Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4-5hLf_OnkPrHOERZI6GJ3SS2sA.roa
File: 4-5hLf_OnkPrHOERZI6GJ3SS2sA.roa (raw, json)
Hash identifier: IJ4uSoRsKGwuQxtrJoX45RF+hz7ykQm7rIoOY5Dx1B0=
Subject key identifier: E3:EE:61:2D:FF:CE:9E:43:EB:1C:E1:11:64:8E:86:27:74:92:DA:C0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4EF6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4-5hLf_OnkPrHOERZI6GJ3SS2sA.roa
Signing time: Fri 03 May 2024 20:53:47 +0000
ROA not before: Fri 03 May 2024 20:53:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20214 (0x4ef6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 20:53:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E3EE612DFFCE9E43EB1CE111648E86277492DAC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4a:6f:07:b5:db:af:92:87:b0:16:5a:57:ef:
5c:82:15:42:2b:7d:41:6e:17:f9:ad:2e:cb:82:41:
42:dd:8c:9f:54:f5:9d:bd:31:a9:6d:1a:38:b6:95:
81:57:d7:b6:32:da:4a:7c:ab:12:ad:9e:74:51:90:
9a:fa:67:b0:6d:e3:24:d0:e1:7e:59:a9:7a:d6:fc:
3b:5f:84:35:40:89:20:b6:8d:d6:9b:ca:26:ba:44:
19:95:0a:ec:70:07:26:85:61:9b:fa:88:34:c8:41:
fb:c1:1a:a5:8e:7c:65:0f:f7:f5:fb:34:38:bc:0f:
e6:ee:9a:55:9b:dd:b3:e0:bc:ae:b1:c4:f8:59:ff:
96:94:2a:55:dd:1c:eb:18:bd:25:c8:eb:dc:dc:ba:
a6:3b:b0:f0:d7:cd:97:99:8d:c9:dd:31:96:6c:45:
8c:6d:c3:22:12:ec:fe:5a:b9:62:6c:75:44:e3:ec:
71:24:db:30:03:ad:e4:1b:04:24:e9:75:5d:49:5c:
fc:a2:f7:9f:43:ec:d0:7f:16:3a:c8:88:00:2a:68:
f8:60:09:2e:0f:1d:0b:07:f1:5f:34:aa:ab:d6:02:
b4:2e:10:7e:a5:36:fa:3b:b5:21:8b:2d:d8:9f:84:
9b:80:25:f1:91:49:fb:9e:69:b5:23:52:b0:5c:31:
d8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:EE:61:2D:FF:CE:9E:43:EB:1C:E1:11:64:8E:86:27:74:92:DA:C0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4-5hLf_OnkPrHOERZI6GJ3SS2sA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:23:25:d8:09:77:97:d6:91:c6:2e:7c:0b:8d:01:54:af:04:
db:a0:f9:3d:d0:62:44:69:6d:13:94:b2:96:e8:6b:65:91:91:
58:54:2a:24:d3:43:7b:11:ee:4f:46:92:1e:d3:27:c5:b7:69:
df:6e:41:8d:4b:5d:f1:5e:c4:ff:f5:2f:42:d7:f0:57:4d:d1:
d6:1d:a9:b9:35:95:1b:c8:3c:54:27:7e:b7:43:b5:72:f9:34:
f9:ca:1d:29:78:c8:94:a1:9f:08:7c:a6:3c:37:12:3a:af:29:
26:1a:f5:9a:b1:45:3f:32:f0:6c:6f:bf:c0:bc:6e:29:25:a0:
05:30:f5:fe:80:30:ea:29:92:9b:3b:64:4a:80:dc:51:52:49:
94:39:55:7f:e7:6c:e1:a6:75:d7:de:7a:8d:cd:09:a0:03:dd:
9c:40:b2:4d:dd:bb:03:88:9a:6f:2f:2a:8b:24:95:19:4b:9c:
97:3c:27:a9:04:65:b5:89:30:b5:6d:55:43:36:15:46:e1:88:
33:3c:4c:fe:84:c2:b1:80:63:8d:3d:a2:c5:11:cd:4f:21:bb:
64:6c:ef:4b:26:a3:9f:d9:81:99:4a:2a:ef:88:28:bd:4a:bc:
48:e7:75:02:49:e3:1b:e5:97:0a:06:fa:59:3a:44:07:8e:57:
d6:c6:02:2d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTvYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMy
MDUzNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUzRUU2MTJERkZDRTlF
NDNFQjFDRTExMTY0OEU4NjI3NzQ5MkRBQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkSm8HtduvkoewFlpX71yCFUIrfUFuF/mtLsuCQULdjJ9U9Z29
MaltGji2lYFX17Yy2kp8qxKtnnRRkJr6Z7Bt4yTQ4X5ZqXrW/DtfhDVAiSC2jdab
yia6RBmVCuxwByaFYZv6iDTIQfvBGqWOfGUP9/X7NDi8D+bumlWb3bPgvK6xxPhZ
/5aUKlXdHOsYvSXI69zcuqY7sPDXzZeZjcndMZZsRYxtwyIS7P5auWJsdUTj7HEk
2zADreQbBCTpdV1JXPyi959D7NB/FjrIiAAqaPhgCS4PHQsH8V80qqvWArQuEH6l
Nvo7tSGLLdifhJuAJfGRSfueabUjUrBcMdjjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU4+5hLf/OnkPrHOERZI6GJ3SS2sAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzQtNWhMZl9PbmtQckhP
RVJaSTZHSjNTUzJzQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEACCMl2Al3l9aRxi58C40BVK8E26D5PdBi
RGltE5SyluhrZZGRWFQqJNNDexHuT0aSHtMnxbdp325BjUtd8V7E//UvQtfwV03R
1h2puTWVG8g8VCd+t0O1cvk0+codKXjIlKGfCHymPDcSOq8pJhr1mrFFPzLwbG+/
wLxuKSWgBTD1/oAw6imSmztkSoDcUVJJlDlVf+ds4aZ11956jc0JoAPdnECyTd27
A4iaby8qiySVGUuclzwnqQRltYkwtW1VQzYVRuGIMzxM/oTCsYBjjT2ixRHNTyG7
ZGzvSyajn9mBmUoq74govUq8SOd1AknjG+WXCgb6WTpEB45X1sYCLQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:15 2025 by rpki-client