Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7Um5m7f6YsYb64Xwfsbj7g8ACoY.roa
File: 7Um5m7f6YsYb64Xwfsbj7g8ACoY.roa (raw, json)
Hash identifier: g3byvAxdXDL85k5DWR6qZ3+qZtSD1Z1EtQlolrtuDxQ=
Subject key identifier: ED:49:B9:9B:B7:FA:62:C6:1B:EB:85:F0:7E:C6:E3:EE:0F:00:0A:86
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B12
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7Um5m7f6YsYb64Xwfsbj7g8ACoY.roa
Signing time: Sun 28 Apr 2024 16:23:26 +0000
ROA not before: Sun 28 Apr 2024 16:23:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19218 (0x4b12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 16:23:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ED49B99BB7FA62C61BEB85F07EC6E3EE0F000A86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e3:04:3c:4f:4e:84:6e:14:b1:ac:a0:8d:65:
3c:4b:5e:1d:fb:3e:65:cc:7c:f2:a3:3d:0a:4a:56:
0d:b7:43:f6:5c:ad:70:f9:81:63:63:cb:83:2b:35:
1e:94:a5:35:d5:d4:d2:d6:a1:25:dd:66:b4:4f:84:
24:81:3a:71:e4:27:10:2e:3b:9d:f9:89:ba:b2:65:
77:c5:ef:71:57:76:f2:5b:ef:6c:f1:cc:b4:47:50:
74:df:2c:82:92:97:97:3f:16:50:60:b7:a7:8c:e7:
e4:24:1d:75:8a:15:69:fa:6c:6e:72:06:ff:46:a6:
e4:26:8a:38:99:01:8a:1b:d7:b3:84:25:5c:a1:4f:
dc:9a:4c:5b:1f:fd:21:30:71:96:12:54:c1:17:4c:
5b:ea:e8:c8:fd:3f:20:dc:1c:33:0b:d4:e8:e4:a7:
bc:45:79:5d:d1:9d:1d:29:18:05:e9:59:a6:27:ac:
c9:73:38:86:7a:c7:16:59:95:8a:e0:fa:9f:61:cd:
d9:a2:66:4f:dc:0b:b4:91:24:50:00:21:09:a1:5f:
ee:d3:27:ff:61:e8:d0:e6:f1:ce:81:4e:00:ac:da:
75:c0:10:fc:8c:f9:f4:23:72:01:da:40:59:14:c7:
3b:35:a0:68:dd:4d:d2:9d:bf:3c:77:38:7b:9d:44:
cd:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:49:B9:9B:B7:FA:62:C6:1B:EB:85:F0:7E:C6:E3:EE:0F:00:0A:86
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7Um5m7f6YsYb64Xwfsbj7g8ACoY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:28:97:04:cc:74:7c:24:e1:cd:a1:fb:ee:e0:e1:03:7d:57:
00:41:83:b0:76:19:f5:bb:b3:25:cb:40:39:8e:15:a2:b4:ce:
08:5d:ce:96:2e:4b:3e:1a:c5:27:0c:14:47:93:93:ee:88:2c:
b1:01:15:5e:a3:22:18:73:d0:21:25:b8:da:78:d7:96:58:ec:
c5:4a:3f:07:27:c5:39:3d:8c:e3:59:93:9b:b0:28:c7:bb:c0:
04:4a:59:36:7a:24:6d:60:f5:77:5d:88:d6:50:ca:5c:14:ad:
e0:08:80:4b:1c:af:2a:b4:a4:e9:95:e4:78:de:7d:52:92:78:
37:0c:8e:47:80:eb:39:9b:f5:e4:d4:92:f5:f1:08:6b:a7:25:
e8:d5:9d:8f:db:e1:f2:62:27:a3:7e:d8:d0:eb:ae:dc:71:6b:
3a:31:69:4d:f2:96:5d:9c:a5:08:42:ce:6b:23:ef:0d:6e:96:
13:3a:71:a8:58:fb:a7:37:1c:51:1b:74:3c:e8:e6:73:60:8a:
9c:74:ac:f4:03:83:5d:cf:76:ad:54:ba:38:b5:3a:48:2a:d7:
bb:23:76:a7:b2:dc:75:72:ed:a9:d1:bc:d6:90:1b:f4:6b:24:
ee:a2:c5:2c:f5:c2:9d:5b:5f:82:67:02:1c:76:69:3b:2f:c4:
f6:b5:4e:7b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSxIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
NjIzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVENDlCOTlCQjdGQTYy
QzYxQkVCODVGMDdFQzZFM0VFMEYwMDBBODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC44wQ8T06EbhSxrKCNZTxLXh37PmXMfPKjPQpKVg23Q/ZcrXD5
gWNjy4MrNR6UpTXV1NLWoSXdZrRPhCSBOnHkJxAuO535ibqyZXfF73FXdvJb72zx
zLRHUHTfLIKSl5c/FlBgt6eM5+QkHXWKFWn6bG5yBv9GpuQmijiZAYob17OEJVyh
T9yaTFsf/SEwcZYSVMEXTFvq6Mj9PyDcHDML1Ojkp7xFeV3RnR0pGAXpWaYnrMlz
OIZ6xxZZlYrg+p9hzdmiZk/cC7SRJFAAIQmhX+7TJ/9h6NDm8c6BTgCs2nXAEPyM
+fQjcgHaQFkUxzs1oGjdTdKdvzx3OHudRM15AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU7Um5m7f6YsYb64Xwfsbj7g8ACoYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdVbTVtN2Y2WXNZYjY0
WHdmc2JqN2c4QUNvWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAXSiXBMx0fCThzaH77uDhA31XAEGDsHYZ
9buzJctAOY4VorTOCF3Oli5LPhrFJwwUR5OT7ogssQEVXqMiGHPQISW42njXlljs
xUo/ByfFOT2M41mTm7Aox7vABEpZNnokbWD1d12I1lDKXBSt4AiASxyvKrSk6ZXk
eN59UpJ4NwyOR4DrOZv15NSS9fEIa6cl6NWdj9vh8mIno37Y0Ouu3HFrOjFpTfKW
XZylCELOayPvDW6WEzpxqFj7pzccURt0POjmc2CKnHSs9AODXc92rVS6OLU6SCrX
uyN2p7LcdXLtqdG81pAb9Gsk7qLFLPXCnVtfgmcCHHZpOy/E9rVOew==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:06 2025 by rpki-client