Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WTvHWJAV-wrJkE1aPMv5yi-Ce1E.roa
File: WTvHWJAV-wrJkE1aPMv5yi-Ce1E.roa (raw, json)
Hash identifier: ZydHqE2WPdBPv2kQNjxcmXMhsEq5tnVA6bMRWTGLCew=
Subject key identifier: 59:3B:C7:58:90:15:FB:0A:C9:90:4D:5A:3C:CB:F9:CA:2F:82:7B:51
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53D2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WTvHWJAV-wrJkE1aPMv5yi-Ce1E.roa
Signing time: Fri 10 May 2024 08:24:00 +0000
ROA not before: Fri 10 May 2024 08:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21458 (0x53d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 08:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=593BC7589015FB0AC9904D5A3CCBF9CA2F827B51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4c:87:82:f2:23:16:26:bb:ea:5d:a8:d4:88:
71:d5:ec:97:5a:30:47:e3:6c:5f:db:61:a1:12:b0:
c0:f2:a0:d0:45:f6:30:34:23:01:8d:bb:1a:7e:68:
25:77:31:71:20:ea:8d:fe:55:9c:71:de:65:28:d2:
31:da:17:71:a1:64:61:c2:da:09:3c:c6:1d:5f:66:
1c:84:61:0d:4c:91:ef:2f:4b:e1:5c:5a:ae:8d:09:
32:b3:2e:74:78:7c:e1:61:0f:39:2c:aa:33:50:9d:
09:20:7b:6b:8f:77:f7:34:a8:be:e2:44:2b:8d:4f:
d7:fe:8f:48:27:12:77:06:dc:f1:19:72:43:58:20:
fd:fc:0f:f9:a1:5c:35:42:c7:0c:91:76:c6:7d:93:
96:61:c5:e8:ff:b0:b7:41:f7:fd:1a:c2:03:9f:37:
9f:65:b3:ea:9f:8f:d1:8f:43:db:b3:da:2f:0e:3b:
c2:4e:a1:25:06:ca:78:84:8f:90:75:6c:e5:c1:8c:
97:7c:1f:0f:a6:e9:ec:50:2c:3f:38:f2:d6:4c:be:
61:f0:19:3a:81:b6:97:17:d1:77:80:07:0b:5e:21:
97:7e:bd:90:e0:c2:c8:51:de:68:26:96:c8:2d:95:
e3:f9:a2:68:3d:2e:98:ae:83:98:3a:2a:d2:c2:02:
34:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:3B:C7:58:90:15:FB:0A:C9:90:4D:5A:3C:CB:F9:CA:2F:82:7B:51
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WTvHWJAV-wrJkE1aPMv5yi-Ce1E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:83:40:f2:d8:f9:e7:66:b3:96:fb:95:06:7a:29:c7:1e:1c:
38:77:44:91:30:c8:52:b2:8e:00:43:9d:34:40:d0:95:ec:24:
8b:ad:ec:a7:bb:84:ff:1b:6f:9f:cd:a9:74:50:00:0b:94:ef:
d0:8c:4a:c1:7f:86:ae:32:57:22:65:f1:d3:a1:e7:85:64:59:
76:d7:53:d0:87:64:1e:e0:f6:a3:44:ce:d1:55:e0:14:30:4a:
d5:a0:3e:50:55:bd:ac:ac:51:cd:cb:f8:32:05:77:53:1a:77:
a3:de:be:7f:bb:f2:93:6d:bd:f5:39:21:fc:32:3b:ee:d1:0a:
a5:75:d0:07:65:ff:31:cd:c9:4e:5a:fb:d4:6e:14:54:e7:cf:
d8:15:11:f7:d5:b9:e8:e0:b5:51:ce:d4:eb:d4:e7:f7:f0:da:
97:0d:3c:1f:ad:2a:47:40:ea:19:a8:68:ea:ed:15:bb:b7:b8:
5b:a2:3d:db:88:0e:fb:47:e1:5d:63:bb:fd:0a:76:52:8f:4f:
01:6e:06:12:a3:ce:86:a1:cb:b6:a6:04:aa:94:07:77:5b:71:
d6:d9:b0:e3:3f:9c:52:ef:9b:2d:a4:fd:bf:3f:3e:75:a7:27:
19:9c:4e:8a:34:5c:b4:5f:d6:62:f6:54:e3:65:eb:60:a2:02:
6e:70:87:26
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU9IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
ODI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU5M0JDNzU4OTAxNUZC
MEFDOTkwNEQ1QTNDQ0JGOUNBMkY4MjdCNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3TIeC8iMWJrvqXajUiHHV7JdaMEfjbF/bYaESsMDyoNBF9jA0
IwGNuxp+aCV3MXEg6o3+VZxx3mUo0jHaF3GhZGHC2gk8xh1fZhyEYQ1Mke8vS+Fc
Wq6NCTKzLnR4fOFhDzksqjNQnQkge2uPd/c0qL7iRCuNT9f+j0gnEncG3PEZckNY
IP38D/mhXDVCxwyRdsZ9k5Zhxej/sLdB9/0awgOfN59ls+qfj9GPQ9uz2i8OO8JO
oSUGyniEj5B1bOXBjJd8Hw+m6exQLD848tZMvmHwGTqBtpcX0XeABwteIZd+vZDg
wshR3mgmlsgtleP5omg9Lpiug5g6KtLCAjSNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUWTvHWJAV+wrJkE1aPMv5yi+Ce1EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dUdkhXSkFWLXdySmtF
MWFQTXY1eWktQ2UxRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAroNA8tj552azlvuVBnopxx4cOHdEkTDI
UrKOAEOdNEDQlewki63sp7uE/xtvn82pdFAAC5Tv0IxKwX+GrjJXImXx06HnhWRZ
dtdT0IdkHuD2o0TO0VXgFDBK1aA+UFW9rKxRzcv4MgV3Uxp3o96+f7vyk2299Tkh
/DI77tEKpXXQB2X/Mc3JTlr71G4UVOfP2BUR99W56OC1Uc7U69Tn9/Dalw08H60q
R0DqGaho6u0Vu7e4W6I924gO+0fhXWO7/Qp2Uo9PAW4GEqPOhqHLtqYEqpQHd1tx
1tmw4z+cUu+bLaT9vz8+dacnGZxOijRctF/WYvZU42XrYKICbnCHJg==
-----END CERTIFICATE-----
Generated at Sat May 17 19:31:41 2025 by rpki-client