Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6CEF0uZZij0Qvd2WFrro9YvXPTg.roa
File: 6CEF0uZZij0Qvd2WFrro9YvXPTg.roa (raw, json)
Hash identifier: e/SDoxSt9rv5Mj5hv36EB8v9clmP7Ep5CW7hwPEVve8=
Subject key identifier: E8:21:05:D2:E6:59:8A:3D:10:BD:DD:96:16:BA:E8:F5:8B:D7:3D:38
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 408E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6CEF0uZZij0Qvd2WFrro9YvXPTg.roa
Signing time: Sun 14 Apr 2024 15:53:23 +0000
ROA not before: Sun 14 Apr 2024 15:53:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16526 (0x408e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 15:53:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E82105D2E6598A3D10BDDD9616BAE8F58BD73D38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b3:64:50:31:c5:fe:ca:f7:a2:f1:8c:7f:17:
d8:6d:c9:bb:9e:62:8e:5b:3f:cd:c8:9b:ef:b8:e6:
d9:a0:69:74:a8:2c:8c:2d:8a:47:23:3d:3d:63:21:
eb:f3:1a:eb:b0:fa:52:49:67:ff:fd:70:72:68:af:
02:29:01:8e:ff:8e:a0:91:fd:e1:69:24:95:4e:8a:
d3:ec:59:11:62:80:60:98:cb:ab:2b:e0:17:b5:da:
26:1e:5a:bf:7e:1c:7e:13:08:da:63:bb:0e:34:46:
82:00:52:6d:29:44:99:9f:df:c4:0c:f4:32:44:39:
68:d6:1c:12:d5:43:b4:ee:c3:8a:5d:03:73:3d:61:
45:15:67:96:d2:6d:d3:f2:7c:56:39:68:ae:af:46:
6a:26:26:be:07:1f:29:64:4d:66:73:ab:76:fe:28:
f0:62:8d:c6:a6:7a:63:d9:e6:75:d1:55:0a:e0:cf:
e0:ac:75:72:fa:3b:17:58:e3:b0:d0:ca:b5:78:59:
0e:7e:f3:2e:65:11:0d:ab:40:3c:5c:0a:1f:87:e0:
df:88:f7:50:fc:55:16:8e:92:50:ab:8d:49:f4:be:
85:4c:30:c6:c1:2f:dc:1a:91:b0:ef:58:1c:a6:99:
dc:85:61:62:3f:b1:00:f9:e1:27:27:fe:cf:90:f1:
f4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:21:05:D2:E6:59:8A:3D:10:BD:DD:96:16:BA:E8:F5:8B:D7:3D:38
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6CEF0uZZij0Qvd2WFrro9YvXPTg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:9c:34:cd:93:76:47:df:5d:71:be:b6:aa:c9:a7:87:4a:d8:
07:c7:7b:4b:90:a8:88:70:bb:7c:ef:6d:23:ad:96:1c:a4:ec:
d0:15:c9:6d:79:b3:e7:21:2c:e6:fa:f0:eb:77:75:d7:d6:90:
55:b4:6a:bd:c5:45:3f:be:9b:0a:c1:ef:6e:c8:4e:21:5a:f9:
c7:ab:ec:5f:c1:7b:fc:03:94:74:e5:79:79:20:3e:87:09:45:
a4:0d:39:b3:4b:04:c8:55:b4:23:b0:4b:fe:bb:22:13:33:6b:
56:f4:cc:af:4c:a3:0d:00:32:67:fb:2f:00:e4:a6:e6:6d:df:
e6:0d:6f:e0:d9:5c:65:13:a4:17:7b:8a:76:2a:96:19:e1:80:
b8:90:f2:6f:27:5c:ac:cd:cf:a4:20:e2:9b:28:65:49:36:12:
ed:20:e1:12:a2:09:ec:ca:ea:1e:56:fd:0b:4f:f9:3a:3e:40:
af:74:55:4a:da:be:e8:65:04:10:c7:c8:10:93:c7:79:76:34:
87:2f:a1:b4:f7:f6:ad:0d:51:0d:15:eb:8d:3c:b0:a5:29:59:
7f:18:d6:b2:b8:61:ac:4f:af:14:73:b5:41:8e:b4:96:c7:3f:
3a:54:57:6b:5b:a8:48:97:e1:c0:f7:2c:98:36:fb:34:0c:26:
a5:9e:75:e1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQI4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
NTUzMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU4MjEwNUQyRTY1OThB
M0QxMEJEREQ5NjE2QkFFOEY1OEJENzNEMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7s2RQMcX+yvei8Yx/F9htybueYo5bP83Im++45tmgaXSoLIwt
ikcjPT1jIevzGuuw+lJJZ//9cHJorwIpAY7/jqCR/eFpJJVOitPsWRFigGCYy6sr
4Be12iYeWr9+HH4TCNpjuw40RoIAUm0pRJmf38QM9DJEOWjWHBLVQ7Tuw4pdA3M9
YUUVZ5bSbdPyfFY5aK6vRmomJr4HHylkTWZzq3b+KPBijcamemPZ5nXRVQrgz+Cs
dXL6OxdY47DQyrV4WQ5+8y5lEQ2rQDxcCh+H4N+I91D8VRaOklCrjUn0voVMMMbB
L9wakbDvWBymmdyFYWI/sQD54Scn/s+Q8fTJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU6CEF0uZZij0Qvd2WFrro9YvXPTgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZDRUYwdVpaaWowUXZk
MldGcnJvOVl2WFBUZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAm5w0zZN2R99dcb62qsmnh0rYB8d7S5Co
iHC7fO9tI62WHKTs0BXJbXmz5yEs5vrw63d119aQVbRqvcVFP76bCsHvbshOIVr5
x6vsX8F7/AOUdOV5eSA+hwlFpA05s0sEyFW0I7BL/rsiEzNrVvTMr0yjDQAyZ/sv
AOSm5m3f5g1v4NlcZROkF3uKdiqWGeGAuJDybydcrM3PpCDimyhlSTYS7SDhEqIJ
7MrqHlb9C0/5Oj5Ar3RVStq+6GUEEMfIEJPHeXY0hy+htPf2rQ1RDRXrjTywpSlZ
fxjWsrhhrE+vFHO1QY60lsc/OlRXa1uoSJfhwPcsmDb7NAwmpZ514Q==
-----END CERTIFICATE-----
Generated at Sun May 18 19:30:05 2025 by rpki-client