Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dbf_Tba7gFm2Laqvb7wxCSOl2Jo.roa
File: dbf_Tba7gFm2Laqvb7wxCSOl2Jo.roa (raw, json)
Hash identifier: h56Lee054oUUjyQD1i7ElyHEfnVunRLzwHqpuhIlAio=
Subject key identifier: 75:B7:FF:4D:B6:BB:80:59:B6:2D:AA:AF:6F:BC:31:09:23:A5:D8:9A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 439E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dbf_Tba7gFm2Laqvb7wxCSOl2Jo.roa
Signing time: Thu 18 Apr 2024 17:53:26 +0000
ROA not before: Thu 18 Apr 2024 17:53:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17310 (0x439e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 17:53:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=75B7FF4DB6BB8059B62DAAAF6FBC310923A5D89A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:07:27:1c:7f:06:c9:d0:e6:46:3a:fd:7b:e1:
c0:cf:57:a6:0e:2b:91:32:b9:43:41:40:2b:5c:da:
ad:5a:75:5e:d4:e7:04:72:7b:f1:12:75:ec:60:db:
3b:ad:2c:f7:89:63:4d:1f:a5:3c:bc:76:ae:96:d9:
1c:fb:24:5e:63:01:be:06:55:59:cd:13:6a:b9:f3:
6a:f2:24:9f:39:ab:4a:db:c1:d6:47:b6:d0:f7:48:
c4:ee:ce:1b:33:54:29:90:aa:63:a0:4e:0d:cd:33:
3d:22:2e:cd:e4:7b:0b:77:c8:d6:17:39:17:34:79:
f1:ec:03:12:7b:5d:40:07:61:3b:9e:83:df:6f:fd:
a7:41:d4:af:44:c8:0d:76:22:d2:73:66:17:07:28:
f6:dc:6c:19:7d:0e:18:e0:a3:56:ae:20:10:49:c4:
74:62:77:8e:c3:f4:8c:5d:93:59:96:e4:9c:f7:43:
40:52:94:49:7e:64:7f:f6:25:bc:48:64:d3:35:d8:
82:40:51:7b:75:10:81:9e:91:e1:98:5f:69:31:99:
91:1b:3f:ee:45:f6:f6:a0:fa:59:c1:3b:c1:4b:13:
89:ac:1e:c0:b7:38:86:53:27:be:fe:55:0f:ea:f9:
6c:91:a2:ac:95:fa:1e:81:55:64:4e:91:84:7d:5b:
16:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B7:FF:4D:B6:BB:80:59:B6:2D:AA:AF:6F:BC:31:09:23:A5:D8:9A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dbf_Tba7gFm2Laqvb7wxCSOl2Jo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:42:e8:01:5e:36:c8:0b:9e:00:a7:65:88:94:cc:df:a5:6d:
bd:bf:c7:fa:f0:cb:a8:c2:28:ec:38:97:80:e9:86:8f:85:4e:
91:d7:81:19:7d:34:cd:b5:57:04:12:15:f8:be:92:7b:4f:79:
08:dd:48:59:d1:23:a3:e8:05:53:92:c0:13:af:70:20:68:9d:
f2:8a:84:c1:c6:5b:eb:d0:ff:ab:e0:50:cc:3d:0b:47:5d:97:
cf:a9:db:a7:1e:50:95:22:9b:ce:a3:1f:4d:de:3f:f3:78:c5:
7b:d7:f6:bc:f5:e2:07:31:00:0d:f7:cc:f4:c1:00:e1:6d:ab:
80:d0:bf:83:76:4b:e8:8d:50:30:f5:8b:ea:ad:14:9b:25:24:
28:b3:81:b8:18:6d:67:33:81:e6:49:fe:2f:bf:84:0b:c2:3b:
f3:0f:3e:13:b8:c0:f6:4c:35:df:13:05:77:73:e4:09:36:7a:
ea:d4:3c:67:5d:8d:b0:9d:8a:a9:98:a8:92:c4:86:5e:78:4b:
69:60:03:bc:e8:8d:24:ae:de:36:99:89:40:cd:4a:6f:b0:88:
7b:72:6d:91:29:01:76:2c:d3:ba:48:d1:a2:fa:04:20:f8:8b:
f8:16:39:a5:54:9a:32:5f:b4:e2:80:25:31:12:8a:a8:94:85:
4b:b0:4f:aa
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ54wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
NzUzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc1QjdGRjREQjZCQjgw
NTlCNjJEQUFBRjZGQkMzMTA5MjNBNUQ4OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbByccfwbJ0OZGOv174cDPV6YOK5EyuUNBQCtc2q1adV7U5wRy
e/ESdexg2zutLPeJY00fpTy8dq6W2Rz7JF5jAb4GVVnNE2q582ryJJ85q0rbwdZH
ttD3SMTuzhszVCmQqmOgTg3NMz0iLs3kewt3yNYXORc0efHsAxJ7XUAHYTueg99v
/adB1K9EyA12ItJzZhcHKPbcbBl9Dhjgo1auIBBJxHRid47D9Ixdk1mW5Jz3Q0BS
lEl+ZH/2JbxIZNM12IJAUXt1EIGekeGYX2kxmZEbP+5F9vag+lnBO8FLE4msHsC3
OIZTJ77+VQ/q+WyRoqyV+h6BVWROkYR9WxZRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdbf/Tba7gFm2Laqvb7wxCSOl2JowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RiZl9UYmE3Z0ZtMkxh
cXZiN3d4Q1NPbDJKby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEArkLoAV42yAueAKdliJTM36Vtvb/H+vDL
qMIo7DiXgOmGj4VOkdeBGX00zbVXBBIV+L6Se095CN1IWdEjo+gFU5LAE69wIGid
8oqEwcZb69D/q+BQzD0LR12Xz6nbpx5QlSKbzqMfTd4/83jFe9f2vPXiBzEADffM
9MEA4W2rgNC/g3ZL6I1QMPWL6q0UmyUkKLOBuBhtZzOB5kn+L7+EC8I78w8+E7jA
9kw13xMFd3PkCTZ66tQ8Z12NsJ2KqZioksSGXnhLaWADvOiNJK7eNpmJQM1Kb7CI
e3JtkSkBdizTukjRovoEIPiL+BY5pVSaMl+04oAlMRKKqJSFS7BPqg==
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:36:14 2025 by rpki-client