220.127.116.11 Validating a CPA
Verify that the CPA conforms to the syntax as specified in section 18.104.22.168.
If a nonzero BinaryAuthority is present in the CPA, then verify that either a Certificate Chain is present in the CPA or the BinaryAuthority is a SHA-1 hash of the public key included in the CPA. If a Certificate Chain exists, then validate the Certificate Chain as specified in section 22.214.171.124.
If the X flag bit in CPA is set, then validate the Extended Payload field as specified in section 126.96.36.199.
Retrieve the current UTC time for the local PNRP node. Verify that it is not greater than the value in the Not After field.
Verify that the value of the Nonce field in the CPA matches the value of the Nonce field in the original INQUIRE message.
Using the BinaryAuthority, ClassifierHash, and ServiceLocation in the CPA, construct the PNRP ID as specified in section 188.8.131.52.1. Verify that the computed PNRP ID matches the PNRP ID in the ROUTE_ENTRY message in the AUTHORITY_BUFFER message.