b:e3:2d:79:94:71:34:2f:3f:77:da:b7:42:7a:38:8b:
e9:a1:9c:fc:5a:f1:29:f2:26:70:99:72:0b:be:4f:90:34:09:
cb:1c:fb:fc
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEegwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yNDExMTQw
ODIwMDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEE0MDc0ODdENTBGODRE
RTgyRjM3NUU0REQzRTAzRTMzMTg3REJBQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/DYtJ8zN7ppZy1iSDPQ4MzdPciqSo/OG0A4GA8CNOBu6LF3Te
/o7VIZ1zdsSMmYNAtRR9KfibUUNiFCwp/x4smTDOGtjdba8lDgIWMtJ4mUp7Kw00
ByIo4+VUrBSRTHnKR1jx2N+efZ3ojoiVtGV5Y4fvhjiZjDZrtxrgvLlhd1AP4ti7
Yp252qdOGVhdxY8A5N1d/97sG3N3mThzDn2WHG4sNT+1dNnDQyrynv0V5wZ6Ef3W
SI4eDyIK14GDQcQTKDsTvtFYSXb9DHMYldOZhuOlEMJdLFtJkTYPWAQhJzst2cZY
GXNmsE3ckzJXu2hqZTzGalwvPBlLNBjjQ5MnAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUpAdIfVD4TegvN15N0+A+Mxh9usgwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvcEFkSWZWRDRUZWd2
TjE1TjAtQS1NeGg5dXNnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHJClTANBgkqhkiG9w0BAQsFAAOCAQEAP8wPCSsKsCfZpUVY8YEvusUlS+YO
Fue2aTGNcb9Y7JaG27pAns3xATQtv43ukM2kHy2C0NYP4XM/8yTLMKIeNHQQU1+v
qk5jdNNnXFUaeaCxZcJcPRwdPndwzTjcJW8z9ExauqCMnjE0r4xxD/rBF13LGDny
P4mxFhQ95PuAj/WyH45iRvxWiMmit67A4A9IPF6M+EpDCmDjQ596fcSGFD5p4/h0
DgbcrCpT+0cNzHo/l/lB+ztOz/cNzcgw/T+2i+sK2OCq34uoLnVxiI9PHxMv92ik
+6bY/O5L4y15lHE0Lz932rdCejiL6aGc/FrxKfImcJlyC75PkDQJyxz7/A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:07 2025 by rpki-client