Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zPU_ZKJE-edM3vclfd9swf9ZXW0.roa
File: zPU_ZKJE-edM3vclfd9swf9ZXW0.roa (raw, json)
Hash identifier: GbMIrJH/3s6hTXYY+xSuHqu7elg3Sg7rKd4JCtLky3U=
Subject key identifier: CC:F5:3F:64:A2:44:F9:E7:4C:DE:F7:25:7D:DF:6C:C1:FF:59:5D:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4892
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zPU_ZKJE-edM3vclfd9swf9ZXW0.roa
Signing time: Thu 25 Apr 2024 08:23:19 +0000
ROA not before: Thu 25 Apr 2024 08:23:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18578 (0x4892)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 08:23:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CCF53F64A244F9E74CDEF7257DDF6CC1FF595D6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c4:c3:69:95:28:ff:15:37:86:d6:8c:7f:d9:
58:c1:0c:6e:a0:ff:3d:a6:e7:58:c4:1c:20:f3:9a:
38:d0:20:7d:f3:13:45:3e:f1:cd:f1:41:6f:88:36:
84:d0:d0:3f:c5:14:bf:2e:41:a9:18:5b:69:35:e4:
55:68:91:a7:87:e5:b6:f9:2c:b0:ff:6f:d6:5b:09:
1a:3d:1e:b2:c7:68:cc:b9:91:e0:6e:28:95:d1:0a:
6e:1d:e3:24:b2:ab:e6:7c:a9:e4:db:e2:28:1f:fe:
bd:0f:51:07:d4:c8:75:f9:15:ae:f5:e2:d8:57:8c:
07:3f:2a:5b:b5:6a:e4:85:ce:2a:0b:14:1e:9a:54:
8d:3a:ca:24:4f:53:d4:35:d5:08:07:07:a6:6a:46:
b4:a3:83:fd:55:7f:5d:75:c0:ea:53:31:47:3b:88:
f8:6c:4e:d6:14:21:0a:ff:96:85:bd:2c:63:2b:61:
f5:9e:f1:80:24:d4:43:94:d5:20:d6:56:2a:73:69:
98:4e:94:fe:ff:96:83:69:81:4b:01:bb:b2:00:7c:
0d:90:e3:31:03:ab:48:49:4e:f0:ff:1b:e6:be:6c:
bf:9a:c9:46:18:02:33:ff:12:e6:3b:08:20:80:87:
08:a1:70:ed:28:a4:31:3d:74:33:a8:32:e9:5b:1e:
0d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:F5:3F:64:A2:44:F9:E7:4C:DE:F7:25:7D:DF:6C:C1:FF:59:5D:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zPU_ZKJE-edM3vclfd9swf9ZXW0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:2a:72:d3:62:ba:b1:f2:b5:70:d1:00:4a:03:8f:dd:84:7b:
e8:8d:64:4d:2d:9b:6f:36:65:44:44:a6:f1:7e:f5:aa:b0:ee:
bd:79:d6:a1:09:fc:73:75:46:92:69:3b:29:83:35:23:e7:36:
a1:05:20:4c:d1:96:6a:ad:a2:dd:0f:76:ff:3f:c7:17:b8:73:
55:40:6b:88:81:e5:d1:f1:f8:ab:e0:f3:e1:53:7c:75:37:5f:
2a:55:63:d1:c8:92:08:7c:02:2c:56:f9:49:63:ae:73:f1:0a:
22:a2:4e:3a:08:d2:bc:e6:fa:b6:67:10:8b:57:f0:09:85:ae:
b2:04:a0:99:71:37:22:cf:50:6a:05:4d:5e:eb:a9:4b:33:68:
50:dc:4d:21:87:36:46:26:bf:cf:63:80:29:16:1d:52:70:eb:
92:bc:0f:f9:9d:0c:3d:7b:8a:6f:33:11:eb:7a:20:31:4c:aa:
02:62:88:dc:91:49:bc:c7:5f:7e:a7:32:9e:52:db:07:ad:f2:
64:ca:c7:3c:b3:f3:f6:5f:75:6c:1a:a5:6d:1c:26:e4:09:dc:
2b:75:e5:1f:8a:7a:e9:86:b2:51:1a:b9:24:e6:7f:07:8b:a6:
6c:1a:b0:63:5a:ca:c5:cd:9e:17:43:fe:bb:a8:cd:19:65:0b:
ce:a5:98:6e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSJIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUw
ODIzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENDRjUzRjY0QTI0NEY5
RTc0Q0RFRjcyNTdEREY2Q0MxRkY1OTVENkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1xMNplSj/FTeG1ox/2VjBDG6g/z2m51jEHCDzmjjQIH3zE0U+
8c3xQW+INoTQ0D/FFL8uQakYW2k15FVokaeH5bb5LLD/b9ZbCRo9HrLHaMy5keBu
KJXRCm4d4ySyq+Z8qeTb4igf/r0PUQfUyHX5Fa714thXjAc/Klu1auSFzioLFB6a
VI06yiRPU9Q11QgHB6ZqRrSjg/1Vf111wOpTMUc7iPhsTtYUIQr/loW9LGMrYfWe
8YAk1EOU1SDWVipzaZhOlP7/loNpgUsBu7IAfA2Q4zEDq0hJTvD/G+a+bL+ayUYY
AjP/EuY7CCCAhwihcO0opDE9dDOoMulbHg0hAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUzPU/ZKJE+edM3vclfd9swf9ZXW0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3pQVV9aS0pFLWVkTTN2
Y2xmZDlzd2Y5WlhXMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAXipy02K6sfK1cNEASgOP3YR76I1kTS2b
bzZlRESm8X71qrDuvXnWoQn8c3VGkmk7KYM1I+c2oQUgTNGWaq2i3Q92/z/HF7hz
VUBriIHl0fH4q+Dz4VN8dTdfKlVj0ciSCHwCLFb5SWOuc/EKIqJOOgjSvOb6tmcQ
i1fwCYWusgSgmXE3Is9QagVNXuupSzNoUNxNIYc2Ria/z2OAKRYdUnDrkrwP+Z0M
PXuKbzMR63ogMUyqAmKI3JFJvMdffqcynlLbB63yZMrHPLPz9l91bBqlbRwm5Anc
K3XlH4p66YayURq5JOZ/B4umbBqwY1rKxc2eF0P+u6jNGWULzqWYbg==
-----END CERTIFICATE-----
Generated at Sat May 17 19:30:50 2025 by rpki-client