Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GLvrDj0L0ZSazar5Ge8yswWFcPM.roa
File: GLvrDj0L0ZSazar5Ge8yswWFcPM.roa (raw, json)
Hash identifier: reGhHUIIAh8QwzqB4F+1bjzJVB+4MsnJ0OzbILT4+uE=
Subject key identifier: 18:BB:EB:0E:3D:0B:D1:94:9A:CD:AA:F9:19:EF:32:B3:05:85:70:F3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E12
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GLvrDj0L0ZSazar5Ge8yswWFcPM.roa
Signing time: Thu 11 Apr 2024 08:22:46 +0000
ROA not before: Thu 11 Apr 2024 08:22:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15890 (0x3e12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 08:22:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=18BBEB0E3D0BD1949ACDAAF919EF32B3058570F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:10:03:c6:3e:2e:ef:1d:5c:07:fc:94:60:68:
7f:4e:31:88:81:6f:7f:6c:4e:d0:03:37:47:ed:2d:
c9:47:dd:64:8c:5d:62:bd:e0:3c:80:70:21:7c:d8:
f4:c4:fc:34:96:89:3f:a4:19:3c:c0:a4:db:e4:21:
0c:dc:b7:0c:e3:9f:6a:22:70:b5:d7:87:f1:d3:79:
c8:74:5a:80:98:93:63:48:b5:1e:60:1e:f4:11:38:
60:95:47:dc:5f:ed:1a:24:96:ba:5c:7c:15:28:2b:
27:7c:13:69:3b:2d:7c:bd:a5:7c:8f:2e:22:58:46:
82:ae:51:9f:bf:0a:c1:c7:58:b4:95:80:c6:b9:4d:
88:5c:fb:e4:1e:1e:cd:22:28:d1:2c:f6:da:ac:35:
f2:70:eb:4c:ae:77:73:9a:45:d5:75:ae:76:7c:26:
4e:a8:f5:fa:73:47:18:60:a4:f6:4d:45:d2:94:41:
d3:d8:ea:cc:ea:cc:c1:02:4c:33:33:5a:74:95:20:
a0:ee:bb:8a:b8:7c:f6:59:f8:98:94:84:65:0e:ed:
a1:c7:ef:e3:ac:fd:50:65:b4:01:df:48:7c:cc:ab:
2a:59:03:2f:ff:9a:c3:de:3f:4e:39:43:73:be:a6:
fe:1e:bd:c0:9a:4a:1e:45:73:d0:f6:62:06:77:ab:
fa:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:BB:EB:0E:3D:0B:D1:94:9A:CD:AA:F9:19:EF:32:B3:05:85:70:F3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GLvrDj0L0ZSazar5Ge8yswWFcPM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:1d:48:8e:82:5d:79:48:d2:dd:b5:c9:2d:d6:dc:83:c7:40:
64:e2:0b:2b:67:00:8f:af:2f:a5:9f:77:d9:5d:2c:2c:58:76:
1d:e4:e5:90:06:ca:5a:bf:0f:90:28:67:20:e6:b6:65:bc:dd:
9d:a4:3a:cb:a8:e5:7c:f9:75:97:01:84:ac:b9:e1:d1:f7:6f:
d4:ac:62:05:9a:d4:28:c4:84:6e:dd:0d:6d:6d:80:ce:0f:7f:
5b:4a:1e:4c:3a:f3:a7:63:9c:dc:82:f7:98:a2:51:58:4a:67:
ae:80:5a:71:85:55:7c:00:0b:32:5a:0d:97:b8:a7:28:32:93:
7c:96:b3:73:de:4e:ba:6e:ab:b8:dd:d3:46:7a:b1:c0:dc:a9:
9d:ed:4f:94:7e:c9:d1:3d:df:27:17:23:36:8c:7a:93:74:18:
42:a4:28:62:6e:a1:56:50:ff:0d:a6:9b:80:65:51:b6:24:f0:
02:c5:7f:77:b8:2a:11:ec:c7:1a:66:d8:7b:21:f7:b2:28:14:
21:8c:24:e2:f3:14:17:1f:02:b6:e1:ca:53:2e:35:11:f4:1a:
b2:a1:b6:da:4b:3b:1b:fa:a3:d5:3c:f4:8d:4f:db:4b:ae:13:
61:dc:31:f4:cc:fa:1a:aa:9c:9e:d2:d2:02:5d:fd:67:7e:45:
c3:7d:08:09
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPhIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
ODIyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4QkJFQjBFM0QwQkQx
OTQ5QUNEQUFGOTE5RUYzMkIzMDU4NTcwRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDREAPGPi7vHVwH/JRgaH9OMYiBb39sTtADN0ftLclH3WSMXWK9
4DyAcCF82PTE/DSWiT+kGTzApNvkIQzctwzjn2oicLXXh/HTech0WoCYk2NItR5g
HvQROGCVR9xf7RoklrpcfBUoKyd8E2k7LXy9pXyPLiJYRoKuUZ+/CsHHWLSVgMa5
TYhc++QeHs0iKNEs9tqsNfJw60yud3OaRdV1rnZ8Jk6o9fpzRxhgpPZNRdKUQdPY
6szqzMECTDMzWnSVIKDuu4q4fPZZ+JiUhGUO7aHH7+Os/VBltAHfSHzMqypZAy//
msPeP045Q3O+pv4evcCaSh5Fc9D2YgZ3q/qxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGLvrDj0L0ZSazar5Ge8yswWFcPMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dMdnJEajBMMFpTYXph
cjVHZTh5c3dXRmNQTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAnh1IjoJdeUjS3bXJLdbcg8dAZOILK2cA
j68vpZ932V0sLFh2HeTlkAbKWr8PkChnIOa2ZbzdnaQ6y6jlfPl1lwGErLnh0fdv
1KxiBZrUKMSEbt0NbW2Azg9/W0oeTDrzp2Oc3IL3mKJRWEpnroBacYVVfAALMloN
l7inKDKTfJazc95Oum6ruN3TRnqxwNypne1PlH7J0T3fJxcjNox6k3QYQqQoYm6h
VlD/DaabgGVRtiTwAsV/d7gqEezHGmbYeyH3sigUIYwk4vMUFx8CtuHKUy41EfQa
sqG22ks7G/qj1Tz0jU/bS64TYdwx9Mz6GqqcntLSAl39Z35Fw30ICQ==
-----END CERTIFICATE-----
Generated at Sat May 17 19:36:48 2025 by rpki-client