Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/aATHFuwh5Dgu7iYYtoorKA0f2kA.roa
File: aATHFuwh5Dgu7iYYtoorKA0f2kA.roa (raw, json)
Hash identifier: FFpmQvZJKSkz13bYSFGrAVWIlpSVmG/yPsNkcXjFrH8=
Subject key identifier: 68:04:C7:16:EC:21:E4:38:2E:EE:26:18:B6:8A:2B:28:0D:1F:DA:40
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4BC2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aATHFuwh5Dgu7iYYtoorKA0f2kA.roa
Signing time: Mon 29 Apr 2024 14:23:29 +0000
ROA not before: Mon 29 Apr 2024 14:23:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19394 (0x4bc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 14:23:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6804C716EC21E4382EEE2618B68A2B280D1FDA40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:10:93:29:85:8e:8a:51:5a:7f:a0:3b:84:f2:
c5:7b:6f:bd:1d:c7:ac:c8:8e:8d:cd:c5:07:d6:f8:
45:b7:d3:95:8a:3b:6d:ee:e4:aa:d6:9c:cd:77:c3:
ee:9c:05:e8:8e:b7:49:10:2a:2e:6a:ba:32:c3:c2:
2b:39:cc:5a:7e:69:4f:3d:d6:b9:83:b8:25:29:9e:
1c:7e:da:47:b9:01:fe:4c:8f:de:c5:00:42:2d:75:
a1:72:3c:89:4b:5a:5b:08:a1:0a:1e:8e:62:fb:cb:
9b:a4:be:79:b1:58:e9:86:93:18:ab:b5:d0:17:93:
60:29:a8:7e:f8:8e:59:24:d8:ce:42:ec:be:7d:a2:
2a:6c:ac:2a:fc:c4:0f:d5:7d:68:43:23:14:6e:f4:
ac:c3:37:ff:ea:1e:0e:53:27:70:89:df:a3:60:bb:
52:ff:fa:1b:a7:b9:7d:a6:d6:86:51:6f:23:e6:9f:
74:81:33:fc:ff:12:fc:1d:c0:c6:96:8a:18:11:cb:
5a:b6:ba:e6:df:99:1f:b8:19:7b:78:15:1b:c5:10:
2a:24:e6:b8:85:5f:55:5c:6c:38:ac:00:1e:5e:40:
9b:b2:be:4b:19:78:93:ce:0d:24:2f:2b:0b:d6:c3:
0c:c8:e4:5c:24:f5:1a:84:10:af:16:c8:ca:ba:4c:
21:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:04:C7:16:EC:21:E4:38:2E:EE:26:18:B6:8A:2B:28:0D:1F:DA:40
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aATHFuwh5Dgu7iYYtoorKA0f2kA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:b1:9b:13:1d:8a:9e:d5:5d:18:3e:aa:66:bd:6f:3b:71:91:
aa:04:3b:21:59:3d:c5:d0:10:e6:d8:a6:f2:61:c4:ba:04:9b:
59:bd:48:21:78:2c:5d:36:df:62:7c:d5:82:e0:04:67:fb:f3:
c4:1a:6e:39:00:3e:33:66:09:58:a5:4f:5a:be:e5:c7:23:bb:
10:f9:fa:04:0a:ac:9a:9a:15:e7:15:1e:41:0a:28:dd:77:67:
27:44:8d:cf:e9:03:63:dc:36:c8:6c:b9:53:99:5d:5d:4c:ac:
41:c0:7f:29:59:3d:9b:b9:7c:92:79:30:e3:4f:94:e1:bd:e9:
57:d1:93:fb:cf:f1:0e:69:83:39:b9:ce:c1:29:96:7c:97:6e:
1f:12:fe:e9:73:d0:64:89:d4:e5:ed:03:ab:3d:df:83:ac:aa:
bf:86:62:d1:9d:2f:1e:2f:92:a1:bd:60:e9:3e:de:db:b3:07:
9d:6a:ae:15:0e:32:cf:27:ce:13:06:ab:6a:9f:32:b6:95:ec:
5c:b7:45:8d:79:8d:e0:02:a7:92:1a:07:bd:bb:ee:8c:27:d2:
d9:33:ae:50:d6:44:ad:29:98:76:34:8b:ee:09:44:d5:fa:79:
8e:ac:b7:20:06:8e:28:46:8a:c7:57:b0:e5:02:5f:83:a5:eb:
b9:3e:bd:cb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICS8IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjkx
NDIzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY4MDRDNzE2RUMyMUU0
MzgyRUVFMjYxOEI2OEEyQjI4MEQxRkRBNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfEJMphY6KUVp/oDuE8sV7b70dx6zIjo3NxQfW+EW305WKO23u
5KrWnM13w+6cBeiOt0kQKi5qujLDwis5zFp+aU891rmDuCUpnhx+2ke5Af5Mj97F
AEItdaFyPIlLWlsIoQoejmL7y5ukvnmxWOmGkxirtdAXk2ApqH74jlkk2M5C7L59
oipsrCr8xA/VfWhDIxRu9KzDN//qHg5TJ3CJ36Ngu1L/+hunuX2m1oZRbyPmn3SB
M/z/EvwdwMaWihgRy1q2uubfmR+4GXt4FRvFECok5riFX1VcbDisAB5eQJuyvksZ
eJPODSQvKwvWwwzI5Fwk9RqEEK8WyMq6TCHjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUaATHFuwh5Dgu7iYYtoorKA0f2kAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FBVEhGdXdoNURndTdp
WVl0b29yS0EwZjJrQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEADrGbEx2KntVdGD6qZr1vO3GRqgQ7IVk9
xdAQ5tim8mHEugSbWb1IIXgsXTbfYnzVguAEZ/vzxBpuOQA+M2YJWKVPWr7lxyO7
EPn6BAqsmpoV5xUeQQoo3XdnJ0SNz+kDY9w2yGy5U5ldXUysQcB/KVk9m7l8knkw
40+U4b3pV9GT+8/xDmmDObnOwSmWfJduHxL+6XPQZInU5e0Dqz3fg6yqv4Zi0Z0v
Hi+Sob1g6T7e27MHnWquFQ4yzyfOEwarap8ytpXsXLdFjXmN4AKnkhoHvbvujCfS
2TOuUNZErSmYdjSL7glE1fp5jqy3IAaOKEaKx1ew5QJfg6XruT69yw==
-----END CERTIFICATE-----
Generated at Sat May 17 19:42:23 2025 by rpki-client