Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2DxSU3-LbfoZu0LG17VYS79Txc0.roa
File: 2DxSU3-LbfoZu0LG17VYS79Txc0.roa (raw, json)
Hash identifier: 6NPs8MESuhOhU6b5h5O5DFc7PUTHlX1fexSaBDDjZ8s=
Subject key identifier: D8:3C:52:53:7F:8B:6D:FA:19:BB:42:C6:D7:B5:58:4B:BF:53:C5:CD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DAA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2DxSU3-LbfoZu0LG17VYS79Txc0.roa
Signing time: Wed 10 Apr 2024 19:22:42 +0000
ROA not before: Wed 10 Apr 2024 19:22:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15786 (0x3daa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 19:22:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D83C52537F8B6DFA19BB42C6D7B5584BBF53C5CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c7:dd:0e:40:34:20:6c:c5:6a:3e:2c:f6:b9:
78:49:28:2d:a4:af:23:4d:00:f5:c5:9e:1c:42:6d:
fa:58:e4:90:1c:ea:d3:c3:78:b4:60:1d:5c:23:6c:
6c:f1:78:10:74:f6:8b:e9:59:42:9c:0a:98:7d:24:
eb:fa:c3:cc:b1:09:12:51:2f:8b:9b:b2:c0:e6:65:
83:d4:13:a2:4d:e2:24:78:10:6f:7f:3e:09:1c:09:
d3:9f:c7:9b:ea:99:79:a7:15:6e:40:7a:c3:96:c8:
6f:f8:94:6d:1f:8a:69:ba:ca:04:c6:95:dc:ae:b6:
bc:5e:b2:35:1d:16:be:a2:e5:27:7f:9c:90:89:4c:
da:6b:d3:6b:d8:79:1d:cd:ca:5f:9d:7a:da:ab:c5:
44:c0:97:d7:f5:47:93:98:45:fc:66:74:e6:54:46:
2c:32:6e:22:34:00:0c:ba:47:75:d6:e1:e1:3e:21:
96:64:3e:1b:61:e5:cd:e0:68:eb:48:06:ea:c8:7d:
17:0f:ec:5a:c5:20:2d:14:a4:8c:98:7f:10:b4:90:
98:29:48:d5:c5:6c:bd:07:cb:f7:dd:eb:e0:06:f6:
c9:52:8b:89:90:05:5b:3b:a7:07:bb:05:06:52:70:
31:25:e0:1e:91:bf:c2:ec:f0:04:27:36:cb:c4:aa:
fb:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3C:52:53:7F:8B:6D:FA:19:BB:42:C6:D7:B5:58:4B:BF:53:C5:CD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2DxSU3-LbfoZu0LG17VYS79Txc0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:3e:cc:95:20:05:68:a6:88:ed:2d:b9:4b:d6:c2:10:6f:7c:
6b:c9:44:c6:13:47:be:68:bc:aa:f6:f8:21:0d:a6:74:9d:26:
b8:c4:60:4c:a2:97:1a:d1:39:8b:d9:e9:41:28:55:3d:75:51:
a7:56:fd:73:3e:c7:f0:6c:75:50:81:d2:14:ac:a9:00:3a:94:
1e:66:0a:f0:7a:6a:66:01:6f:ab:06:ca:12:ed:c0:60:7c:c8:
ef:1e:fe:31:70:63:e6:4e:1c:d2:c8:5b:eb:a2:ed:e6:8c:23:
80:9b:ae:4a:c5:94:95:7e:45:67:2b:05:3b:db:c9:61:93:2c:
73:b8:80:76:1e:4c:ee:af:c8:3d:36:a9:75:ca:70:5b:10:cc:
ba:e4:57:65:87:2d:29:77:a5:31:c8:06:55:85:79:2b:8a:4f:
1b:62:4b:85:ec:22:24:f1:44:13:04:18:cf:4c:9f:eb:02:cc:
4c:23:87:45:c1:64:2d:6f:d2:ca:cd:c8:be:1e:ae:a3:e8:b8:
04:4e:e1:86:db:36:4d:ba:1f:c3:77:dd:e2:8d:e8:1b:73:a2:
b6:05:0d:b3:c3:1e:d9:64:0e:9a:f4:d8:82:71:4b:9f:59:11:
2d:14:40:d0:d1:99:82:f6:92:64:63:87:55:f2:2f:8a:b4:93:
03:b3:28:4c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPaowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAx
OTIyNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ4M0M1MjUzN0Y4QjZE
RkExOUJCNDJDNkQ3QjU1ODRCQkY1M0M1Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjx90OQDQgbMVqPiz2uXhJKC2kryNNAPXFnhxCbfpY5JAc6tPD
eLRgHVwjbGzxeBB09ovpWUKcCph9JOv6w8yxCRJRL4ubssDmZYPUE6JN4iR4EG9/
PgkcCdOfx5vqmXmnFW5AesOWyG/4lG0fimm6ygTGldyutrxesjUdFr6i5Sd/nJCJ
TNpr02vYeR3Nyl+detqrxUTAl9f1R5OYRfxmdOZURiwybiI0AAy6R3XW4eE+IZZk
Phth5c3gaOtIBurIfRcP7FrFIC0UpIyYfxC0kJgpSNXFbL0Hy/fd6+AG9slSi4mQ
BVs7pwe7BQZScDEl4B6Rv8Ls8AQnNsvEqvuFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2DxSU3+LbfoZu0LG17VYS79Txc0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJEeFNVMy1MYmZvWnUw
TEcxN1ZZUzc5VHhjMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEARj7MlSAFaKaI7S25S9bCEG98a8lExhNH
vmi8qvb4IQ2mdJ0muMRgTKKXGtE5i9npQShVPXVRp1b9cz7H8Gx1UIHSFKypADqU
HmYK8HpqZgFvqwbKEu3AYHzI7x7+MXBj5k4c0shb66Lt5owjgJuuSsWUlX5FZysF
O9vJYZMsc7iAdh5M7q/IPTapdcpwWxDMuuRXZYctKXelMcgGVYV5K4pPG2JLhewi
JPFEEwQYz0yf6wLMTCOHRcFkLW/Sys3Ivh6uo+i4BE7hhts2Tbofw3fd4o3oG3Oi
tgUNs8Me2WQOmvTYgnFLn1kRLRRA0NGZgvaSZGOHVfIvirSTA7MoTA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:18 2025 by rpki-client