Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1uqWPk4Yf8nU--NzyVNwgMIuf6U.roa
File: 1uqWPk4Yf8nU--NzyVNwgMIuf6U.roa (raw, json)
Hash identifier: rpMLDBlC3ts3pdEj25isuifvRZh4JC/Unnd7+LGR7p4=
Subject key identifier: D6:EA:96:3E:4E:18:7F:C9:D4:FB:E3:73:C9:53:70:80:C2:2E:7F:A5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3372
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1uqWPk4Yf8nU--NzyVNwgMIuf6U.roa
Signing time: Thu 28 Mar 2024 04:22:05 +0000
ROA not before: Thu 28 Mar 2024 04:22:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13170 (0x3372)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 04:22:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D6EA963E4E187FC9D4FBE373C9537080C22E7FA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:20:cf:8b:6d:f6:20:c2:6b:62:86:8b:ca:b6:
8b:5e:b7:29:42:1b:63:94:c8:74:53:dd:39:93:e5:
da:89:e6:4e:f8:a5:49:3c:87:62:7b:73:7c:3d:2f:
16:9a:60:8d:5c:24:ee:ae:99:26:94:44:ad:da:63:
2f:d0:a4:50:de:2b:74:4c:09:9f:e6:d8:94:c4:bc:
7c:6e:65:22:77:f0:10:f3:c9:ec:1f:d1:e0:4d:18:
42:ed:ce:9b:d5:fd:e9:03:af:21:bb:ff:f7:2c:12:
68:65:00:f2:e9:f1:a7:c8:41:f4:80:99:5d:1b:4b:
a9:f5:bb:60:bd:c7:51:b9:7a:76:0a:f9:7a:a0:d4:
73:a5:5e:70:bc:9f:9d:41:0e:67:89:1c:cb:07:1e:
ab:61:6c:f8:c3:4f:b8:cb:af:81:fd:fb:8f:37:16:
18:a8:0d:47:0e:93:dc:7f:1d:b7:fa:3d:7d:2e:e8:
0e:21:ba:72:19:1c:7f:9b:00:f7:d9:b4:cc:cc:e1:
e8:d9:2d:f8:dd:95:f0:1a:14:17:90:1d:77:15:cd:
b5:e4:86:c1:01:83:cc:f4:7c:6c:e5:1f:dc:b9:02:
78:6c:64:aa:d0:a9:5b:d0:ae:4d:23:3e:73:0c:79:
79:21:46:1e:5d:95:00:fa:79:76:b0:af:34:48:d4:
f9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:EA:96:3E:4E:18:7F:C9:D4:FB:E3:73:C9:53:70:80:C2:2E:7F:A5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1uqWPk4Yf8nU--NzyVNwgMIuf6U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:cc:a7:39:e9:20:2b:5a:f7:03:23:42:33:ba:f0:46:c4:7b:
94:f4:76:ea:40:4f:1c:9d:18:75:99:e4:d2:a5:b1:fc:ef:eb:
dd:a3:61:ca:90:d8:7a:1c:a5:ad:05:18:6b:7c:cf:6b:d3:1b:
02:73:ed:b3:8c:66:2f:6e:8f:73:e0:9b:6a:ca:ef:f1:dd:66:
f6:28:1b:0f:b7:8f:d8:e1:99:58:a3:9f:1c:74:14:4d:62:cf:
fe:d5:03:57:21:ec:d7:a8:86:96:8f:b3:c7:6c:e4:61:58:16:
dc:ab:24:0a:60:ea:f8:04:c1:c6:29:81:00:8b:3a:74:1d:8d:
d1:1b:f1:5e:90:99:c1:ec:df:ae:8b:65:d2:9a:ad:0e:c4:37:
3a:9e:a8:41:63:ba:ad:04:1c:2f:a5:ff:d1:4a:ad:34:18:e0:
ca:13:36:87:19:18:92:fa:b1:d8:bd:ea:de:c1:ea:1f:2b:f3:
87:dd:e4:2e:af:c6:9f:6f:09:05:53:aa:7a:ac:7f:23:be:44:
b2:b8:eb:a0:f0:a5:7e:3f:8e:4f:9f:86:ae:5f:f6:86:a9:11:
50:b2:89:55:85:2b:ba:6c:2d:c8:b5:69:71:05:dc:3b:33:e5:
57:5b:cb:9e:28:32:99:89:ca:71:ac:a1:b0:72:e6:77:a6:67:
16:68:2f:81
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICM3IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgw
NDIyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ2RUE5NjNFNEUxODdG
QzlENEZCRTM3M0M5NTM3MDgwQzIyRTdGQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChIM+LbfYgwmtihovKtotetylCG2OUyHRT3TmT5dqJ5k74pUk8
h2J7c3w9LxaaYI1cJO6umSaURK3aYy/QpFDeK3RMCZ/m2JTEvHxuZSJ38BDzyewf
0eBNGELtzpvV/ekDryG7//csEmhlAPLp8afIQfSAmV0bS6n1u2C9x1G5enYK+Xqg
1HOlXnC8n51BDmeJHMsHHqthbPjDT7jLr4H9+483FhioDUcOk9x/Hbf6PX0u6A4h
unIZHH+bAPfZtMzM4ejZLfjdlfAaFBeQHXcVzbXkhsEBg8z0fGzlH9y5AnhsZKrQ
qVvQrk0jPnMMeXkhRh5dlQD6eXawrzRI1PlhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU1uqWPk4Yf8nU++NzyVNwgMIuf6UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzF1cVdQazRZZjhuVS0t
Tnp5Vk53Z01JdWY2VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAqsynOekgK1r3AyNCM7rwRsR7lPR26kBP
HJ0YdZnk0qWx/O/r3aNhypDYehylrQUYa3zPa9MbAnPts4xmL26Pc+Cbasrv8d1m
9igbD7eP2OGZWKOfHHQUTWLP/tUDVyHs16iGlo+zx2zkYVgW3KskCmDq+ATBximB
AIs6dB2N0RvxXpCZwezfrotl0pqtDsQ3Op6oQWO6rQQcL6X/0UqtNBjgyhM2hxkY
kvqx2L3q3sHqHyvzh93kLq/Gn28JBVOqeqx/I75EsrjroPClfj+OT5+Grl/2hqkR
ULKJVYUrumwtyLVpcQXcOzPlV1vLnigymYnKcayhsHLmd6ZnFmgvgQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:14 2025 by rpki-client