Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Sw_ePNvjzmJd82UPwhFtDfwyn68.roa
File: Sw_ePNvjzmJd82UPwhFtDfwyn68.roa (raw, json)
Hash identifier: hcfK+8GBmuwH9IPkvdHjzbjgCl2caPmuGo30hIgxaPI=
Subject key identifier: 4B:0F:DE:3C:DB:E3:CE:62:5D:F3:65:0F:C2:11:6D:0D:FC:32:9F:AF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 532A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Sw_ePNvjzmJd82UPwhFtDfwyn68.roa
Signing time: Thu 09 May 2024 11:23:57 +0000
ROA not before: Thu 09 May 2024 11:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21290 (0x532a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 11:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4B0FDE3CDBE3CE625DF3650FC2116D0DFC329FAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:12:9d:4e:46:e2:04:4e:d7:3c:92:57:5e:b4:
20:dd:3d:af:32:a6:2d:20:80:f4:5b:7e:de:46:88:
6b:1f:a8:28:3e:46:45:8a:79:55:62:cd:34:de:40:
e0:45:bc:16:72:88:e1:03:45:1b:f0:12:3f:ec:2e:
e0:2d:10:e4:76:58:59:c9:7e:59:eb:96:e1:88:3b:
eb:35:fe:11:b1:d2:71:90:64:a6:bf:fb:ef:10:aa:
60:75:90:ff:d6:82:32:9c:8c:f2:c6:ea:a0:3a:2e:
c8:4e:a4:81:e9:03:39:d7:2f:cf:28:66:37:0d:f2:
91:b7:88:e6:85:c8:55:7d:7b:6c:12:23:11:9d:49:
47:37:3f:f3:28:49:ee:4a:0d:b9:49:d1:13:18:da:
a4:18:30:5b:b2:a7:f2:86:c8:ac:b3:dd:6d:0c:e4:
89:33:35:60:b2:72:bc:ad:4b:75:fa:07:8b:47:85:
c7:83:0c:af:a9:f2:f9:24:60:b8:bd:b2:bb:a8:fa:
0d:32:e4:d9:55:6d:50:53:2b:78:c7:28:c0:f3:7b:
2d:88:a4:8c:e9:bb:e3:d3:ee:c3:48:ca:44:24:48:
62:82:8d:d5:89:6c:ec:9d:77:87:4e:72:b0:cd:bc:
b4:f6:b5:7e:de:80:04:98:e0:bd:d2:88:82:2a:06:
2f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:0F:DE:3C:DB:E3:CE:62:5D:F3:65:0F:C2:11:6D:0D:FC:32:9F:AF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Sw_ePNvjzmJd82UPwhFtDfwyn68.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:98:ef:a1:cf:9d:15:72:b3:47:e3:f2:e9:3e:78:50:cc:b6:
3e:02:3f:bc:6e:f3:a0:55:c3:20:c0:ed:79:e4:24:0b:84:26:
6e:4c:55:43:ac:d8:85:1f:bf:e5:d2:7f:f8:07:ed:87:6e:ce:
0c:25:e9:58:91:1c:ff:fd:d5:c2:f9:0e:b8:5f:f8:e7:31:11:
fd:42:cc:8c:03:86:e6:c9:54:2a:88:a1:97:26:cf:74:cc:fb:
78:c8:15:f3:f8:73:a4:21:4f:34:c7:00:e6:e1:1d:35:06:f3:
29:05:ef:1c:46:0f:a4:f8:35:15:b6:f9:ab:57:bb:6a:81:6c:
26:91:ca:17:9e:68:5c:cc:a9:72:7b:50:b6:6f:25:1e:50:c1:
58:dd:b2:11:ae:48:10:9e:a8:39:cb:7b:19:42:74:28:4a:b8:
ac:77:c5:0f:13:89:72:83:d7:aa:d2:a4:2d:21:03:dc:76:8e:
46:b3:0f:d9:5d:45:da:e2:96:c1:5a:24:d6:fa:d3:b3:a3:85:
ff:9e:ff:9a:46:8a:4e:61:28:95:2f:f1:17:4b:4a:d0:7a:0e:
f5:5c:dd:f5:bc:ac:a5:6d:83:aa:4a:93:db:ca:f4:06:02:05:
59:56:0d:18:c7:49:2a:48:11:c8:20:fa:77:64:65:ff:0f:0c:
93:cb:ec:32
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
MTIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRCMEZERTNDREJFM0NF
NjI1REYzNjUwRkMyMTE2RDBERkMzMjlGQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8Ep1ORuIETtc8kldetCDdPa8ypi0ggPRbft5GiGsfqCg+RkWK
eVVizTTeQOBFvBZyiOEDRRvwEj/sLuAtEOR2WFnJflnrluGIO+s1/hGx0nGQZKa/
++8QqmB1kP/WgjKcjPLG6qA6LshOpIHpAznXL88oZjcN8pG3iOaFyFV9e2wSIxGd
SUc3P/MoSe5KDblJ0RMY2qQYMFuyp/KGyKyz3W0M5IkzNWCycrytS3X6B4tHhceD
DK+p8vkkYLi9sruo+g0y5NlVbVBTK3jHKMDzey2IpIzpu+PT7sNIykQkSGKCjdWJ
bOydd4dOcrDNvLT2tX7egASY4L3SiIIqBi+tAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUSw/ePNvjzmJd82UPwhFtDfwyn68wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1N3X2VQTnZqem1KZDgy
VVB3aEZ0RGZ3eW42OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAiZjvoc+dFXKzR+Py6T54UMy2PgI/vG7z
oFXDIMDteeQkC4QmbkxVQ6zYhR+/5dJ/+Afth27ODCXpWJEc//3VwvkOuF/45zER
/ULMjAOG5slUKoihlybPdMz7eMgV8/hzpCFPNMcA5uEdNQbzKQXvHEYPpPg1Fbb5
q1e7aoFsJpHKF55oXMypcntQtm8lHlDBWN2yEa5IEJ6oOct7GUJ0KEq4rHfFDxOJ
coPXqtKkLSED3HaORrMP2V1F2uKWwVok1vrTs6OF/57/mkaKTmEolS/xF0tK0HoO
9Vzd9byspW2DqkqT28r0BgIFWVYNGMdJKkgRyCD6d2Rl/w8Mk8vsMg==
-----END CERTIFICATE-----
Generated at Sat May 17 21:30:15 2025 by rpki-client