Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/EuRGBvrHipGBx-kL5JJyOfqiZ7Q.roa
File: EuRGBvrHipGBx-kL5JJyOfqiZ7Q.roa (raw, json)
Hash identifier: V9FqroCp+drphL+k2xwmiZJHpc9S0txYMMN6ph6RlXk=
Subject key identifier: 12:E4:46:06:FA:C7:8A:91:81:C7:E9:0B:E4:92:72:39:FA:A2:67:B4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5282
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EuRGBvrHipGBx-kL5JJyOfqiZ7Q.roa
Signing time: Wed 08 May 2024 14:23:57 +0000
ROA not before: Wed 08 May 2024 14:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21122 (0x5282)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 14:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=12E44606FAC78A9181C7E90BE4927239FAA267B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:57:a4:de:a8:05:2a:5e:49:3c:74:8f:5a:84:
bd:ad:6a:d1:bf:cd:4f:a4:8d:b1:ab:0f:09:b6:a7:
11:45:a9:4a:d3:37:33:6d:9d:bc:1b:77:d9:16:a7:
85:10:e2:a7:cf:17:23:3f:db:78:c6:ec:82:e4:ec:
42:c5:b7:31:38:82:f9:a9:0d:db:d4:b7:c1:bb:07:
67:e0:f8:d3:24:f5:c9:8c:28:d8:33:5d:9a:dd:31:
6a:53:df:c8:21:fd:95:c1:d9:9f:f6:fd:3f:15:d8:
92:ba:aa:ce:ab:cf:6f:4b:25:72:cf:8d:36:1b:50:
0d:51:db:f1:f3:f4:de:b6:cb:87:b9:a4:b7:87:09:
21:cf:a4:4c:61:cf:b2:02:30:a6:f8:c3:2f:85:ce:
b9:f0:2b:e0:77:4c:65:b3:66:0d:e4:9e:98:b3:a5:
bf:ee:66:cb:24:e8:67:e1:b3:48:47:e2:76:8e:a5:
4c:44:81:4b:44:16:ac:bb:18:6e:fd:7c:98:3c:2b:
1b:1d:dd:dc:13:29:c4:53:72:a4:61:cf:64:02:e6:
91:b5:2a:e6:55:0f:4f:f4:31:0b:f3:b2:6c:12:d8:
55:7a:45:24:02:f7:1a:87:64:de:87:b8:e2:19:2d:
e3:a8:4d:dc:50:3d:7d:bb:9d:0c:f5:09:7e:1b:42:
04:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:E4:46:06:FA:C7:8A:91:81:C7:E9:0B:E4:92:72:39:FA:A2:67:B4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EuRGBvrHipGBx-kL5JJyOfqiZ7Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8b:94:51:b9:a8:a3:6f:5f:32:d0:e7:0e:46:69:79:be:79:ec:
88:64:e5:57:e2:11:b1:51:1b:b6:4e:13:0c:c4:6e:cb:c5:34:
c8:5c:03:6a:a4:c6:68:ae:a6:7f:d5:42:6a:e0:e4:08:b2:db:
43:dc:c1:7e:72:f3:8e:5f:52:86:d8:4b:84:7b:a1:7b:ac:03:
56:eb:48:d2:3f:f7:20:9b:9b:78:94:45:a6:d6:1b:65:81:5e:
5b:72:bf:d7:35:12:20:cc:52:4d:c5:c9:5d:7a:43:ef:91:be:
a4:26:b3:37:32:ea:08:ba:3b:aa:c7:72:ea:47:73:62:a5:42:
77:f1:93:24:74:23:46:ee:7a:1a:ef:3b:9e:a6:79:63:d2:12:
8e:59:2a:d1:e6:0f:48:84:e5:d0:ff:52:eb:e1:d0:84:3e:38:
0e:b9:28:8d:24:b8:84:c0:8e:bd:20:8c:52:91:ce:4b:64:b2:
99:a6:8c:91:85:14:00:46:22:10:89:09:a0:e9:aa:fe:ec:87:
fc:93:ca:7d:be:da:12:27:45:1a:63:ac:48:01:17:be:16:96:
50:74:62:09:3c:74:88:f6:00:d1:fe:d4:e6:48:f9:69:a1:84:
96:f5:31:eb:f0:e4:1f:50:1a:29:89:f9:0f:5e:32:1b:f0:4e:
bd:7a:9b:f4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUoIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgx
NDIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEyRTQ0NjA2RkFDNzhB
OTE4MUM3RTkwQkU0OTI3MjM5RkFBMjY3QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRV6TeqAUqXkk8dI9ahL2tatG/zU+kjbGrDwm2pxFFqUrTNzNt
nbwbd9kWp4UQ4qfPFyM/23jG7ILk7ELFtzE4gvmpDdvUt8G7B2fg+NMk9cmMKNgz
XZrdMWpT38gh/ZXB2Z/2/T8V2JK6qs6rz29LJXLPjTYbUA1R2/Hz9N62y4e5pLeH
CSHPpExhz7ICMKb4wy+FzrnwK+B3TGWzZg3knpizpb/uZssk6Gfhs0hH4naOpUxE
gUtEFqy7GG79fJg8Kxsd3dwTKcRTcqRhz2QC5pG1KuZVD0/0MQvzsmwS2FV6RSQC
9xqHZN6HuOIZLeOoTdxQPX27nQz1CX4bQgThAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUEuRGBvrHipGBx+kL5JJyOfqiZ7QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0V1UkdCdnJIaXBHQngt
a0w1Skp5T2ZxaVo3US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAi5RRuaijb18y0OcORml5vnnsiGTlV+IR
sVEbtk4TDMRuy8U0yFwDaqTGaK6mf9VCauDkCLLbQ9zBfnLzjl9ShthLhHuhe6wD
VutI0j/3IJubeJRFptYbZYFeW3K/1zUSIMxSTcXJXXpD75G+pCazNzLqCLo7qsdy
6kdzYqVCd/GTJHQjRu56Gu87nqZ5Y9ISjlkq0eYPSITl0P9S6+HQhD44DrkojSS4
hMCOvSCMUpHOS2SymaaMkYUUAEYiEIkJoOmq/uyH/JPKfb7aEidFGmOsSAEXvhaW
UHRiCTx0iPYA0f7U5kj5aaGElvUx6/DkH1AaKYn5D14yG/BOvXqb9A==
-----END CERTIFICATE-----
Generated at Sun May 18 12:19:22 2025 by rpki-client