Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-KliLv4Pv4oy_KppTRUUYcMo_wM.roa
File: -KliLv4Pv4oy_KppTRUUYcMo_wM.roa (raw, json)
Hash identifier: rESfAyp441sYV1mZDLADXcFF91CE2oLH5v8eKySFm3k=
Subject key identifier: F8:A9:62:2E:FE:0F:BF:8A:32:FC:AA:69:4D:15:14:61:C3:28:FF:03
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B9E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-KliLv4Pv4oy_KppTRUUYcMo_wM.roa
Signing time: Mon 29 Apr 2024 09:53:30 +0000
ROA not before: Mon 29 Apr 2024 09:53:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19358 (0x4b9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 09:53:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F8A9622EFE0FBF8A32FCAA694D151461C328FF03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d8:a5:8c:f0:e3:f2:84:d4:30:83:53:66:2e:
58:a7:f1:4a:06:88:4a:78:3f:c0:8c:00:5c:e2:e5:
dc:15:d8:f1:a6:ed:8e:9f:72:f8:f7:e9:8b:34:4b:
28:29:de:ba:e2:51:85:4d:60:e5:25:b1:c1:6b:6d:
cf:30:0c:01:d4:e7:4f:e4:65:a1:66:c6:12:ad:97:
89:6c:9f:c1:ec:a6:12:c4:7f:88:2a:9b:28:3d:a5:
94:4a:7e:41:3a:7c:d9:21:40:c6:a4:33:00:07:d3:
a5:5e:d4:cc:1d:08:5d:6d:64:4b:cf:f9:73:5e:41:
d8:7a:06:c7:88:b1:b3:6b:d8:5a:d6:07:5f:bd:37:
0d:71:f4:b7:1f:bf:18:e1:64:fc:9c:0b:07:d9:b9:
39:5d:bd:88:2e:62:8a:21:89:91:a7:90:42:97:14:
25:ba:f2:6e:f9:7c:da:0b:93:b6:b6:cb:87:3a:2d:
22:dd:13:7f:0a:a0:a9:90:f6:77:db:3b:69:e7:a7:
76:8b:8e:58:03:cc:21:f8:3c:5b:90:b5:73:55:2a:
07:d9:b0:f7:7f:d2:a2:10:1f:96:50:05:60:05:7a:
dd:48:f2:1b:57:60:e0:ef:0d:11:4e:4d:76:fa:90:
d8:00:ec:c8:ab:33:f7:99:06:98:8b:b1:ce:9e:0b:
d7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A9:62:2E:FE:0F:BF:8A:32:FC:AA:69:4D:15:14:61:C3:28:FF:03
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-KliLv4Pv4oy_KppTRUUYcMo_wM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:63:7b:18:df:f8:29:b2:28:f0:c8:30:5b:d3:29:ac:a6:17:
11:72:4e:e3:c2:d3:1b:dd:78:60:18:d3:60:83:ee:cf:4c:71:
61:d6:19:5b:52:90:1f:cc:30:91:79:ec:10:35:39:06:c9:e4:
27:c0:69:01:d9:e8:34:65:18:57:d0:03:2a:a3:be:a8:18:79:
67:0f:26:07:0c:b3:50:32:80:0d:a4:82:3d:35:3a:81:20:18:
52:7a:31:29:88:0d:6b:81:fc:70:0f:50:51:e6:13:5d:25:60:
de:f4:d2:94:b1:bf:27:db:eb:ab:2a:08:e7:ed:9a:e4:c5:b9:
b6:05:53:fe:09:94:61:11:11:25:8a:15:2f:fc:2b:bd:f9:38:
06:73:b5:d4:cf:fd:92:4e:e3:9f:3b:82:d0:52:17:6d:9a:fb:
ef:30:c1:f7:12:41:06:49:26:ee:96:bc:ab:cb:01:f3:51:2e:
b6:58:39:70:e3:7b:81:af:19:61:52:81:23:c1:0d:31:69:e7:
fa:39:5b:95:c4:30:3a:52:9e:e4:b7:65:04:9b:04:6b:92:90:
ee:4a:03:a4:f2:b3:8f:58:05:84:c4:13:00:24:65:a7:cb:69:
5d:ae:79:89:7e:c3:ab:22:45:3c:58:aa:61:0d:3b:67:e9:f6:
49:8c:05:d2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICS54wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjkw
OTUzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY4QTk2MjJFRkUwRkJG
OEEzMkZDQUE2OTREMTUxNDYxQzMyOEZGMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCi2KWM8OPyhNQwg1NmLlin8UoGiEp4P8CMAFzi5dwV2PGm7Y6f
cvj36Ys0Sygp3rriUYVNYOUlscFrbc8wDAHU50/kZaFmxhKtl4lsn8HsphLEf4gq
myg9pZRKfkE6fNkhQMakMwAH06Ve1MwdCF1tZEvP+XNeQdh6BseIsbNr2FrWB1+9
Nw1x9LcfvxjhZPycCwfZuTldvYguYoohiZGnkEKXFCW68m75fNoLk7a2y4c6LSLd
E38KoKmQ9nfbO2nnp3aLjlgDzCH4PFuQtXNVKgfZsPd/0qIQH5ZQBWAFet1I8htX
YODvDRFOTXb6kNgA7MirM/eZBpiLsc6eC9eZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU+KliLv4Pv4oy/KppTRUUYcMo/wMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly1LbGlMdjRQdjRveV9L
cHBUUlVVWWNNb193TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAsmN7GN/4KbIo8MgwW9MprKYXEXJO48LT
G914YBjTYIPuz0xxYdYZW1KQH8wwkXnsEDU5BsnkJ8BpAdnoNGUYV9ADKqO+qBh5
Zw8mBwyzUDKADaSCPTU6gSAYUnoxKYgNa4H8cA9QUeYTXSVg3vTSlLG/J9vrqyoI
5+2a5MW5tgVT/gmUYRERJYoVL/wrvfk4BnO11M/9kk7jnzuC0FIXbZr77zDB9xJB
Bkkm7pa8q8sB81Eutlg5cON7ga8ZYVKBI8ENMWnn+jlblcQwOlKe5LdlBJsEa5KQ
7koDpPKzj1gFhMQTACRlp8tpXa55iX7DqyJFPFiqYQ07Z+n2SYwF0g==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:41 2025 by rpki-client