Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rzvfZVL9SwfRrq7E2Wvb3zPo7tI.roa
File: rzvfZVL9SwfRrq7E2Wvb3zPo7tI.roa (raw, json)
Hash identifier: 7cgLPLB6UUQAzcq6k41YUa8mRS3uYAXrf6uSx7Jj3m4=
Subject key identifier: AF:3B:DF:65:52:FD:4B:07:D1:AE:AE:C4:D9:6B:DB:DF:33:E8:EE:D2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B62
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rzvfZVL9SwfRrq7E2Wvb3zPo7tI.roa
Signing time: Mon 29 Apr 2024 02:23:29 +0000
ROA not before: Mon 29 Apr 2024 02:23:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19298 (0x4b62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 02:23:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AF3BDF6552FD4B07D1AEAEC4D96BDBDF33E8EED2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5d:30:0b:5e:41:48:38:58:e5:60:17:94:78:
ac:cf:3a:b9:92:07:77:f9:05:91:28:75:06:74:08:
01:af:ae:d4:e6:ab:1d:cd:e6:c5:60:58:ab:a1:4a:
37:e7:07:2f:0c:b0:9b:48:03:92:02:bf:84:ec:b0:
27:dd:68:6e:dd:eb:34:f0:10:90:59:76:c4:3f:c6:
0f:93:64:a7:3f:52:10:50:a2:83:a7:76:f4:d5:96:
d9:71:fd:2b:4a:00:1e:a5:eb:e7:90:49:b9:2f:b4:
e0:0f:3d:2b:fb:18:00:e0:bc:34:02:34:5f:3d:ac:
66:c8:9b:7b:17:d2:a2:1e:de:a3:f1:07:ab:1e:d4:
28:1a:c2:f1:9d:1e:76:89:fc:2c:2f:2a:f3:88:17:
9f:6b:c0:69:de:42:a5:2b:aa:01:f8:40:c3:a5:6e:
d6:3c:72:ff:72:a9:73:23:b2:fe:64:70:ae:43:8c:
43:f1:2f:04:54:03:04:2b:81:1b:1d:d5:7c:18:93:
a2:7c:da:46:c2:b4:ca:74:80:13:7c:09:1e:ad:b5:
0a:f3:b9:10:68:c0:e9:92:3f:82:1b:2b:68:e1:91:
3e:43:a6:ff:53:da:22:a8:a6:d3:9e:3d:89:c3:07:
c2:a4:ca:fc:c9:6c:bf:06:db:2d:53:6d:ec:95:e2:
54:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3B:DF:65:52:FD:4B:07:D1:AE:AE:C4:D9:6B:DB:DF:33:E8:EE:D2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rzvfZVL9SwfRrq7E2Wvb3zPo7tI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:7c:62:42:38:62:a6:98:f8:ec:17:1e:93:33:fa:23:c3:80:
98:83:7d:2c:44:64:0f:56:32:b4:42:54:a2:30:f0:6b:4d:1d:
cc:d6:fc:b3:0b:ef:07:2c:27:83:4b:6f:fd:cb:5e:a7:61:d4:
a6:dd:bc:22:a8:f0:fa:f3:fb:ce:3c:4a:82:de:79:a1:6b:c1:
f2:51:59:90:6e:10:c3:a8:b5:1d:d3:3f:9c:30:3c:d9:5f:37:
df:d3:d7:46:7c:e5:22:92:2f:13:5c:3f:a5:c2:5f:e3:52:71:
07:a6:f8:e6:91:af:26:fb:75:1f:71:a8:9e:7b:6b:91:39:71:
1c:70:16:26:19:44:8f:90:71:d7:10:3a:6e:78:0d:4f:0c:91:
e2:01:86:ba:ae:3b:f6:52:3c:3f:83:47:e4:eb:70:06:95:65:
0b:94:6a:b1:f0:90:24:6e:fa:d6:6f:3f:83:17:3d:3d:93:80:
86:85:85:e6:7c:78:a6:52:82:7d:ce:e9:a6:21:fd:a0:6a:c7:
f6:bc:c1:d7:53:74:fc:6a:55:42:f5:57:6b:2e:ca:ef:38:9d:
3f:5a:a5:df:9a:5b:6e:79:36:98:2d:38:76:7e:1f:40:ea:e5:
0c:3a:02:ad:9c:34:a9:22:94:63:7f:87:26:51:76:92:ce:85:
e0:39:fd:03
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICS2IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjkw
MjIzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFGM0JERjY1NTJGRDRC
MDdEMUFFQUVDNEQ5NkJEQkRGMzNFOEVFRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+XTALXkFIOFjlYBeUeKzPOrmSB3f5BZEodQZ0CAGvrtTmqx3N
5sVgWKuhSjfnBy8MsJtIA5ICv4TssCfdaG7d6zTwEJBZdsQ/xg+TZKc/UhBQooOn
dvTVltlx/StKAB6l6+eQSbkvtOAPPSv7GADgvDQCNF89rGbIm3sX0qIe3qPxB6se
1CgawvGdHnaJ/CwvKvOIF59rwGneQqUrqgH4QMOlbtY8cv9yqXMjsv5kcK5DjEPx
LwRUAwQrgRsd1XwYk6J82kbCtMp0gBN8CR6ttQrzuRBowOmSP4IbK2jhkT5Dpv9T
2iKoptOePYnDB8KkyvzJbL8G2y1TbeyV4lTzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrzvfZVL9SwfRrq7E2Wvb3zPo7tIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3J6dmZaVkw5U3dmUnJx
N0UyV3ZiM3pQbzd0SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEApnxiQjhippj47BcekzP6I8OAmIN9LERk
D1YytEJUojDwa00dzNb8swvvBywng0tv/ctep2HUpt28Iqjw+vP7zjxKgt55oWvB
8lFZkG4Qw6i1HdM/nDA82V8339PXRnzlIpIvE1w/pcJf41JxB6b45pGvJvt1H3Go
nntrkTlxHHAWJhlEj5Bx1xA6bngNTwyR4gGGuq479lI8P4NH5OtwBpVlC5RqsfCQ
JG761m8/gxc9PZOAhoWF5nx4plKCfc7ppiH9oGrH9rzB11N0/GpVQvVXay7K7zid
P1ql35pbbnk2mC04dn4fQOrlDDoCrZw0qSKUY3+HJlF2ks6F4Dn9Aw==
-----END CERTIFICATE-----
Generated at Sun May 18 02:01:36 2025 by rpki-client