Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8rS1uxZmDSm2hc4ljsgkdQO56ik.roa
File: 8rS1uxZmDSm2hc4ljsgkdQO56ik.roa (raw, json)
Hash identifier: HV3bZKXc1rIoGR5oWDjwSEx2VO3p9jKrYaeJK21k/28=
Subject key identifier: F2:B4:B5:BB:16:66:0D:29:B6:85:CE:25:8E:C8:24:75:03:B9:EA:29
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4E9E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8rS1uxZmDSm2hc4ljsgkdQO56ik.roa
Signing time: Fri 03 May 2024 09:53:46 +0000
ROA not before: Fri 03 May 2024 09:53:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20126 (0x4e9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 09:53:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F2B4B5BB16660D29B685CE258EC8247503B9EA29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:3d:2e:df:2a:f6:95:86:7c:94:bc:8d:15:09:
e9:60:51:ce:2c:48:8d:16:2a:63:89:33:21:6d:59:
2e:87:97:ff:6b:ff:c6:ff:c5:9d:9b:4b:a7:04:f4:
0e:d6:fd:2f:a1:38:9e:a3:c6:22:5e:ed:4b:2b:c0:
e6:6c:fa:c8:09:2f:90:5c:ab:32:8c:b0:d7:5d:5d:
93:d6:94:e9:dd:eb:7b:65:39:5c:07:00:8f:9e:ab:
59:9c:05:eb:fa:e6:46:b1:56:f8:21:e5:fd:9c:9d:
27:1f:7c:ef:4b:50:d8:29:44:f9:78:70:df:07:9e:
e4:11:47:0f:fa:bc:84:a9:0d:84:41:2c:95:19:af:
1f:c4:d2:f3:f5:99:58:b9:dd:46:ab:a8:9d:0e:de:
e7:68:7c:1f:d1:c5:33:33:5a:38:f6:8f:b2:be:10:
ea:04:7d:04:81:07:90:19:fb:d0:b1:18:16:4b:fa:
aa:09:17:3d:b2:46:ad:eb:62:0f:13:72:62:14:34:
6e:d0:22:0d:72:f7:eb:c8:29:2f:c2:dd:49:f6:53:
46:f0:95:48:aa:f8:f7:41:8b:7e:a5:50:e1:43:9a:
99:4c:af:40:b1:d9:da:d6:ca:8b:aa:fb:4d:13:c2:
24:93:1a:9a:8b:53:8f:c5:53:8e:49:ad:62:55:30:
5e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B4:B5:BB:16:66:0D:29:B6:85:CE:25:8E:C8:24:75:03:B9:EA:29
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8rS1uxZmDSm2hc4ljsgkdQO56ik.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:fa:c1:3d:c1:03:54:81:fb:e2:70:99:71:b0:f1:d2:0b:3e:
a1:c6:55:85:73:49:32:e3:e9:93:33:cd:1c:c0:93:8f:44:96:
80:72:26:37:04:a0:1a:f6:7c:4a:f8:9b:97:6a:ac:c9:d5:f0:
aa:cf:ac:0a:c1:be:44:11:9d:f5:88:2e:a3:17:bf:97:94:6d:
5a:30:58:bd:89:00:a8:a1:b0:c8:f7:d5:4a:c2:cf:28:21:89:
d7:ca:df:c1:65:f8:1e:48:43:94:4c:7e:70:2e:0f:4a:ae:40:
81:09:86:a3:aa:eb:13:f9:d7:d4:9a:96:32:2f:a9:27:c8:bb:
a7:3e:19:3a:1b:d7:4a:1e:6b:fb:bb:81:ff:0d:2f:cc:01:be:
04:22:63:2a:54:81:df:b6:71:02:1e:b3:d7:5e:32:50:c8:f5:
92:b4:00:7f:84:79:14:1e:a8:ee:88:d9:73:92:2d:08:59:72:
90:3e:bb:94:ea:2f:6c:23:82:24:12:b6:ae:5b:52:de:b4:b7:
a9:45:1a:89:3e:87:20:4a:13:b3:e6:b2:d2:bb:82:42:33:30:
cb:d3:62:69:7c:f1:3b:16:eb:36:1f:4a:f5:5a:cd:7e:ad:04:
34:87:a6:ac:47:34:14:c2:74:15:9b:fb:2c:ad:86:c0:c4:8b:
5c:30:f7:b2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTp4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMw
OTUzNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYyQjRCNUJCMTY2NjBE
MjlCNjg1Q0UyNThFQzgyNDc1MDNCOUVBMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmPS7fKvaVhnyUvI0VCelgUc4sSI0WKmOJMyFtWS6Hl/9r/8b/
xZ2bS6cE9A7W/S+hOJ6jxiJe7UsrwOZs+sgJL5BcqzKMsNddXZPWlOnd63tlOVwH
AI+eq1mcBev65kaxVvgh5f2cnScffO9LUNgpRPl4cN8HnuQRRw/6vISpDYRBLJUZ
rx/E0vP1mVi53UarqJ0O3udofB/RxTMzWjj2j7K+EOoEfQSBB5AZ+9CxGBZL+qoJ
Fz2yRq3rYg8TcmIUNG7QIg1y9+vIKS/C3Un2U0bwlUiq+PdBi36lUOFDmplMr0Cx
2drWyouq+00TwiSTGpqLU4/FU45JrWJVMF4/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU8rS1uxZmDSm2hc4ljsgkdQO56ikwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhyUzF1eFptRFNtMmhj
NGxqc2drZFFPNTZpay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAcfrBPcEDVIH74nCZcbDx0gs+ocZVhXNJ
MuPpkzPNHMCTj0SWgHImNwSgGvZ8Svibl2qsydXwqs+sCsG+RBGd9Yguoxe/l5Rt
WjBYvYkAqKGwyPfVSsLPKCGJ18rfwWX4HkhDlEx+cC4PSq5AgQmGo6rrE/nX1JqW
Mi+pJ8i7pz4ZOhvXSh5r+7uB/w0vzAG+BCJjKlSB37ZxAh6z114yUMj1krQAf4R5
FB6o7ojZc5ItCFlykD67lOovbCOCJBK2rltS3rS3qUUaiT6HIEoTs+ay0ruCQjMw
y9NiaXzxOxbrNh9K9VrNfq0ENIemrEc0FMJ0FZv7LK2GwMSLXDD3sg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:39:49 2025 by rpki-client