Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4TD6oj0jq0sqCeO_4uCGZmHYZO4.roa
File: 4TD6oj0jq0sqCeO_4uCGZmHYZO4.roa (raw, json)
Hash identifier: aJImPYnHo0amArreg/KpCHHLP2abv+hUrIrVqCj/LF4=
Subject key identifier: E1:30:FA:A2:3D:23:AB:4B:2A:09:E3:BF:E2:E0:86:66:61:D8:64:EE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33CA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4TD6oj0jq0sqCeO_4uCGZmHYZO4.roa
Signing time: Thu 28 Mar 2024 15:22:29 +0000
ROA not before: Thu 28 Mar 2024 15:22:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13258 (0x33ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 15:22:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E130FAA23D23AB4B2A09E3BFE2E0866661D864EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ca:7a:c0:10:6d:51:0d:48:e3:d4:b5:e0:b9:
a3:c2:98:88:1f:7e:18:c7:f6:c1:91:b4:d3:3a:a2:
f6:c0:5b:ec:50:7e:81:0a:2f:c5:6e:4a:87:e4:d7:
93:54:64:75:dd:0f:61:64:6c:72:48:e2:f6:df:aa:
b9:6e:1e:f4:dc:04:5c:96:34:00:0f:6f:e8:27:43:
95:6d:c3:a4:4f:28:cf:ee:e1:fa:9e:db:49:64:c5:
9e:53:e7:67:db:34:bf:ad:c1:6f:49:95:32:1d:3f:
84:63:06:25:36:0e:ea:8a:3a:2b:97:fc:45:b2:ae:
04:a6:b6:ef:47:7c:a2:a7:08:ea:13:54:e3:79:05:
e5:f1:b3:e5:1a:fd:8b:da:5a:59:15:ed:77:6a:dd:
76:c8:e4:63:85:11:11:10:46:66:5f:cb:ae:7c:86:
b3:1e:a8:61:f7:1a:14:d5:46:90:fa:b2:d1:a2:cd:
57:cd:f7:b8:67:fa:a4:b9:9e:f7:18:75:f5:43:4a:
7b:e2:bf:ba:9a:30:2b:ed:12:64:76:de:a2:25:88:
80:77:a0:33:55:41:94:00:65:de:ed:42:cb:1c:42:
6e:07:d5:d7:48:7e:da:03:52:b0:ed:37:6b:7b:1f:
09:5d:36:77:89:a4:97:fe:27:6a:f1:7b:00:d2:07:
e9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:30:FA:A2:3D:23:AB:4B:2A:09:E3:BF:E2:E0:86:66:61:D8:64:EE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4TD6oj0jq0sqCeO_4uCGZmHYZO4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:1c:66:87:24:24:de:24:38:44:56:b7:dc:60:c3:e1:f0:49:
d0:4d:f4:b8:ad:70:6b:cd:c9:20:91:ad:93:8c:99:50:5a:d6:
52:b4:64:35:79:37:de:d1:6e:78:84:14:6d:f1:9e:66:16:7a:
fa:94:9d:3b:d8:8f:27:a3:d0:8c:e6:05:a4:fe:de:83:68:0f:
1d:d4:66:8f:42:c7:1f:2c:0c:f8:85:52:b5:97:51:34:af:42:
d5:30:f1:84:1c:05:68:09:d3:de:25:8d:27:7f:62:fc:2e:93:
a1:81:8b:40:f2:e7:f9:ae:f4:5b:4c:71:98:45:19:f8:65:5c:
32:de:ec:bc:cc:25:59:bc:16:fc:50:c2:3c:f6:d1:a3:4c:7c:
39:90:2f:29:3e:f7:4e:11:48:a3:bc:78:3d:e2:19:06:43:df:
d2:b9:23:ab:58:d6:8d:4b:a9:8b:27:51:ce:dd:80:e5:be:03:
03:d4:79:0b:0a:db:81:98:b9:13:aa:61:f8:78:e9:d2:bc:d1:
7b:92:00:d5:29:5a:3f:67:b9:cd:52:c5:02:2e:ad:ed:a8:56:
03:b2:a3:be:c6:a7:e3:4f:fa:d1:b5:31:e7:0a:64:4f:b8:12:
39:e6:79:cb:7d:46:98:6b:fc:6b:d8:51:2f:c8:e1:b9:e7:84:
05:d9:c2:1d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICM8owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgx
NTIyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUxMzBGQUEyM0QyM0FC
NEIyQTA5RTNCRkUyRTA4NjY2NjFEODY0RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsynrAEG1RDUjj1LXguaPCmIgffhjH9sGRtNM6ovbAW+xQfoEK
L8VuSofk15NUZHXdD2FkbHJI4vbfqrluHvTcBFyWNAAPb+gnQ5Vtw6RPKM/u4fqe
20lkxZ5T52fbNL+twW9JlTIdP4RjBiU2DuqKOiuX/EWyrgSmtu9HfKKnCOoTVON5
BeXxs+Ua/YvaWlkV7Xdq3XbI5GOFEREQRmZfy658hrMeqGH3GhTVRpD6stGizVfN
97hn+qS5nvcYdfVDSnviv7qaMCvtEmR23qIliIB3oDNVQZQAZd7tQsscQm4H1ddI
ftoDUrDtN2t7HwldNneJpJf+J2rxewDSB+mTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU4TD6oj0jq0sqCeO/4uCGZmHYZO4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRURDZvajBqcTBzcUNl
T180dUNHWm1IWVpPNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEARRxmhyQk3iQ4RFa33GDD4fBJ0E30uK1w
a83JIJGtk4yZUFrWUrRkNXk33tFueIQUbfGeZhZ6+pSdO9iPJ6PQjOYFpP7eg2gP
HdRmj0LHHywM+IVStZdRNK9C1TDxhBwFaAnT3iWNJ39i/C6ToYGLQPLn+a70W0xx
mEUZ+GVcMt7svMwlWbwW/FDCPPbRo0x8OZAvKT73ThFIo7x4PeIZBkPf0rkjq1jW
jUupiydRzt2A5b4DA9R5CwrbgZi5E6ph+Hjp0rzRe5IA1SlaP2e5zVLFAi6t7ahW
A7Kjvsan40/60bUx5wpkT7gSOeZ5y31GmGv8a9hRL8jhueeEBdnCHQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:24 2025 by rpki-client