Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1-l0TRmWZq2O4gTPc69QuXpEHPE.roa
File: 1-l0TRmWZq2O4gTPc69QuXpEHPE.roa (raw, json)
Hash identifier: Wfq+V9KkG0hzdQi7VgxkHe/84g/K7pt9MWDL0MElUBc=
Subject key identifier: D7:E9:74:4D:19:96:66:AD:8E:E2:04:CF:73:AF:50:B9:7A:44:1C:F1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F22
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1-l0TRmWZq2O4gTPc69QuXpEHPE.roa
Signing time: Sat 04 May 2024 02:23:53 +0000
ROA not before: Sat 04 May 2024 02:23:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20258 (0x4f22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 02:23:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D7E9744D199666AD8EE204CF73AF50B97A441CF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:39:f4:75:d1:14:2c:76:2e:d9:8a:f1:20:ee:
5d:fb:79:0a:18:83:ae:8f:3b:be:d9:7c:2d:50:68:
bd:c3:29:73:37:2f:db:7a:a0:db:ca:bb:03:33:90:
68:54:6c:7a:50:f4:21:d7:e9:07:d0:3b:49:fa:31:
f1:1d:da:7d:38:ab:fa:00:c7:a8:19:fd:d0:f8:15:
da:fa:46:71:1b:cd:ca:25:d7:dd:18:96:e2:0d:f1:
8e:33:95:3a:de:59:fa:6c:d1:27:27:b3:54:07:b3:
3a:31:c1:af:05:f8:59:c8:96:c3:eb:8c:0b:7d:83:
ce:5d:2a:c3:52:3f:d8:73:dd:9c:60:41:19:d3:26:
12:07:5b:89:ec:62:d4:7a:a9:fc:50:04:35:1c:e7:
92:4d:a8:a9:42:15:fb:4d:29:4d:1d:c0:31:f1:81:
b3:42:93:a2:3c:39:4d:d3:72:ec:cf:ba:fc:fa:8c:
91:60:22:c9:e4:fc:ad:92:7e:02:d1:ea:26:8e:69:
5b:6c:1a:ac:f8:75:a5:bc:e7:bd:f3:36:25:2c:ea:
35:f3:87:bb:9b:ae:08:bf:ad:41:f5:b4:24:03:b3:
9a:6c:07:66:ae:ea:24:97:a7:b0:2d:05:5a:ac:b2:
2a:45:de:3b:f1:06:24:09:fb:a7:83:87:3b:5a:92:
25:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E9:74:4D:19:96:66:AD:8E:E2:04:CF:73:AF:50:B9:7A:44:1C:F1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1-l0TRmWZq2O4gTPc69QuXpEHPE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:5d:44:46:69:14:85:d1:7b:6c:b5:52:2c:ba:5b:ac:a8:23:
7d:55:10:f9:9d:6b:e1:0a:71:c0:4c:a9:53:fb:e1:d3:bb:17:
df:3c:26:eb:a2:66:32:d3:5f:78:fd:0b:05:22:70:de:4c:1c:
d5:44:33:08:e9:02:06:91:e7:1a:f9:db:f5:2d:78:90:d8:c0:
9e:0a:00:9d:e5:6a:f5:c6:1b:ab:ef:ee:8b:db:82:aa:ad:5e:
98:3e:2c:ef:b3:d5:76:51:93:2e:16:91:67:f7:a1:82:f7:93:
ca:0a:c2:93:9d:fc:31:52:ba:b2:ab:21:31:cb:29:8c:13:b1:
cc:58:bb:ca:20:4a:2b:d3:1c:c5:75:1e:5e:9a:0f:34:2b:4d:
6a:1a:4f:e6:1d:1d:de:13:1b:42:b0:bb:26:a0:6d:23:5f:6f:
b4:cb:b7:34:c9:cc:1e:c8:9c:d2:b1:54:4d:f7:b8:51:79:0c:
45:ec:c6:f4:63:be:08:23:57:26:de:c4:8b:8f:68:65:54:95:
9c:3a:4c:de:db:09:96:d5:2d:76:67:91:fb:32:f5:3b:ae:27:
16:a7:26:fc:98:ca:72:fa:77:eb:8b:99:1c:f4:ce:56:88:61:
54:06:43:2b:cb:e8:e3:9a:27:17:46:a4:44:72:d7:65:eb:0b:
48:09:e8:50
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTyIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQw
MjIzNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ3RTk3NDREMTk5NjY2
QUQ4RUUyMDRDRjczQUY1MEI5N0E0NDFDRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwOfR10RQsdi7ZivEg7l37eQoYg66PO77ZfC1QaL3DKXM3L9t6
oNvKuwMzkGhUbHpQ9CHX6QfQO0n6MfEd2n04q/oAx6gZ/dD4Fdr6RnEbzcol190Y
luIN8Y4zlTreWfps0Scns1QHszoxwa8F+FnIlsPrjAt9g85dKsNSP9hz3ZxgQRnT
JhIHW4nsYtR6qfxQBDUc55JNqKlCFftNKU0dwDHxgbNCk6I8OU3TcuzPuvz6jJFg
Isnk/K2SfgLR6iaOaVtsGqz4daW8573zNiUs6jXzh7ubrgi/rUH1tCQDs5psB2au
6iSXp7AtBVqssipF3jvxBiQJ+6eDhztakiVLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU1+l0TRmWZq2O4gTPc69QuXpEHPEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzEtbDBUUm1XWnEyTzRn
VFBjNjlRdVhwRUhQRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEArF1ERmkUhdF7bLVSLLpbrKgjfVUQ+Z1r
4QpxwEypU/vh07sX3zwm66JmMtNfeP0LBSJw3kwc1UQzCOkCBpHnGvnb9S14kNjA
ngoAneVq9cYbq+/ui9uCqq1emD4s77PVdlGTLhaRZ/ehgveTygrCk538MVK6sqsh
McspjBOxzFi7yiBKK9McxXUeXpoPNCtNahpP5h0d3hMbQrC7JqBtI19vtMu3NMnM
Hsic0rFUTfe4UXkMRezG9GO+CCNXJt7Ei49oZVSVnDpM3tsJltUtdmeR+zL1O64n
Fqcm/JjKcvp364uZHPTOVohhVAZDK8vo45onF0akRHLXZesLSAnoUA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:13 2025 by rpki-client