Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/y7s8_H8tyyiToaMRhuXxuZC5jLU.roa
File: y7s8_H8tyyiToaMRhuXxuZC5jLU.roa (raw, json)
Hash identifier: AK0JTsx+QPPOty23GGwpb6g98G5R5uw7QFU8I06SqKY=
Subject key identifier: CB:BB:3C:FC:7F:2D:CB:28:93:A1:A3:11:86:E5:F1:B9:90:B9:8C:B5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 453A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/y7s8_H8tyyiToaMRhuXxuZC5jLU.roa
Signing time: Sat 20 Apr 2024 21:23:05 +0000
ROA not before: Sat 20 Apr 2024 21:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17722 (0x453a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 21:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CBBB3CFC7F2DCB2893A1A31186E5F1B990B98CB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ec:bd:c5:07:f9:17:1f:61:8d:2c:8a:a4:d9:
74:fd:b3:34:58:09:5e:a8:86:b7:b6:58:ff:bc:02:
7d:ec:55:9a:21:5e:c7:7f:46:82:22:41:15:af:41:
4f:31:64:e1:3f:81:d4:9f:87:df:20:a1:ae:29:65:
4a:93:a6:3b:07:39:8f:d3:dc:3d:25:04:e7:0c:25:
76:89:ac:a2:ae:bd:3b:a7:5d:3c:31:23:8f:85:d1:
51:9e:15:a9:a4:c4:b9:89:5e:5a:c1:52:3a:90:01:
1c:a6:fc:65:92:b2:c9:c9:d1:74:cd:e3:e4:43:f3:
d4:ba:ad:33:a9:8c:e1:7c:1d:5e:59:72:7a:67:75:
f2:a9:62:dc:7f:41:5f:e2:23:ce:79:c7:ca:13:9e:
89:66:9f:fd:85:ea:35:6c:cf:47:fb:f1:c2:d3:24:
5b:60:ae:c6:34:d0:f7:a0:c9:74:1e:19:b0:ef:0e:
bd:32:e3:79:13:85:02:09:b5:71:ec:cd:48:e6:1b:
de:27:89:27:5e:50:f2:89:54:72:13:8f:50:22:e0:
36:de:02:24:36:82:31:0f:3c:db:b4:11:59:cc:ef:
30:9b:07:6d:37:fb:6c:1c:14:48:f3:5f:e7:c0:5f:
62:ae:f5:a8:a9:bd:2e:82:e3:f4:92:67:66:8e:5b:
08:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:BB:3C:FC:7F:2D:CB:28:93:A1:A3:11:86:E5:F1:B9:90:B9:8C:B5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/y7s8_H8tyyiToaMRhuXxuZC5jLU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:7f:d7:d3:cf:11:85:aa:87:b6:a0:c2:9c:6e:a7:91:b8:4f:
a1:9e:70:9e:0f:36:e5:e3:cb:db:96:38:b2:29:e4:4f:28:7a:
bd:24:a6:7d:15:5c:28:90:ae:2b:33:fa:af:bb:a6:fa:2d:b3:
17:ef:16:41:11:9f:ef:50:04:65:0f:4f:22:84:4a:83:5f:78:
2f:47:ad:8d:8c:97:7d:a1:ed:8e:75:21:24:19:60:16:c2:2b:
94:9a:8d:d0:fd:63:24:50:4c:1e:a0:e2:cc:d0:87:5a:da:ea:
ad:e3:54:5e:65:c6:11:cf:ae:fd:b2:da:f7:88:3b:86:9c:4c:
e8:5c:8d:75:10:36:00:d6:09:c0:ab:2d:b4:9a:6e:a9:e5:9e:
cf:59:84:60:fd:42:44:b7:cb:25:e2:20:47:1a:a2:f6:dc:ed:
11:d9:79:81:4a:cd:09:02:d5:34:7c:ba:ef:f3:aa:a5:d5:dc:
2c:fc:65:fb:21:37:02:b6:c6:f5:f4:7d:70:de:b5:86:41:68:
0b:cc:b0:0d:aa:5b:5a:72:a5:2a:de:1d:87:3d:73:00:a0:bf:
a6:f5:94:e1:02:bf:93:c2:36:10:52:ca:ff:f6:6b:ca:8d:9d:
66:a9:fc:29:c9:90:79:7c:70:07:d5:b8:34:77:9a:85:65:7f:
cc:e9:12:a2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRTowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAy
MTIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENCQkIzQ0ZDN0YyRENC
Mjg5M0ExQTMxMTg2RTVGMUI5OTBCOThDQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT7L3FB/kXH2GNLIqk2XT9szRYCV6ohre2WP+8An3sVZohXsd/
RoIiQRWvQU8xZOE/gdSfh98goa4pZUqTpjsHOY/T3D0lBOcMJXaJrKKuvTunXTwx
I4+F0VGeFamkxLmJXlrBUjqQARym/GWSssnJ0XTN4+RD89S6rTOpjOF8HV5Zcnpn
dfKpYtx/QV/iI855x8oTnolmn/2F6jVsz0f78cLTJFtgrsY00PegyXQeGbDvDr0y
43kThQIJtXHszUjmG94niSdeUPKJVHITj1Ai4DbeAiQ2gjEPPNu0EVnM7zCbB203
+2wcFEjzX+fAX2Ku9aipvS6C4/SSZ2aOWwgrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUy7s8/H8tyyiToaMRhuXxuZC5jLUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3k3czhfSDh0eXlpVG9h
TVJodVh4dVpDNWpMVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAbn/X088RhaqHtqDCnG6nkbhPoZ5wng82
5ePL25Y4sinkTyh6vSSmfRVcKJCuKzP6r7um+i2zF+8WQRGf71AEZQ9PIoRKg194
L0etjYyXfaHtjnUhJBlgFsIrlJqN0P1jJFBMHqDizNCHWtrqreNUXmXGEc+u/bLa
94g7hpxM6FyNdRA2ANYJwKsttJpuqeWez1mEYP1CRLfLJeIgRxqi9tztEdl5gUrN
CQLVNHy67/OqpdXcLPxl+yE3ArbG9fR9cN61hkFoC8ywDapbWnKlKt4dhz1zAKC/
pvWU4QK/k8I2EFLK//Zryo2dZqn8KcmQeXxwB9W4NHeahWV/zOkSog==
-----END CERTIFICATE-----
Generated at Sun May 18 04:54:02 2025 by rpki-client