Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3ZvGytdzSK4kRYsT-G3Q03USZGA.roa
File: 3ZvGytdzSK4kRYsT-G3Q03USZGA.roa (raw, json)
Hash identifier: EmEXga7/IJ7y4lj4xq8UxvI3vRPCE9rUpE4gWuxUG54=
Subject key identifier: DD:9B:C6:CA:D7:73:48:AE:24:45:8B:13:F8:6D:D0:D3:75:12:64:60
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3332
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3ZvGytdzSK4kRYsT-G3Q03USZGA.roa
Signing time: Wed 27 Mar 2024 20:22:02 +0000
ROA not before: Wed 27 Mar 2024 20:22:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13106 (0x3332)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 20:22:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DD9BC6CAD77348AE24458B13F86DD0D375126460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:55:55:ba:7a:be:1b:21:75:aa:7e:be:1c:ea:
41:3f:bd:74:23:bd:2a:11:6e:e2:b0:45:3a:0e:77:
60:14:46:88:d3:c6:12:0a:ed:53:e1:5d:1a:38:11:
71:2f:81:32:99:02:5e:6e:ef:b8:fa:b7:53:a5:aa:
f6:6b:e2:0f:08:9a:3d:01:cf:4f:e9:48:1e:58:be:
f2:06:54:33:7a:92:f1:72:e1:0d:ad:dd:f9:5e:89:
11:8a:b1:e1:a3:14:93:2d:13:dc:62:de:64:f1:38:
c3:18:39:ab:e0:6f:c6:4b:09:dc:c5:d4:4d:aa:7e:
d2:9d:e0:4f:13:1a:68:b8:b9:3e:27:d0:e1:38:69:
ed:60:bf:6e:fd:43:a0:57:70:a1:a0:52:6f:11:98:
5c:7e:3d:2c:85:ed:18:9d:8e:6a:26:2a:1c:af:b5:
cf:8c:0b:64:fa:fd:ba:66:86:62:ee:44:50:14:d4:
a2:b9:74:8d:8e:3f:b3:9f:d7:ce:b8:89:ed:13:15:
fd:de:dd:2a:c8:40:7b:d6:29:c8:aa:c8:01:85:a3:
02:a3:8a:9c:0c:39:4c:52:dd:51:c5:e8:13:d7:19:
28:c4:0d:11:ec:51:6c:d0:97:de:e6:8d:35:53:32:
9e:e2:85:7a:71:b5:ba:bb:64:d3:d9:a9:93:34:dd:
79:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9B:C6:CA:D7:73:48:AE:24:45:8B:13:F8:6D:D0:D3:75:12:64:60
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3ZvGytdzSK4kRYsT-G3Q03USZGA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:10:a1:35:b8:df:d3:00:4e:19:fe:00:de:ef:c9:79:fc:54:
06:a0:5e:ca:4c:a5:de:42:dd:1e:16:00:58:44:20:49:a7:5e:
1d:70:ce:f3:c9:c5:6b:05:dc:6a:1b:44:76:57:fb:08:45:6f:
fd:1b:37:a4:0c:b0:f0:2b:1e:53:85:ba:b8:0d:89:19:dc:9a:
1e:7b:95:c8:43:29:ae:4e:de:93:d5:8c:3e:7d:94:93:1a:6a:
84:9b:c0:65:5f:cc:d3:68:01:34:d4:2d:40:ca:5c:17:58:be:
df:2a:e4:98:04:da:b8:dd:5b:6c:bf:69:ce:2d:3f:c3:7f:39:
a8:da:5e:28:a9:97:fd:07:7b:f2:24:02:8f:31:a3:5d:06:8a:
66:71:47:80:55:a5:62:1f:a6:f9:d4:71:37:bb:d9:0d:14:46:
19:f4:45:55:38:37:da:a2:8e:0e:ba:75:6c:9c:97:2a:74:f6:
21:b0:cf:1b:90:d4:f5:5e:c1:2a:c6:02:cb:38:56:89:3d:e0:
62:13:e4:c7:97:78:8b:81:34:d4:be:14:f5:44:03:bb:d5:62:
73:26:e8:e7:ec:ea:57:ec:0d:a6:26:15:08:11:ba:2a:00:25:
62:41:d1:84:6a:c2:4f:8f:c7:d2:74:8e:5a:6c:d9:3e:4b:4d:
90:a4:42:c6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICMzIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcy
MDIyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEREOUJDNkNBRDc3MzQ4
QUUyNDQ1OEIxM0Y4NkREMEQzNzUxMjY0NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwVVW6er4bIXWqfr4c6kE/vXQjvSoRbuKwRToOd2AURojTxhIK
7VPhXRo4EXEvgTKZAl5u77j6t1OlqvZr4g8Imj0Bz0/pSB5YvvIGVDN6kvFy4Q2t
3fleiRGKseGjFJMtE9xi3mTxOMMYOavgb8ZLCdzF1E2qftKd4E8TGmi4uT4n0OE4
ae1gv279Q6BXcKGgUm8RmFx+PSyF7RidjmomKhyvtc+MC2T6/bpmhmLuRFAU1KK5
dI2OP7Of1864ie0TFf3e3SrIQHvWKciqyAGFowKjipwMOUxS3VHF6BPXGSjEDRHs
UWzQl97mjTVTMp7ihXpxtbq7ZNPZqZM03XkRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU3ZvGytdzSK4kRYsT+G3Q03USZGAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNadkd5dGR6U0s0a1JZ
c1QtRzNRMDNVU1pHQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAjhChNbjf0wBOGf4A3u/JefxUBqBeykyl
3kLdHhYAWEQgSadeHXDO88nFawXcahtEdlf7CEVv/Rs3pAyw8CseU4W6uA2JGdya
HnuVyEMprk7ek9WMPn2UkxpqhJvAZV/M02gBNNQtQMpcF1i+3yrkmATauN1bbL9p
zi0/w385qNpeKKmX/Qd78iQCjzGjXQaKZnFHgFWlYh+m+dRxN7vZDRRGGfRFVTg3
2qKODrp1bJyXKnT2IbDPG5DU9V7BKsYCyzhWiT3gYhPkx5d4i4E01L4U9UQDu9Vi
cybo5+zqV+wNpiYVCBG6KgAlYkHRhGrCT4/H0nSOWmzZPktNkKRCxg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:39 2025 by rpki-client