Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0YmD2zXLlSNJextLY8GzWSE1tgw.roa
File: 0YmD2zXLlSNJextLY8GzWSE1tgw.roa (raw, json)
Hash identifier: Pd2zGGiR5WhS0W6zuCvVZ2elQ+hbATQgH+gEJKoGTyc=
Subject key identifier: D1:89:83:DB:35:CB:95:23:49:7B:1B:4B:63:C1:B3:59:21:35:B6:0C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5152
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0YmD2zXLlSNJextLY8GzWSE1tgw.roa
Signing time: Tue 07 May 2024 00:24:02 +0000
ROA not before: Tue 07 May 2024 00:24:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20818 (0x5152)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 00:24:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D18983DB35CB9523497B1B4B63C1B3592135B60C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b5:9c:38:63:4a:6e:5e:21:f4:dd:cf:fd:7b:
89:f1:a1:3c:59:7f:49:95:be:07:24:b3:1f:6a:9e:
87:54:b3:af:ff:c1:7e:b9:8d:08:3e:f2:10:86:f4:
49:99:88:d1:8c:8c:38:bd:d5:4e:04:46:f0:6c:d5:
5a:55:52:ad:00:ef:fe:48:aa:2d:9a:05:92:e6:61:
5d:89:42:bd:b6:e6:e7:0c:47:7b:c2:0a:15:1e:20:
48:8c:26:f5:f3:f7:d7:f9:a6:76:9b:aa:f2:0d:5a:
77:e2:a5:82:9a:43:9d:06:53:9f:66:a5:4d:9e:9a:
6b:be:95:34:35:ad:d3:8c:36:1f:e1:31:76:0a:de:
84:08:78:72:08:4f:9f:d2:ac:55:d9:33:2c:db:6f:
71:db:03:33:29:10:d9:c0:6c:e5:4a:ac:7f:7f:07:
92:9a:d5:14:2f:a4:f1:b4:e9:3f:f3:af:ba:2f:2f:
ac:f3:f8:e6:16:7b:37:8f:95:3a:72:bd:8f:af:52:
31:ea:58:56:b4:d0:3e:0f:55:31:1c:fc:1d:b3:9f:
c3:f5:8d:86:82:0c:a9:a5:94:bb:bb:25:91:e3:9b:
85:d3:c2:12:a7:52:bc:f6:10:c5:1b:70:33:6a:b9:
fb:06:f3:4f:31:47:d2:21:1b:54:e2:9a:45:3f:6a:
6b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:89:83:DB:35:CB:95:23:49:7B:1B:4B:63:C1:B3:59:21:35:B6:0C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0YmD2zXLlSNJextLY8GzWSE1tgw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:4c:33:eb:68:20:47:5a:04:b9:1b:ef:a0:79:d4:eb:88:f0:
21:92:86:1e:5b:dc:fd:59:1a:0b:31:10:58:61:9b:51:90:c1:
25:38:04:38:1e:81:31:86:0a:55:0a:ad:52:9c:1a:71:38:69:
0f:a8:e2:f6:c8:9c:f6:61:4d:46:60:a2:ca:41:8b:ee:e8:fd:
d5:b6:e3:e9:25:22:c7:b7:29:6b:3e:ff:d9:19:91:c7:cb:5a:
aa:ed:50:45:6a:7c:52:63:a0:72:25:b7:97:fa:70:5f:07:b2:
3b:91:4a:f5:7a:ea:f3:6e:92:87:56:d1:58:49:2f:e7:b3:55:
4f:ab:7a:55:2b:10:05:f2:05:80:85:32:99:77:fd:32:8b:cd:
7e:22:0b:83:d4:7a:9c:dc:8d:f3:57:c4:98:44:ba:e3:de:f7:
b5:ad:11:08:cb:f0:dd:e2:71:47:c8:6c:b4:3c:1c:b5:be:5a:
f5:e3:f4:b9:e7:e4:32:1b:de:4a:8b:97:43:08:9a:d1:e3:60:
5a:59:8f:eb:d1:93:e2:9f:a6:7a:51:03:09:51:92:8f:4e:b7:
38:f0:31:ce:36:26:4b:90:25:a3:f2:a5:e3:31:29:03:d1:b8:
b7:54:95:b3:ec:51:00:5f:85:c3:83:9c:2f:7c:f2:db:b8:c2:
26:f1:be:0e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcw
MDI0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQxODk4M0RCMzVDQjk1
MjM0OTdCMUI0QjYzQzFCMzU5MjEzNUI2MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGtZw4Y0puXiH03c/9e4nxoTxZf0mVvgcksx9qnodUs6//wX65
jQg+8hCG9EmZiNGMjDi91U4ERvBs1VpVUq0A7/5Iqi2aBZLmYV2JQr225ucMR3vC
ChUeIEiMJvXz99f5pnabqvINWnfipYKaQ50GU59mpU2emmu+lTQ1rdOMNh/hMXYK
3oQIeHIIT5/SrFXZMyzbb3HbAzMpENnAbOVKrH9/B5Ka1RQvpPG06T/zr7ovL6zz
+OYWezePlTpyvY+vUjHqWFa00D4PVTEc/B2zn8P1jYaCDKmllLu7JZHjm4XTwhKn
Urz2EMUbcDNqufsG808xR9IhG1TimkU/amu/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU0YmD2zXLlSNJextLY8GzWSE1tgwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBZbUQyelhMbFNOSmV4
dExZOEd6V1NFMXRndy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEALEwz62ggR1oEuRvvoHnU64jwIZKGHlvc
/VkaCzEQWGGbUZDBJTgEOB6BMYYKVQqtUpwacThpD6ji9sic9mFNRmCiykGL7uj9
1bbj6SUix7cpaz7/2RmRx8taqu1QRWp8UmOgciW3l/pwXweyO5FK9Xrq826Sh1bR
WEkv57NVT6t6VSsQBfIFgIUymXf9MovNfiILg9R6nNyN81fEmES64973ta0RCMvw
3eJxR8hstDwctb5a9eP0uefkMhveSouXQwia0eNgWlmP69GT4p+melEDCVGSj063
OPAxzjYmS5Alo/Kl4zEpA9G4t1SVs+xRAF+Fw4OcL3zy27jCJvG+Dg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:05 2025 by rpki-client