Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/18g3Vfaa8TZEg_e7UJBBfbn0ZuI.roa
File: 18g3Vfaa8TZEg_e7UJBBfbn0ZuI.roa (raw, json)
Hash identifier: LGKLP/jjpHFAYG8XlgnHEtbXqmGYeSVlHlkWQnasOic=
Subject key identifier: D7:C8:37:55:F6:9A:F1:36:44:83:F7:BB:50:90:41:7D:B9:F4:66:E2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D1A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/18g3Vfaa8TZEg_e7UJBBfbn0ZuI.roa
Signing time: Wed 01 May 2024 09:23:37 +0000
ROA not before: Wed 01 May 2024 09:23:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19738 (0x4d1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 09:23:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D7C83755F69AF1364483F7BB5090417DB9F466E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b5:87:7e:18:10:23:97:cd:44:e0:d6:1d:b5:
cb:38:e4:8a:12:af:86:bb:91:bd:0b:91:9f:6e:44:
31:92:ab:f8:bc:d9:f0:61:d7:00:90:3a:99:dc:65:
f6:5d:05:09:04:f5:1f:36:2f:10:b9:97:62:e7:25:
35:0d:a0:bb:72:20:1f:b4:f8:82:3a:08:14:c5:9e:
8a:81:ba:01:50:2d:fd:d9:3e:c3:49:f5:cd:bc:f4:
c3:84:0e:0d:dd:fd:8c:5c:20:73:d2:3a:f2:fd:c3:
5c:63:24:85:00:7f:09:49:d1:a4:d2:86:a8:cf:6e:
0b:48:8f:51:a9:93:03:aa:85:c2:53:44:53:91:75:
6a:e2:bd:0e:f4:ab:05:c8:ca:8b:24:8f:19:18:98:
71:7f:e7:7b:09:3d:b7:8a:b3:df:36:b5:69:bc:1d:
38:e7:0f:12:25:52:89:73:b5:82:a7:0b:c4:97:b3:
65:ff:14:e9:e7:14:80:7f:90:35:9b:0a:1d:8c:37:
e3:27:33:f4:65:0f:a9:60:26:83:b4:22:f7:7d:4d:
83:1d:ca:94:db:e4:d2:26:e3:87:34:93:14:91:ca:
59:74:93:08:13:5d:bf:0c:6e:f8:c3:ce:7f:7e:da:
8e:d8:97:1d:a9:77:94:03:1a:55:9d:38:cc:49:51:
b4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C8:37:55:F6:9A:F1:36:44:83:F7:BB:50:90:41:7D:B9:F4:66:E2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/18g3Vfaa8TZEg_e7UJBBfbn0ZuI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:8a:69:68:af:4e:f4:c3:4f:46:b3:fd:37:90:b1:02:33:30:
4e:b5:ec:0a:c8:15:48:07:70:9c:38:a5:c9:b4:fb:3e:8c:9b:
91:1e:8c:c5:81:ec:70:44:f6:91:7f:fa:93:cb:a9:c7:db:13:
26:7e:30:7a:65:6b:9c:c7:8d:5b:46:40:4d:36:a9:73:2b:ac:
5b:29:3a:b5:b4:8a:69:4d:af:e7:4d:34:10:06:65:df:78:07:
92:ea:94:d3:f5:53:b4:25:73:c7:3c:1a:1a:a3:de:7d:5e:7b:
1a:37:c9:39:a8:75:bb:4d:9f:df:2b:dc:a5:d6:9d:b6:fa:a2:
15:cd:0e:a7:fc:df:a9:0d:1a:43:44:77:bc:14:59:34:30:52:
fb:83:c8:c4:8a:4d:9e:c9:94:50:1d:11:94:76:9c:72:48:c5:
ca:03:20:bb:07:b6:a9:b7:d8:ff:a6:1b:80:00:6a:cb:f7:42:
80:d8:0f:f6:01:43:c1:1b:5d:95:45:2d:09:63:b7:fd:88:e7:
5a:3f:7e:13:ca:7b:69:2d:77:85:c8:6d:ac:72:8f:80:74:af:
d1:bf:36:90:34:d3:3c:b0:0b:b4:df:46:f9:7b:22:e6:6a:61:
2d:cc:7a:05:63:79:2c:54:e4:c9:2c:34:d7:8f:67:1c:29:fe:
27:7c:f9:1e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTRowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEw
OTIzMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ3QzgzNzU1RjY5QUYx
MzY0NDgzRjdCQjUwOTA0MTdEQjlGNDY2RTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4tYd+GBAjl81E4NYdtcs45IoSr4a7kb0LkZ9uRDGSq/i82fBh
1wCQOpncZfZdBQkE9R82LxC5l2LnJTUNoLtyIB+0+II6CBTFnoqBugFQLf3ZPsNJ
9c289MOEDg3d/YxcIHPSOvL9w1xjJIUAfwlJ0aTShqjPbgtIj1GpkwOqhcJTRFOR
dWrivQ70qwXIyoskjxkYmHF/53sJPbeKs982tWm8HTjnDxIlUolztYKnC8SXs2X/
FOnnFIB/kDWbCh2MN+MnM/RlD6lgJoO0Ivd9TYMdypTb5NIm44c0kxSRyll0kwgT
Xb8MbvjDzn9+2o7Ylx2pd5QDGlWdOMxJUbTLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU18g3Vfaa8TZEg/e7UJBBfbn0ZuIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzE4ZzNWZmFhOFRaRWdf
ZTdVSkJCZmJuMFp1SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAiYppaK9O9MNPRrP9N5CxAjMwTrXsCsgV
SAdwnDilybT7PoybkR6MxYHscET2kX/6k8upx9sTJn4wemVrnMeNW0ZATTapcyus
Wyk6tbSKaU2v5000EAZl33gHkuqU0/VTtCVzxzwaGqPefV57GjfJOah1u02f3yvc
pdadtvqiFc0Op/zfqQ0aQ0R3vBRZNDBS+4PIxIpNnsmUUB0RlHacckjFygMguwe2
qbfY/6YbgABqy/dCgNgP9gFDwRtdlUUtCWO3/YjnWj9+E8p7aS13hchtrHKPgHSv
0b82kDTTPLALtN9G+Xsi5mphLcx6BWN5LFTkySw0149nHCn+J3z5Hg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:12 2025 by rpki-client