Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/IrMf78j8VfA1KyA8gJAs4iy-S8I.roa
File: IrMf78j8VfA1KyA8gJAs4iy-S8I.roa (raw, json)
Hash identifier: 6GSoY/YXlC9ZdGWcSfga3aevzXX1YLjI9wMWnwmsXxA=
Subject key identifier: 22:B3:1F:EF:C8:FC:55:F0:35:2B:20:3C:80:90:2C:E2:2C:BE:4B:C2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B06
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IrMf78j8VfA1KyA8gJAs4iy-S8I.roa
Signing time: Sun 28 Apr 2024 14:53:26 +0000
ROA not before: Sun 28 Apr 2024 14:53:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19206 (0x4b06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 14:53:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=22B31FEFC8FC55F0352B203C80902CE22CBE4BC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:25:e9:e9:ff:e5:f1:8b:f0:c0:e4:7e:4f:7c:
e2:4e:45:36:8e:1f:c9:50:1f:10:ce:95:6a:dd:88:
ff:e9:96:17:8c:9b:17:8d:f2:ac:2a:b8:14:68:50:
a5:56:2b:94:90:3d:27:98:33:a4:64:ef:d6:5e:68:
0b:81:67:77:f3:4b:37:a1:76:bd:38:c8:ae:5a:71:
0c:14:0b:73:e1:96:b9:94:99:99:a8:e3:42:6a:8f:
84:13:aa:cb:e6:52:b7:10:ca:70:4b:17:43:bc:15:
1c:a8:a6:5f:5c:5b:97:83:cc:f1:f2:84:20:b1:97:
2a:24:ff:87:e1:8f:89:2b:0c:6e:c0:90:37:42:1a:
e9:78:25:26:9b:0a:32:4e:44:e9:45:1c:77:9c:37:
3e:86:64:5a:e7:a4:04:f0:62:df:79:d2:16:86:3b:
2e:2d:5f:4f:a8:50:6e:fb:6f:7b:73:71:ea:e8:94:
e1:36:26:2e:aa:cd:a2:66:1b:76:15:d4:aa:92:5c:
35:9d:e0:8a:42:25:03:f9:ed:91:80:7a:56:b6:82:
21:15:dc:8d:ec:61:11:75:b2:dc:3e:58:02:27:dd:
a4:a8:9f:5b:3b:2d:5b:bf:ed:51:d5:ac:ae:a5:f2:
b6:45:53:94:ff:53:0f:e6:89:e2:44:52:98:34:6c:
4d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B3:1F:EF:C8:FC:55:F0:35:2B:20:3C:80:90:2C:E2:2C:BE:4B:C2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IrMf78j8VfA1KyA8gJAs4iy-S8I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:35:67:61:e9:fd:da:33:0c:5a:3d:ad:2c:ba:f7:f0:46:8a:
10:15:75:c7:f1:1d:4e:4e:e5:bd:7b:78:03:46:e4:af:d4:e1:
1c:01:6e:08:52:ec:53:28:f3:98:e5:da:f3:55:7c:24:0d:3d:
a2:57:02:50:22:54:e7:05:e0:2a:b9:e6:80:3e:d2:9f:37:25:
ea:2e:2c:f4:34:41:94:66:62:bb:af:5b:b9:b5:0a:6b:4d:80:
83:a8:c4:a2:ca:a4:2b:58:86:2a:49:e8:b1:23:42:c9:79:c6:
32:7d:f9:68:b0:6b:bf:f6:10:b1:8d:b9:8f:89:1e:26:c6:52:
ea:e7:e1:5f:12:b0:82:af:3d:5b:1b:91:6c:20:f2:d1:04:78:
d0:45:c5:c6:98:33:eb:9d:80:02:be:9b:0d:31:00:cd:da:91:
72:bb:b6:94:02:58:19:c9:c5:8b:f5:61:07:b6:ac:54:db:21:
a3:ad:3f:64:1d:7e:4b:3e:f5:ea:18:ff:b1:52:f4:76:80:fd:
67:70:3d:1c:cc:5c:d5:bd:43:64:a9:b0:6e:6d:ec:2c:bc:50:
b8:14:a5:97:e9:d3:0c:df:2b:7e:c1:b8:bb:d7:59:5c:65:3e:
eb:6b:70:ab:41:13:c2:b7:e2:b7:a1:a6:48:1d:e1:b3:41:ef:
65:89:32:d2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSwYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
NDUzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIyQjMxRkVGQzhGQzU1
RjAzNTJCMjAzQzgwOTAyQ0UyMkNCRTRCQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7Jenp/+Xxi/DA5H5PfOJORTaOH8lQHxDOlWrdiP/plheMmxeN
8qwquBRoUKVWK5SQPSeYM6Rk79ZeaAuBZ3fzSzehdr04yK5acQwUC3PhlrmUmZmo
40Jqj4QTqsvmUrcQynBLF0O8FRyopl9cW5eDzPHyhCCxlyok/4fhj4krDG7AkDdC
Gul4JSabCjJOROlFHHecNz6GZFrnpATwYt950haGOy4tX0+oUG77b3tzcerolOE2
Ji6qzaJmG3YV1KqSXDWd4IpCJQP57ZGAela2giEV3I3sYRF1stw+WAIn3aSon1s7
LVu/7VHVrK6l8rZFU5T/Uw/mieJEUpg0bE0nAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUIrMf78j8VfA1KyA8gJAs4iy+S8IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0lyTWY3OGo4VmZBMUt5
QThnSkFzNGl5LVM4SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEArTVnYen92jMMWj2tLLr38EaKEBV1x/Ed
Tk7lvXt4A0bkr9ThHAFuCFLsUyjzmOXa81V8JA09olcCUCJU5wXgKrnmgD7Snzcl
6i4s9DRBlGZiu69bubUKa02Ag6jEosqkK1iGKknosSNCyXnGMn35aLBrv/YQsY25
j4keJsZS6ufhXxKwgq89WxuRbCDy0QR40EXFxpgz652AAr6bDTEAzdqRcru2lAJY
GcnFi/VhB7asVNsho60/ZB1+Sz716hj/sVL0doD9Z3A9HMxc1b1DZKmwbm3sLLxQ
uBSll+nTDN8rfsG4u9dZXGU+62twq0ETwrfit6GmSB3hs0HvZYky0g==
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:00:04 2025 by rpki-client