Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WHo_zSemglDbjToAEJJNSRNPxTw.roa
File: WHo_zSemglDbjToAEJJNSRNPxTw.roa (raw, json)
Hash identifier: nv4ArDJhqElV+JOd6/5blVoW9XJnakh8q4C4OHUIUKo=
Subject key identifier: 58:7A:3F:CD:27:A6:82:50:DB:8D:3A:00:10:92:4D:49:13:4F:C5:3C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 563E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WHo_zSemglDbjToAEJJNSRNPxTw.roa
Signing time: Mon 13 May 2024 13:54:17 +0000
ROA not before: Mon 13 May 2024 13:54:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22078 (0x563e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 13:54:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=587A3FCD27A68250DB8D3A0010924D49134FC53C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:0f:bd:26:8f:b9:e6:3f:b0:cd:29:26:bd:18:
df:c2:c3:01:94:f7:cc:4e:16:9d:41:a2:48:2c:9e:
aa:2d:d7:16:19:f4:06:f5:23:de:fa:3a:29:9a:0c:
91:8f:f4:7b:82:82:fa:e8:83:46:bc:90:61:e9:11:
15:1c:36:f2:e2:04:7f:50:d0:78:ad:c2:f0:0c:e8:
6a:5b:3c:b3:1f:32:49:02:8b:e6:4c:c4:dd:23:cd:
40:4a:ac:76:df:2d:af:63:ee:1f:51:fb:68:ea:d2:
c6:75:ff:92:56:92:cc:30:2f:e3:4d:ad:a5:3e:28:
fd:cf:42:91:c6:6f:79:12:de:18:f4:87:8c:06:b3:
ce:8e:53:47:08:f2:88:a7:26:c9:9c:01:6d:bd:7e:
6e:55:46:bf:80:43:2e:99:63:f6:6a:64:4e:9e:d2:
97:93:5a:f2:b0:8e:20:b5:5e:73:5f:87:6c:14:c6:
5c:ff:54:ec:70:6f:3b:2f:ed:14:f5:43:fe:3c:ac:
ca:09:da:9a:7b:66:b5:8f:a2:22:4e:f0:3d:d2:d9:
69:3e:56:a7:5d:6d:5b:16:bb:4d:2b:f9:dc:65:94:
e5:9b:57:40:1d:32:99:23:59:57:b3:e2:22:f5:ae:
ff:b1:c5:7c:a4:a1:ee:8b:79:46:90:a7:c6:7d:71:
7e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:7A:3F:CD:27:A6:82:50:DB:8D:3A:00:10:92:4D:49:13:4F:C5:3C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WHo_zSemglDbjToAEJJNSRNPxTw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:fd:9a:dd:7d:33:c7:c2:79:15:51:02:93:bb:58:b2:6b:8c:
e9:87:ef:f8:53:5e:b2:41:d2:e1:34:52:93:54:69:a1:70:9a:
23:7a:11:4a:f2:13:ea:07:a5:6c:17:6e:9f:89:d6:d7:52:b1:
27:18:7e:6c:d2:ec:c9:35:50:88:ac:95:10:c5:38:11:91:48:
53:b2:b4:72:23:da:af:84:3e:2d:a9:d0:7d:96:3e:53:5b:af:
72:6b:87:4b:0d:81:91:66:5a:a1:cf:ed:b3:a3:b7:9f:e9:cd:
6f:cf:31:b0:b3:c8:5a:92:e4:c2:c1:ab:e4:63:43:76:ff:20:
67:ba:e3:98:13:53:d3:59:1c:98:c7:0b:b3:11:46:01:2c:38:
03:c4:04:cf:d1:97:76:f2:ad:8d:d4:6f:2d:f5:3e:2b:db:aa:
2b:e1:c4:97:5f:5d:f2:06:9f:02:28:1d:6c:64:fb:c0:41:77:
e2:0c:1f:62:35:5b:93:2b:b4:de:8e:a2:94:a6:27:16:fd:fb:
7a:89:6c:29:1a:8f:de:1e:11:11:09:58:8a:33:23:b8:1c:84:
c5:51:fc:8e:af:c2:24:57:8b:77:09:da:e6:2a:1a:ca:9c:e1:
4f:55:93:e7:dc:a4:0b:44:54:8d:ea:bc:f9:0b:bb:68:88:c3:
37:44:b8:34
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVj4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMx
MzU0MTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU4N0EzRkNEMjdBNjgy
NTBEQjhEM0EwMDEwOTI0RDQ5MTM0RkM1M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqD70mj7nmP7DNKSa9GN/CwwGU98xOFp1Bokgsnqot1xYZ9Ab1
I976OimaDJGP9HuCgvrog0a8kGHpERUcNvLiBH9Q0HitwvAM6GpbPLMfMkkCi+ZM
xN0jzUBKrHbfLa9j7h9R+2jq0sZ1/5JWkswwL+NNraU+KP3PQpHGb3kS3hj0h4wG
s86OU0cI8oinJsmcAW29fm5VRr+AQy6ZY/ZqZE6e0peTWvKwjiC1XnNfh2wUxlz/
VOxwbzsv7RT1Q/48rMoJ2pp7ZrWPoiJO8D3S2Wk+VqddbVsWu00r+dxllOWbV0Ad
MpkjWVez4iL1rv+xxXykoe6LeUaQp8Z9cX5VAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUWHo/zSemglDbjToAEJJNSRNPxTwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dIb196U2VtZ2xEYmpU
b0FFSkpOU1JOUHhUdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQP2a3X0zx8J5FVECk7tYsmuM6Yfv+FNe
skHS4TRSk1RpoXCaI3oRSvIT6gelbBdun4nW11KxJxh+bNLsyTVQiKyVEMU4EZFI
U7K0ciPar4Q+LanQfZY+U1uvcmuHSw2BkWZaoc/ts6O3n+nNb88xsLPIWpLkwsGr
5GNDdv8gZ7rjmBNT01kcmMcLsxFGASw4A8QEz9GXdvKtjdRvLfU+K9uqK+HEl19d
8gafAigdbGT7wEF34gwfYjVbkyu03o6ilKYnFv37eolsKRqP3h4REQlYijMjuByE
xVH8jq/CJFeLdwna5ioaypzhT1WT59ykC0RUjeq8+Qu7aIjDN0S4NA==
-----END CERTIFICATE-----
Generated at Sat May 17 19:36:31 2025 by rpki-client