Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jbgoyBy6uJBSX2nDqUPXrweg3R0.roa
File: jbgoyBy6uJBSX2nDqUPXrweg3R0.roa (raw, json)
Hash identifier: QlUcc1/1cUa9Iy6D0f39JbSTVPe2sEudtfEBw0skNLo=
Subject key identifier: 8D:B8:28:C8:1C:BA:B8:90:52:5F:69:C3:A9:43:D7:AF:07:A0:DD:1D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 539E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jbgoyBy6uJBSX2nDqUPXrweg3R0.roa
Signing time: Fri 10 May 2024 01:54:02 +0000
ROA not before: Fri 10 May 2024 01:54:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21406 (0x539e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 01:54:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8DB828C81CBAB890525F69C3A943D7AF07A0DD1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c4:98:7d:57:13:4e:ab:c2:58:87:90:f6:36:
6f:c1:2a:7a:df:d9:40:44:a1:4e:9a:0b:6d:4f:bb:
27:da:72:80:bd:b6:76:7a:c9:5f:4f:7e:a6:47:08:
0a:d7:14:64:1a:8b:19:17:68:c8:df:f0:33:de:e8:
52:0a:09:ff:a2:00:4a:aa:8e:a8:de:08:0a:5b:c6:
93:80:31:2a:b8:93:82:21:62:28:cb:ed:d4:42:a0:
69:bb:17:e8:5c:3f:ca:e9:52:cb:4a:8d:a1:a5:20:
69:f1:4f:c3:e7:ba:19:0e:a9:0a:1a:52:65:92:ba:
6d:13:6e:37:58:ee:e9:0f:a0:ee:49:c7:31:36:13:
b1:12:8c:61:72:4b:c4:4d:8f:31:a1:24:f8:a1:58:
72:28:66:78:b4:e0:b2:e6:55:3e:aa:88:e5:39:64:
cb:bb:1d:28:76:ac:ae:d1:8d:a4:5f:3e:80:4b:82:
18:4b:ec:7b:77:25:75:ab:cc:0c:56:85:3f:57:d6:
fc:55:0f:3b:34:b4:90:14:a7:dc:ea:2a:ea:f5:2f:
96:74:9a:c0:57:4a:f9:9a:ac:84:55:7c:8f:9c:74:
d0:62:17:4d:3a:f9:10:f0:5c:39:27:5e:a3:57:9f:
45:4e:54:1b:93:7e:6d:d4:74:39:08:1b:d7:73:6c:
0e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B8:28:C8:1C:BA:B8:90:52:5F:69:C3:A9:43:D7:AF:07:A0:DD:1D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jbgoyBy6uJBSX2nDqUPXrweg3R0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:27:da:31:ff:a2:ba:7b:c9:51:a8:86:c6:58:5d:31:3d:2c:
fa:71:9e:cf:2d:da:fa:1f:7b:8c:f2:60:42:97:d4:44:7c:0a:
b2:97:f9:2a:40:3f:da:4e:2a:4f:c4:ed:54:2d:3e:07:06:80:
cc:16:2a:30:a5:89:c6:52:f6:ab:ee:df:2a:2c:35:00:a2:e8:
d2:f7:28:0c:ed:e1:40:ac:e6:94:b3:c9:d0:c5:a6:d7:55:87:
66:df:42:57:65:2e:d7:5b:99:30:c3:78:47:41:89:cb:18:4d:
82:8b:be:4a:cb:c9:62:89:2e:b8:07:ee:10:60:92:fa:71:b0:
1f:cf:ed:a8:17:73:ca:e1:d4:06:e3:60:20:9e:f0:82:b7:fc:
bd:e0:0f:1d:7a:77:1d:9b:07:0a:62:1f:94:4a:93:3f:bf:01:
56:68:f0:f6:f2:7e:82:5a:eb:2a:51:7d:ee:56:f1:e8:40:c3:
76:c0:ee:53:be:65:07:81:e5:14:7a:e9:6e:6a:82:73:5f:01:
f6:1a:79:59:cf:e2:e7:4c:eb:43:6c:a6:f6:c7:76:28:c7:75:
52:0d:56:5f:66:d0:aa:42:fc:ca:46:60:40:68:38:54:ff:ea:
5c:78:4d:d8:f9:a9:97:b3:da:0e:dc:76:c9:c0:01:b7:46:fe:
85:ef:61:ce
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU54wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
MTU0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhEQjgyOEM4MUNCQUI4
OTA1MjVGNjlDM0E5NDNEN0FGMDdBMEREMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRxJh9VxNOq8JYh5D2Nm/BKnrf2UBEoU6aC21PuyfacoC9tnZ6
yV9PfqZHCArXFGQaixkXaMjf8DPe6FIKCf+iAEqqjqjeCApbxpOAMSq4k4IhYijL
7dRCoGm7F+hcP8rpUstKjaGlIGnxT8PnuhkOqQoaUmWSum0TbjdY7ukPoO5JxzE2
E7ESjGFyS8RNjzGhJPihWHIoZni04LLmVT6qiOU5ZMu7HSh2rK7RjaRfPoBLghhL
7Ht3JXWrzAxWhT9X1vxVDzs0tJAUp9zqKur1L5Z0msBXSvmarIRVfI+cdNBiF006
+RDwXDknXqNXn0VOVBuTfm3UdDkIG9dzbA6nAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUjbgoyBy6uJBSX2nDqUPXrweg3R0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2piZ295Qnk2dUpCU1gy
bkRxVVBYcndlZzNSMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAXCfaMf+iunvJUaiGxlhdMT0s+nGezy3a
+h97jPJgQpfURHwKspf5KkA/2k4qT8TtVC0+BwaAzBYqMKWJxlL2q+7fKiw1AKLo
0vcoDO3hQKzmlLPJ0MWm11WHZt9CV2Uu11uZMMN4R0GJyxhNgou+SsvJYokuuAfu
EGCS+nGwH8/tqBdzyuHUBuNgIJ7wgrf8veAPHXp3HZsHCmIflEqTP78BVmjw9vJ+
glrrKlF97lbx6EDDdsDuU75lB4HlFHrpbmqCc18B9hp5Wc/i50zrQ2ym9sd2KMd1
Ug1WX2bQqkL8ykZgQGg4VP/qXHhN2Pmpl7PaDtx2ycABt0b+he9hzg==
-----END CERTIFICATE-----
Generated at Sun May 18 09:10:36 2025 by rpki-client