
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pQ1-4_SvAnIF16kJWp8OIrS1FrQ.roa
File: pQ1-4_SvAnIF16kJWp8OIrS1FrQ.roa (raw, json)
Hash identifier: q034j1OfbCec6mmtazoDmiY81dZag98RNlNcrWBSrP8=
Subject key identifier: A5:0D:7E:E3:F4:AF:02:72:05:D7:A9:09:5A:9F:0E:22:B4:B5:16:B4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E2A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pQ1-4_SvAnIF16kJWp8OIrS1FrQ.roa
Signing time: Thu 11 Apr 2024 11:22:46 +0000
ROA not before: Thu 11 Apr 2024 11:22:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15914 (0x3e2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 11:22:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A50D7EE3F4AF027205D7A9095A9F0E22B4B516B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d7:36:e4:ac:a9:61:a3:ba:d3:d7:08:72:7b:
ae:55:7f:88:7a:ae:e8:a8:3d:8f:9e:6e:be:7c:1e:
52:85:f2:6f:86:6a:0c:6e:be:6f:70:c0:d3:7c:56:
35:06:30:11:52:00:3f:49:2e:ce:d6:19:42:4b:d6:
6c:a0:68:0f:92:b3:fa:1b:37:21:bb:8f:aa:59:c1:
b8:42:18:9d:65:0b:f2:ee:14:e7:11:60:5b:45:c8:
c4:4a:97:7c:d1:86:98:eb:bb:ba:9d:1d:18:c7:ac:
c5:98:e7:17:4a:68:e6:6f:4d:6d:ab:a1:d9:eb:e5:
5a:bf:e7:8d:ca:22:93:15:fb:53:e3:cf:1b:bb:a3:
95:b2:d2:a0:b0:99:92:f9:42:d3:d3:04:fb:2a:89:
d0:c8:79:82:97:e4:59:f4:57:0e:0b:c2:42:c5:9e:
ba:37:55:b9:d4:fc:72:7e:37:83:10:42:f7:72:71:
52:3b:8c:c5:9f:f1:b7:80:75:e2:8c:d0:cc:00:e2:
9f:84:03:4e:e9:91:b9:d1:e7:8a:39:ee:29:0f:a0:
ab:c0:f7:14:c7:42:0f:cb:e4:48:52:8f:55:89:7e:
63:82:f8:db:58:dd:74:4a:fe:98:1a:45:79:81:fa:
df:93:f4:2e:bd:41:f3:e0:1e:6a:22:d4:f1:32:95:
c1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:0D:7E:E3:F4:AF:02:72:05:D7:A9:09:5A:9F:0E:22:B4:B5:16:B4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pQ1-4_SvAnIF16kJWp8OIrS1FrQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:bf:e6:37:68:06:44:af:69:e2:ab:3e:43:0e:94:a5:80:db:
3e:1c:40:1f:2e:e4:96:c3:66:69:7f:89:01:c2:ed:27:88:dd:
af:86:2d:37:b1:e1:5c:c3:a2:7b:ef:68:05:cf:ae:6a:6b:98:
ab:aa:b8:ad:a0:bf:0d:11:45:69:35:8f:f7:e3:64:f6:54:80:
ef:4d:06:2f:69:12:cb:13:89:59:a1:b3:1b:e9:75:ce:79:df:
71:e8:43:10:10:e2:07:f5:bb:87:64:76:d6:53:21:46:dc:c8:
64:83:f0:de:6a:b1:18:53:f6:88:05:8d:1d:1c:0c:b8:bd:68:
0e:b4:3a:39:0b:cd:77:4c:65:ef:40:d1:67:9c:99:94:e6:1b:
50:5e:bf:9d:63:ef:72:9f:18:5b:0b:55:93:0a:06:87:24:4c:
91:e4:64:fb:f5:e8:f5:8e:84:1f:32:5a:9e:bb:65:16:62:0c:
75:5b:d3:bb:a1:22:82:d5:7f:33:b0:fa:b9:6f:21:6b:2a:37:
44:2c:63:97:6c:51:dc:9f:17:5c:44:88:dd:41:57:b3:d3:61:
dc:5a:10:6b:8d:b7:ec:76:33:9e:57:34:e4:da:27:2c:4d:1e:
57:e9:6b:3f:10:41:96:d4:e2:94:8c:df:35:cb:6a:67:7b:09:
46:71:74:30
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPiowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEx
MTIyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE1MEQ3RUUzRjRBRjAy
NzIwNUQ3QTkwOTVBOUYwRTIyQjRCNTE2QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA1zbkrKlho7rT1whye65Vf4h6ruioPY+ebr58HlKF8m+Gagxu
vm9wwNN8VjUGMBFSAD9JLs7WGUJL1mygaA+Ss/obNyG7j6pZwbhCGJ1lC/LuFOcR
YFtFyMRKl3zRhpjru7qdHRjHrMWY5xdKaOZvTW2rodnr5Vq/543KIpMV+1Pjzxu7
o5Wy0qCwmZL5QtPTBPsqidDIeYKX5Fn0Vw4LwkLFnro3VbnU/HJ+N4MQQvdycVI7
jMWf8beAdeKM0MwA4p+EA07pkbnR54o57ikPoKvA9xTHQg/L5EhSj1WJfmOC+NtY
3XRK/pgaRXmB+t+T9C69QfPgHmoi1PEylcFLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUpQ1+4/SvAnIF16kJWp8OIrS1FrQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BRMS00X1N2QW5JRjE2
a0pXcDhPSXJTMUZyUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAfb/mN2gGRK9p4qs+Qw6UpYDbPhxAHy7k
lsNmaX+JAcLtJ4jdr4YtN7HhXMOie+9oBc+uamuYq6q4raC/DRFFaTWP9+Nk9lSA
700GL2kSyxOJWaGzG+l1znnfcehDEBDiB/W7h2R21lMhRtzIZIPw3mqxGFP2iAWN
HRwMuL1oDrQ6OQvNd0xl70DRZ5yZlOYbUF6/nWPvcp8YWwtVkwoGhyRMkeRk+/Xo
9Y6EHzJanrtlFmIMdVvTu6EigtV/M7D6uW8hayo3RCxjl2xR3J8XXESI3UFXs9Nh
3FoQa4237HYznlc05NonLE0eV+lrPxBBltTilIzfNctqZ3sJRnF0MA==
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:38:13 2025 by rpki-client