Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7E4ZQj12T5JJhc5AW6JQ8uM_0Io.roa
File: 7E4ZQj12T5JJhc5AW6JQ8uM_0Io.roa (raw, json)
Hash identifier: sLjg6spLcn/Wt7PkIHco1fTVLjK5PxM0VFjKtCuj+gw=
Subject key identifier: EC:4E:19:42:3D:76:4F:92:49:85:CE:40:5B:A2:50:F2:E3:3F:D0:8A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56E2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7E4ZQj12T5JJhc5AW6JQ8uM_0Io.roa
Signing time: Tue 14 May 2024 10:24:08 +0000
ROA not before: Tue 14 May 2024 10:24:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22242 (0x56e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 10:24:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EC4E19423D764F924985CE405BA250F2E33FD08A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:99:a6:fd:32:b9:be:1b:5a:26:d8:ec:5e:29:
fe:35:be:0d:c6:18:d6:46:fb:15:64:a7:d4:76:1a:
8a:d7:89:19:7d:bd:fd:bc:d0:94:db:52:2e:08:91:
d7:18:e0:1c:89:bc:8a:45:3b:e7:fd:68:6b:70:0e:
c3:e0:38:fd:8d:30:6c:d7:d8:29:b3:d0:be:80:5b:
dd:94:fe:34:05:0d:32:fc:75:a4:0d:e3:f1:2b:29:
44:e3:6f:6d:c4:fc:d3:44:87:22:1e:a0:7d:3e:ea:
46:57:03:6a:54:a9:82:a3:94:38:49:fe:aa:84:44:
36:91:69:7c:3d:a1:57:3c:ad:c4:c8:34:8f:0f:36:
7c:61:27:33:1d:17:37:00:4d:ec:43:17:20:00:25:
a6:a9:75:2e:9d:77:bf:57:a2:ae:a9:1e:6e:5b:08:
ea:cd:63:8f:5d:12:7f:79:1c:b3:0a:9f:73:f1:7d:
75:6b:82:36:7f:1e:ad:1b:86:1e:5f:11:65:81:fd:
d6:52:ea:45:7a:65:da:29:3a:ac:d5:8e:4a:4c:63:
e3:9e:72:fe:1c:2b:2f:c8:0f:c9:aa:6c:ef:6c:ad:
b5:b4:66:48:92:0e:68:93:88:71:64:80:ab:d7:e8:
d9:f4:aa:e1:3c:43:2a:97:a2:b1:b0:ca:f7:f8:79:
c2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:4E:19:42:3D:76:4F:92:49:85:CE:40:5B:A2:50:F2:E3:3F:D0:8A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7E4ZQj12T5JJhc5AW6JQ8uM_0Io.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:36:a4:fe:b8:6f:b2:df:e0:51:5d:b5:bd:7f:70:7b:0e:93:
0a:8f:21:f8:79:d7:04:fa:5d:fb:d2:cf:f4:eb:b7:b3:5f:7f:
c8:3e:76:61:e2:ff:85:e0:0d:1f:d9:55:67:bd:49:47:fd:9b:
87:cf:e0:6b:61:d0:15:a7:43:3b:23:3f:dd:33:43:0c:7f:82:
83:6e:16:8e:5f:1b:e0:8c:49:72:06:42:c5:8b:5a:9f:40:03:
8f:9a:0a:aa:ee:f9:04:7d:4a:05:62:fc:50:73:1d:1e:fd:cf:
67:bb:1b:ca:15:a3:51:f3:4b:16:f6:8e:b6:02:5f:13:3c:6b:
9c:79:d6:0a:5c:48:1a:b6:7b:54:ea:a4:67:c9:ec:67:5c:00:
d2:f9:eb:4c:60:91:93:0d:f9:9b:1f:09:1b:cb:ee:fe:5a:b8:
05:8b:d8:b0:f5:58:f4:6e:bb:95:e3:d8:80:58:01:28:29:e9:
2e:c9:ef:5a:21:4e:a7:ca:e1:87:a6:50:37:85:96:d7:3b:21:
32:1c:1e:2f:c3:9b:92:c5:55:3d:59:d8:77:dd:f0:a6:f7:7e:
8f:6a:cc:e5:b8:be:14:35:ac:6f:f8:cb:13:e8:78:00:bb:f3:
22:ad:48:50:7a:6d:4d:2c:f1:1d:cd:c5:3f:b2:fb:98:2d:6a:
49:83:60:d1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVuIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQx
MDI0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVDNEUxOTQyM0Q3NjRG
OTI0OTg1Q0U0MDVCQTI1MEYyRTMzRkQwOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWmab9Mrm+G1om2OxeKf41vg3GGNZG+xVkp9R2GorXiRl9vf28
0JTbUi4IkdcY4ByJvIpFO+f9aGtwDsPgOP2NMGzX2Cmz0L6AW92U/jQFDTL8daQN
4/ErKUTjb23E/NNEhyIeoH0+6kZXA2pUqYKjlDhJ/qqERDaRaXw9oVc8rcTINI8P
NnxhJzMdFzcATexDFyAAJaapdS6dd79Xoq6pHm5bCOrNY49dEn95HLMKn3PxfXVr
gjZ/Hq0bhh5fEWWB/dZS6kV6ZdopOqzVjkpMY+Oecv4cKy/ID8mqbO9srbW0ZkiS
DmiTiHFkgKvX6Nn0quE8QyqXorGwyvf4ecLLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU7E4ZQj12T5JJhc5AW6JQ8uM/0IowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdFNFpRajEyVDVKSmhj
NUFXNkpROHVNXzBJby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAhTak/rhvst/gUV21vX9wew6TCo8h+HnX
BPpd+9LP9Ou3s19/yD52YeL/heANH9lVZ71JR/2bh8/ga2HQFadDOyM/3TNDDH+C
g24Wjl8b4IxJcgZCxYtan0ADj5oKqu75BH1KBWL8UHMdHv3PZ7sbyhWjUfNLFvaO
tgJfEzxrnHnWClxIGrZ7VOqkZ8nsZ1wA0vnrTGCRkw35mx8JG8vu/lq4BYvYsPVY
9G67lePYgFgBKCnpLsnvWiFOp8rhh6ZQN4WW1zshMhweL8ObksVVPVnYd93wpvd+
j2rM5bi+FDWsb/jLE+h4ALvzIq1IUHptTSzxHc3FP7L7mC1qSYNg0Q==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:10:58 2025 by rpki-client