Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VPsxUYmCCKABpr7Yj0UzeONEoU8.roa
File: VPsxUYmCCKABpr7Yj0UzeONEoU8.roa (raw, json)
Hash identifier: HaEoMMWWJCoteHa4py+5PyFPw7hiy+L0OQGnG5FuKrc=
Subject key identifier: 54:FB:31:51:89:82:08:A0:01:A6:BE:D8:8F:45:33:78:E3:44:A1:4F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 52BE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VPsxUYmCCKABpr7Yj0UzeONEoU8.roa
Signing time: Wed 08 May 2024 21:53:57 +0000
ROA not before: Wed 08 May 2024 21:53:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21182 (0x52be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 21:53:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=54FB3151898208A001A6BED88F453378E344A14F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6e:4e:be:e7:c0:12:5d:d4:1b:11:d5:85:ce:
fc:4b:10:b5:0c:b7:88:ec:a9:60:d5:ce:25:78:ad:
9c:6b:b0:c1:de:9f:c8:9e:cb:28:cc:12:a9:dc:18:
5c:95:90:3a:aa:e5:de:f0:35:44:9a:65:2c:c2:0f:
48:da:db:8a:84:fc:5b:22:b5:ec:8a:28:3e:97:76:
d7:16:ce:bc:13:44:6c:27:92:68:e3:b4:5e:04:da:
17:ae:47:6a:b7:95:ba:85:db:8e:18:ad:d8:d3:34:
02:7f:69:b7:a5:c3:8a:ff:5f:9e:be:b9:c4:1a:5b:
93:00:60:5e:cb:cb:60:12:45:97:df:95:39:79:e6:
f4:af:a5:c1:29:f5:4d:56:b5:cc:5e:78:76:93:e3:
67:94:7d:56:25:16:ea:63:24:c5:b2:0d:59:a4:f0:
73:13:49:3b:66:0b:81:4d:6f:d8:74:cc:ea:04:73:
68:10:0e:90:98:93:af:c5:c5:32:54:be:c8:dc:c0:
06:2c:7b:df:cb:29:26:08:bc:bd:75:69:b3:51:6d:
14:35:40:5d:9f:62:6e:37:c3:86:ca:bd:17:08:6c:
a2:64:3d:6a:f1:54:2e:ae:0e:2d:d7:0d:fa:52:b6:
b7:80:54:5d:96:e6:26:ad:26:0b:18:d5:80:d7:b8:
a6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FB:31:51:89:82:08:A0:01:A6:BE:D8:8F:45:33:78:E3:44:A1:4F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VPsxUYmCCKABpr7Yj0UzeONEoU8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9a:b4:d3:4e:b2:33:c0:45:c0:8b:ee:c6:7f:41:ff:fd:49:07:
ad:65:d6:35:53:47:25:cb:60:46:40:cd:15:9c:aa:d2:08:51:
26:85:af:9f:55:2a:e2:b9:ec:20:d6:42:76:31:e6:4f:23:19:
0b:80:9d:46:c2:ca:9a:12:ab:8a:b0:54:e6:6a:87:77:12:ef:
d0:26:b6:a6:a6:dc:08:42:56:1f:a4:9f:9b:01:ef:8f:af:ef:
52:c2:9d:b7:95:79:83:b2:22:1e:b3:11:a9:f5:e1:34:5d:58:
a1:ab:81:02:26:b4:45:a0:83:56:35:81:a5:a1:0f:c8:24:18:
8d:2c:0f:6c:18:db:b4:d6:97:eb:b0:d8:75:3c:1e:2e:3a:c2:
2f:c6:66:79:59:e4:1e:81:eb:c0:ae:20:f3:5e:09:58:61:29:
a4:c2:aa:5a:40:ab:ad:61:d8:55:35:d4:3b:07:70:1b:76:55:
91:6a:69:73:42:08:28:ac:c2:e9:02:d1:13:ca:30:66:0c:58:
b9:46:57:b9:c4:f7:e1:2f:51:1b:f9:73:69:a6:6d:23:1d:52:
72:32:3b:94:1d:67:bf:df:c0:44:22:28:20:ef:bc:31:dc:99:
f8:96:fb:86:ec:b4:f0:64:e4:1b:ca:63:14:35:dc:00:c0:8c:
74:c2:50:22
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUr4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgy
MTUzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU0RkIzMTUxODk4MjA4
QTAwMUE2QkVEODhGNDUzMzc4RTM0NEExNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwbk6+58ASXdQbEdWFzvxLELUMt4jsqWDVziV4rZxrsMHen8ie
yyjMEqncGFyVkDqq5d7wNUSaZSzCD0ja24qE/FsiteyKKD6XdtcWzrwTRGwnkmjj
tF4E2heuR2q3lbqF244YrdjTNAJ/abelw4r/X56+ucQaW5MAYF7Ly2ASRZfflTl5
5vSvpcEp9U1WtcxeeHaT42eUfVYlFupjJMWyDVmk8HMTSTtmC4FNb9h0zOoEc2gQ
DpCYk6/FxTJUvsjcwAYse9/LKSYIvL11abNRbRQ1QF2fYm43w4bKvRcIbKJkPWrx
VC6uDi3XDfpStreAVF2W5iatJgsY1YDXuKZzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVPsxUYmCCKABpr7Yj0UzeONEoU8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZQc3hVWW1DQ0tBQnBy
N1lqMFV6ZU9ORW9VOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAmrTTTrIzwEXAi+7Gf0H//UkHrWXWNVNH
JctgRkDNFZyq0ghRJoWvn1Uq4rnsINZCdjHmTyMZC4CdRsLKmhKrirBU5mqHdxLv
0Ca2pqbcCEJWH6SfmwHvj6/vUsKdt5V5g7IiHrMRqfXhNF1YoauBAia0RaCDVjWB
paEPyCQYjSwPbBjbtNaX67DYdTweLjrCL8ZmeVnkHoHrwK4g814JWGEppMKqWkCr
rWHYVTXUOwdwG3ZVkWppc0IIKKzC6QLRE8owZgxYuUZXucT34S9RG/lzaaZtIx1S
cjI7lB1nv9/ARCIoIO+8MdyZ+Jb7huy08GTkG8pjFDXcAMCMdMJQIg==
-----END CERTIFICATE-----
Generated at Sat May 17 21:28:07 2025 by rpki-client