Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3tOm1_XqnBTAnuVE6BslzgkXoBw.roa
File: 3tOm1_XqnBTAnuVE6BslzgkXoBw.roa (raw, json)
Hash identifier: DVEzHJSlQRKpW5eUsAj+CyX4Ia0YeqHasJ0NASB4kTs=
Subject key identifier: DE:D3:A6:D7:F5:EA:9C:14:C0:9E:E5:44:E8:1B:25:CE:09:17:A0:1C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4366
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3tOm1_XqnBTAnuVE6BslzgkXoBw.roa
Signing time: Thu 18 Apr 2024 10:52:59 +0000
ROA not before: Thu 18 Apr 2024 10:52:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17254 (0x4366)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 10:52:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DED3A6D7F5EA9C14C09EE544E81B25CE0917A01C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b5:a1:b2:e0:e1:33:da:01:a6:a1:2d:f1:92:
e0:60:9d:40:4f:fa:4d:e1:b2:eb:dd:24:0b:55:e0:
0d:67:c0:9a:ff:b9:f2:f6:11:30:12:13:db:ef:2c:
ea:f6:80:c7:e0:d2:e7:ad:da:e0:6d:a2:9d:17:1a:
1d:88:c4:05:f2:1b:10:16:1a:28:4c:14:58:97:85:
cb:a1:76:64:4f:81:5d:1a:d0:cf:b0:2c:a4:a3:91:
50:d0:93:33:8e:e5:23:75:e7:cb:c2:44:7d:32:fc:
56:9b:72:3a:62:ca:2d:93:21:d6:f2:73:21:62:f1:
f6:6d:1c:eb:a9:6f:8f:43:b3:de:b2:7d:e4:24:f7:
f6:8c:a5:ba:3c:5e:f7:15:75:ed:7e:b2:fa:ff:41:
8a:7e:10:c6:63:db:e1:92:87:9e:c4:79:1e:bf:29:
34:21:92:20:b8:2f:7f:df:07:a0:5b:b4:a1:eb:1c:
8e:93:ee:08:23:17:11:75:ea:59:9e:eb:1f:af:6f:
6c:e1:c7:6c:d1:97:fd:3e:ff:ca:e8:c7:d4:a4:88:
f9:45:bb:6e:5e:36:df:53:bc:34:6f:ea:7f:65:2d:
19:60:05:62:82:09:03:de:7c:93:58:bf:ce:93:ed:
60:43:60:22:ac:13:07:78:f2:74:e2:15:d1:1e:94:
bd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D3:A6:D7:F5:EA:9C:14:C0:9E:E5:44:E8:1B:25:CE:09:17:A0:1C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3tOm1_XqnBTAnuVE6BslzgkXoBw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:04:15:cc:2c:b8:b8:03:80:b1:17:5f:c0:26:63:c7:3b:05:
dc:16:59:a9:63:68:c5:88:85:46:35:93:02:8e:40:66:7a:8b:
21:d9:86:1e:a0:53:63:3c:8f:0b:f7:d9:75:7f:02:3f:04:b3:
b4:b7:12:ff:a2:7e:6d:96:d3:b2:c8:35:48:94:c7:c6:35:1b:
44:01:15:8c:7f:7c:b0:81:58:83:d1:79:4f:ef:c2:60:e1:59:
02:ae:ae:76:21:fc:bb:93:31:08:5d:c3:a5:92:62:a8:f6:c3:
39:4b:5b:7a:12:b4:15:e5:b7:8d:22:21:4f:39:09:78:b1:cc:
45:43:d9:ed:17:2d:d0:6e:af:30:5e:bd:e6:be:99:13:b2:65:
99:d3:7f:d5:f0:7a:85:e3:99:76:81:78:df:56:05:0d:0a:1b:
0e:6f:b3:af:ea:83:5b:3f:26:5e:b9:80:e6:36:04:66:36:24:
0b:24:3e:ed:fb:c7:89:7b:31:71:14:fc:7e:36:f2:29:be:2a:
8f:b3:04:97:e0:70:6b:13:16:af:f6:54:7f:1b:74:61:3a:18:
c6:b3:7c:02:c7:dc:6b:8d:63:3f:cb:67:ae:e7:7c:fe:c9:29:
98:63:5b:d8:26:92:0a:af:d6:2b:96:95:b9:a4:77:f5:95:7a:
f1:65:03:93
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ2YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
MDUyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERFRDNBNkQ3RjVFQTlD
MTRDMDlFRTU0NEU4MUIyNUNFMDkxN0EwMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCataGy4OEz2gGmoS3xkuBgnUBP+k3hsuvdJAtV4A1nwJr/ufL2
ETASE9vvLOr2gMfg0uet2uBtop0XGh2IxAXyGxAWGihMFFiXhcuhdmRPgV0a0M+w
LKSjkVDQkzOO5SN158vCRH0y/Fabcjpiyi2TIdbycyFi8fZtHOupb49Ds96yfeQk
9/aMpbo8XvcVde1+svr/QYp+EMZj2+GSh57EeR6/KTQhkiC4L3/fB6BbtKHrHI6T
7ggjFxF16lme6x+vb2zhx2zRl/0+/8rox9SkiPlFu25eNt9TvDRv6n9lLRlgBWKC
CQPefJNYv86T7WBDYCKsEwd48nTiFdEelL2pAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU3tOm1/XqnBTAnuVE6BslzgkXoBwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzN0T20xX1hxbkJUQW51
VkU2QnNsemdrWG9Cdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAjQQVzCy4uAOAsRdfwCZjxzsF3BZZqWNo
xYiFRjWTAo5AZnqLIdmGHqBTYzyPC/fZdX8CPwSztLcS/6J+bZbTssg1SJTHxjUb
RAEVjH98sIFYg9F5T+/CYOFZAq6udiH8u5MxCF3DpZJiqPbDOUtbehK0FeW3jSIh
TzkJeLHMRUPZ7Rct0G6vMF695r6ZE7JlmdN/1fB6heOZdoF431YFDQobDm+zr+qD
Wz8mXrmA5jYEZjYkCyQ+7fvHiXsxcRT8fjbyKb4qj7MEl+BwaxMWr/ZUfxt0YToY
xrN8Asfca41jP8tnrud8/skpmGNb2CaSCq/WK5aVuaR39ZV68WUDkw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:41 2025 by rpki-client