Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/awBy7yFvgO-ZDWOQb6MZjio1Awc.roa
File: awBy7yFvgO-ZDWOQb6MZjio1Awc.roa (raw, json)
Hash identifier: bSSyacat1IetR5QOWWEP1tK6uso9V/h32jhLccawSFM=
Subject key identifier: 6B:00:72:EF:21:6F:80:EF:99:0D:63:90:6F:A3:19:8E:2A:35:03:07
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 54B2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/awBy7yFvgO-ZDWOQb6MZjio1Awc.roa
Signing time: Sat 11 May 2024 12:24:08 +0000
ROA not before: Sat 11 May 2024 12:24:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21682 (0x54b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 12:24:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6B0072EF216F80EF990D63906FA3198E2A350307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:26:fa:6b:f2:35:0d:59:d6:f5:25:e0:a2:b2:
9f:76:ef:03:db:be:8e:41:1b:26:f8:97:f8:19:fc:
19:0e:e9:a7:c7:25:7b:e3:63:52:6e:1b:f7:8b:3e:
06:e4:d3:05:84:40:61:18:3d:38:1f:fc:d9:68:2f:
d5:6c:06:85:a4:c1:53:b5:fd:38:5c:99:d7:85:1a:
90:64:3e:1c:86:66:34:19:c0:ea:7c:03:69:98:13:
2a:3f:98:cd:3c:01:b3:ad:69:a4:01:56:b8:86:87:
9c:9c:79:76:93:96:97:36:30:cf:f1:69:22:81:4d:
5f:41:29:3c:38:59:f5:13:82:12:c4:ee:f4:e3:4a:
c2:05:d4:c1:fa:b3:a4:b2:4d:2f:b2:1f:15:df:c7:
88:5a:30:1c:6e:ba:ab:5e:12:b4:94:ab:ea:b3:57:
49:ce:8f:9c:ea:4d:88:d1:e2:2b:ee:82:5c:99:24:
eb:b9:c1:14:d6:a4:23:ef:36:23:0d:68:fb:b8:58:
a3:4b:ac:4a:6c:ca:0d:e3:2e:59:6f:18:96:90:d7:
0e:15:0a:56:87:26:da:64:92:48:f6:01:0b:92:c9:
e8:7c:16:d0:66:d9:f3:70:a5:70:ea:cd:87:45:61:
bb:9e:f2:ed:cc:50:81:f4:c7:00:4a:61:56:79:1c:
ea:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:00:72:EF:21:6F:80:EF:99:0D:63:90:6F:A3:19:8E:2A:35:03:07
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/awBy7yFvgO-ZDWOQb6MZjio1Awc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:9a:13:ef:82:7e:bd:d5:cc:6f:aa:08:83:01:c2:8e:28:98:
07:7b:db:bf:1b:1d:d2:a6:c0:31:a7:49:ae:dc:98:a8:9a:9a:
8c:c4:bf:e0:0c:cb:6d:00:b8:9f:bb:b4:89:b2:8e:21:e2:99:
44:4f:31:e9:f0:3b:b2:7e:04:62:ec:07:71:8e:d3:00:c1:00:
54:51:87:db:bd:40:43:0c:bb:48:e0:75:07:8d:cc:cd:49:fd:
ff:62:ef:c0:14:1d:6c:6e:a9:aa:db:69:9f:66:89:e7:fa:8a:
00:ab:0b:6a:14:b2:c1:46:42:bb:5a:63:74:e6:30:76:8f:14:
07:fe:47:94:34:40:9d:02:2c:cf:ed:59:e9:67:86:d9:8d:d2:
81:84:7f:2f:58:59:ae:85:2c:7a:a8:27:68:32:00:b7:b4:bc:
ef:41:62:f5:77:d2:93:41:9e:b4:f1:25:cc:80:b4:32:98:c7:
42:2d:42:21:0e:d2:47:57:b5:76:d3:93:1b:67:73:ac:da:ad:
dc:82:80:31:29:c5:f7:10:30:2a:6c:ee:52:03:15:6f:00:f5:
c0:c5:96:b4:0b:22:88:77:15:76:2e:3a:a9:eb:b7:e6:68:88:
02:fa:d6:6e:71:6f:f3:aa:b4:65:26:82:9a:2a:7c:22:1d:1d:
f4:a6:da:c7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEx
MjI0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZCMDA3MkVGMjE2Rjgw
RUY5OTBENjM5MDZGQTMxOThFMkEzNTAzMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiJvpr8jUNWdb1JeCisp927wPbvo5BGyb4l/gZ/BkO6afHJXvj
Y1JuG/eLPgbk0wWEQGEYPTgf/NloL9VsBoWkwVO1/ThcmdeFGpBkPhyGZjQZwOp8
A2mYEyo/mM08AbOtaaQBVriGh5yceXaTlpc2MM/xaSKBTV9BKTw4WfUTghLE7vTj
SsIF1MH6s6SyTS+yHxXfx4haMBxuuqteErSUq+qzV0nOj5zqTYjR4ivuglyZJOu5
wRTWpCPvNiMNaPu4WKNLrEpsyg3jLllvGJaQ1w4VClaHJtpkkkj2AQuSyeh8FtBm
2fNwpXDqzYdFYbue8u3MUIH0xwBKYVZ5HOpXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUawBy7yFvgO+ZDWOQb6MZjio1AwcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2F3Qnk3eUZ2Z08tWkRX
T1FiNk1aamlvMUF3Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAlZoT74J+vdXMb6oIgwHCjiiYB3vbvxsd
0qbAMadJrtyYqJqajMS/4AzLbQC4n7u0ibKOIeKZRE8x6fA7sn4EYuwHcY7TAMEA
VFGH271AQwy7SOB1B43MzUn9/2LvwBQdbG6pqttpn2aJ5/qKAKsLahSywUZCu1pj
dOYwdo8UB/5HlDRAnQIsz+1Z6WeG2Y3SgYR/L1hZroUseqgnaDIAt7S870Fi9XfS
k0GetPElzIC0MpjHQi1CIQ7SR1e1dtOTG2dzrNqt3IKAMSnF9xAwKmzuUgMVbwD1
wMWWtAsiiHcVdi46qeu35miIAvrWbnFv86q0ZSaCmip8Ih0d9Kbaxw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:24 2025 by rpki-client