Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wjOmpa1yeyODdR2D3sf9BUwXxMI.roa
File: wjOmpa1yeyODdR2D3sf9BUwXxMI.roa (raw, json)
Hash identifier: o6EZxey0ZZIXtj+9IggDQhzUWaIIISOXSZhCMKdVSZM=
Subject key identifier: C2:33:A6:A5:AD:72:7B:23:83:75:1D:83:DE:C7:FD:05:4C:17:C4:C2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5792
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wjOmpa1yeyODdR2D3sf9BUwXxMI.roa
Signing time: Wed 15 May 2024 08:24:33 +0000
ROA not before: Wed 15 May 2024 08:24:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22418 (0x5792)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 08:24:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C233A6A5AD727B2383751D83DEC7FD054C17C4C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:52:77:48:83:99:05:ad:fa:27:e1:d1:a9:c8:
2b:d1:a3:8b:3a:0e:2d:4f:8a:3b:61:56:8b:e7:f3:
86:77:67:83:9f:62:78:67:fc:8f:4c:67:9a:be:df:
09:72:2f:19:4d:84:c3:63:d8:f3:09:ae:c4:e4:9f:
65:ae:a4:bb:ed:5e:1f:9c:42:ec:d4:0c:7f:76:cd:
39:e7:54:a5:a1:8d:05:d4:89:42:e7:a6:e1:35:2b:
36:f3:81:1a:d1:8d:b0:28:7a:1a:34:7f:b6:9e:00:
9b:34:6d:0c:94:d6:ff:d7:a6:d3:58:ca:f9:a7:b3:
e9:75:be:79:2d:bf:a8:82:9d:d8:c7:16:6e:d3:68:
60:8d:46:fe:1b:07:92:d1:03:96:4e:fe:cd:dd:5a:
7b:4f:45:d5:6a:fb:5e:08:64:b9:65:1c:61:b2:52:
5f:08:cf:b3:30:84:dc:5f:5c:95:96:cc:d4:15:f9:
cc:cf:a5:13:57:d2:53:f8:a5:13:fe:51:15:99:06:
a4:a8:7a:57:3b:67:c6:31:a9:c4:7a:df:ec:5a:b4:
a5:31:b3:81:11:6e:7f:f5:cb:a2:80:18:c9:6f:8e:
76:52:97:72:bd:2d:3f:b4:04:64:20:46:05:ce:d5:
1e:ac:68:07:95:95:e4:65:d5:3c:82:c9:fb:98:88:
06:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:33:A6:A5:AD:72:7B:23:83:75:1D:83:DE:C7:FD:05:4C:17:C4:C2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wjOmpa1yeyODdR2D3sf9BUwXxMI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:72:01:4a:8a:8a:2d:5f:e3:d3:1e:76:2a:86:52:46:90:fd:
4e:a9:7c:08:1f:7b:3f:2b:08:7d:f5:54:5a:41:65:e0:41:b8:
1b:69:2f:fb:f1:f7:2d:fc:29:60:5f:be:f0:ce:fc:b5:29:ef:
af:3e:3d:85:46:a0:47:fa:f0:7e:12:9b:92:0e:b0:f0:52:57:
48:9c:05:1a:90:ed:75:71:d0:fb:57:f1:6b:fe:59:69:5f:38:
84:25:8e:f1:31:34:f7:50:ee:dd:ec:30:f3:2f:fd:43:af:47:
ba:9a:ff:34:33:1d:37:47:a9:76:2e:4e:52:95:a7:cc:07:98:
d3:30:1b:6f:ad:72:74:67:31:d8:07:ae:2e:70:b6:91:9a:2d:
ff:5f:a8:b3:49:60:6f:27:5b:1b:d4:e6:1b:d3:58:95:d2:6e:
42:89:7c:b6:94:90:bd:1e:4e:3d:bb:05:ca:ec:8d:ca:7f:76:
b3:8a:79:6f:fb:1d:29:3e:26:41:a4:bc:d2:ae:5e:76:c7:7f:
b7:1b:ba:a7:f0:67:cc:a6:c3:74:82:66:b2:06:16:d8:70:ce:
40:60:86:44:b0:06:f8:8a:a5:fb:cf:d2:10:8d:35:d4:6c:cb:
a2:2c:9d:cd:85:85:d7:17:5c:79:c9:ff:47:7d:67:ac:f2:f9:
f0:ae:f4:d1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICV5IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUw
ODI0MzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMyMzNBNkE1QUQ3MjdC
MjM4Mzc1MUQ4M0RFQzdGRDA1NEMxN0M0QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAUndIg5kFrfon4dGpyCvRo4s6Di1PijthVovn84Z3Z4OfYnhn
/I9MZ5q+3wlyLxlNhMNj2PMJrsTkn2WupLvtXh+cQuzUDH92zTnnVKWhjQXUiULn
puE1KzbzgRrRjbAoeho0f7aeAJs0bQyU1v/XptNYyvmns+l1vnktv6iCndjHFm7T
aGCNRv4bB5LRA5ZO/s3dWntPRdVq+14IZLllHGGyUl8Iz7MwhNxfXJWWzNQV+czP
pRNX0lP4pRP+URWZBqSoelc7Z8YxqcR63+xatKUxs4ERbn/1y6KAGMlvjnZSl3K9
LT+0BGQgRgXO1R6saAeVleRl1TyCyfuYiAYZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUwjOmpa1yeyODdR2D3sf9BUwXxMIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3dqT21wYTF5ZXlPRGRS
MkQzc2Y5QlV3WHhNSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAIXIBSoqKLV/j0x52KoZSRpD9Tql8CB97
PysIffVUWkFl4EG4G2kv+/H3LfwpYF++8M78tSnvrz49hUagR/rwfhKbkg6w8FJX
SJwFGpDtdXHQ+1fxa/5ZaV84hCWO8TE091Du3eww8y/9Q69Hupr/NDMdN0epdi5O
UpWnzAeY0zAbb61ydGcx2AeuLnC2kZot/1+os0lgbydbG9TmG9NYldJuQol8tpSQ
vR5OPbsFyuyNyn92s4p5b/sdKT4mQaS80q5edsd/txu6p/BnzKbDdIJmsgYW2HDO
QGCGRLAG+Iql+8/SEI011GzLoiydzYWF1xdcecn/R31nrPL58K700Q==
-----END CERTIFICATE-----
Generated at Sun May 18 02:01:47 2025 by rpki-client