Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/f0JvK1q4P-bP_TnJeI-QiltR3ko.roa
File: f0JvK1q4P-bP_TnJeI-QiltR3ko.roa (raw, json)
Hash identifier: drwZCglwKRTL03o7kdsO3H/PN92+op9icYc1bODYIKo=
Subject key identifier: 7F:42:6F:2B:5A:B8:3F:E6:CF:FD:39:C9:78:8F:90:8A:5B:51:DE:4A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4552
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/f0JvK1q4P-bP_TnJeI-QiltR3ko.roa
Signing time: Sun 21 Apr 2024 00:23:05 +0000
ROA not before: Sun 21 Apr 2024 00:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17746 (0x4552)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 21 00:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7F426F2B5AB83FE6CFFD39C9788F908A5B51DE4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b7:bb:e8:40:77:60:c5:6c:97:13:cc:bf:d1:
3e:28:56:05:58:fb:fb:1f:df:2e:b8:c6:6c:a4:66:
7d:cc:e9:24:ad:23:bd:21:c9:19:c1:4e:70:15:5f:
56:6d:aa:c3:54:2e:b4:68:5e:05:f0:09:dd:42:01:
31:be:50:71:13:53:8c:0a:ee:97:b7:8a:5c:86:56:
d7:16:eb:68:87:c2:99:cf:b0:01:1f:5d:03:52:a2:
9f:f9:06:90:e9:db:c7:1c:f6:c8:3f:ad:d6:d1:aa:
97:9d:28:e1:7d:d5:fa:c4:29:ae:76:74:03:d8:20:
1e:4a:c0:e8:04:f4:85:c4:57:84:08:c7:70:2f:96:
6d:4d:9a:87:fc:a0:cc:a4:95:02:4f:08:c9:18:8f:
1c:19:d5:ab:5a:67:9a:ed:1d:a9:4b:54:5f:4e:17:
e6:a1:bb:0e:99:17:08:96:95:81:a5:47:a9:9e:e7:
2c:28:0a:b1:90:30:dc:84:f6:90:75:d9:96:8c:1c:
59:a3:1f:61:2e:ae:85:f7:ff:d5:dd:5a:fd:05:23:
73:39:66:29:b6:13:8b:39:4e:df:44:8e:56:f4:9c:
0d:d0:41:6d:88:f4:68:fa:92:fe:bd:49:ad:d3:08:
0b:f7:b4:3f:fe:a2:16:d2:00:83:d2:f5:97:0a:6e:
47:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:42:6F:2B:5A:B8:3F:E6:CF:FD:39:C9:78:8F:90:8A:5B:51:DE:4A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/f0JvK1q4P-bP_TnJeI-QiltR3ko.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:63:a1:fe:5f:61:0b:9b:4a:bc:44:6c:0a:12:cd:56:b1:ea:
49:fa:43:2a:1c:e3:71:bc:06:f8:f6:68:28:9b:23:67:94:9e:
2f:93:33:5f:c2:13:db:60:0f:8e:8d:6c:f7:27:66:2d:4f:4f:
9d:19:9a:29:1c:7d:d8:19:ce:d5:13:90:d3:f6:84:7f:21:91:
10:de:2a:14:98:6d:b4:b5:6a:a9:7e:12:b0:e5:43:19:02:ab:
61:22:e0:c4:e1:d5:90:cf:dc:da:e7:ea:c7:8f:d0:9d:64:60:
c7:5c:c8:6c:18:a6:62:04:88:b3:0e:06:50:9c:f7:c1:4f:a1:
93:ed:56:68:b0:41:04:18:9b:d1:b2:97:52:2c:a7:32:36:36:
08:76:85:ed:79:80:a2:c3:10:58:95:b7:4c:1a:5c:6d:0f:68:
e6:4e:67:e6:3f:90:b4:e9:a5:e3:67:da:e9:46:8c:54:15:78:
e7:f2:21:4d:ab:a8:e4:d4:38:bf:13:3a:e6:ea:26:39:ae:fd:
38:2f:89:43:37:0d:6c:ae:2f:99:58:6a:bb:63:5f:34:ad:9f:
ef:ca:20:2e:63:60:e2:fe:e8:f4:dc:df:50:f2:4d:6d:d2:10:
c0:ca:cd:61:18:f2:99:80:50:81:e1:e8:03:50:34:79:ee:59:
d5:60:a9:7e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjEw
MDIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdGNDI2RjJCNUFCODNG
RTZDRkZEMzlDOTc4OEY5MDhBNUI1MURFNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDet7voQHdgxWyXE8y/0T4oVgVY+/sf3y64xmykZn3M6SStI70h
yRnBTnAVX1ZtqsNULrRoXgXwCd1CATG+UHETU4wK7pe3ilyGVtcW62iHwpnPsAEf
XQNSop/5BpDp28cc9sg/rdbRqpedKOF91frEKa52dAPYIB5KwOgE9IXEV4QIx3Av
lm1Nmof8oMyklQJPCMkYjxwZ1ataZ5rtHalLVF9OF+ahuw6ZFwiWlYGlR6me5ywo
CrGQMNyE9pB12ZaMHFmjH2EuroX3/9XdWv0FI3M5Zim2E4s5Tt9Ejlb0nA3QQW2I
9Gj6kv69Sa3TCAv3tD/+ohbSAIPS9ZcKbke9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUf0JvK1q4P+bP/TnJeI+QiltR3kowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2YwSnZLMXE0UC1iUF9U
bkplSS1RaWx0UjNrby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAcWOh/l9hC5tKvERsChLNVrHqSfpDKhzj
cbwG+PZoKJsjZ5SeL5MzX8IT22APjo1s9ydmLU9PnRmaKRx92BnO1ROQ0/aEfyGR
EN4qFJhttLVqqX4SsOVDGQKrYSLgxOHVkM/c2ufqx4/QnWRgx1zIbBimYgSIsw4G
UJz3wU+hk+1WaLBBBBib0bKXUiynMjY2CHaF7XmAosMQWJW3TBpcbQ9o5k5n5j+Q
tOml42fa6UaMVBV45/IhTauo5NQ4vxM65uomOa79OC+JQzcNbK4vmVhqu2NfNK2f
78ogLmNg4v7o9NzfUPJNbdIQwMrNYRjymYBQgeHoA1A0ee5Z1WCpfg==
-----END CERTIFICATE-----
Generated at Sat Jun 21 15:32:36 2025 by rpki-client