Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8wIkGI7cMcaCCC15EJt8Q5YK2ik.roa
File: 8wIkGI7cMcaCCC15EJt8Q5YK2ik.roa (raw, json)
Hash identifier: XrljzZbL9Vvn4eE4BjTZgEEFQQhhQ40r/8f8A44kyOU=
Subject key identifier: F3:02:24:18:8E:DC:31:C6:82:08:2D:79:10:9B:7C:43:96:0A:DA:29
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5102
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8wIkGI7cMcaCCC15EJt8Q5YK2ik.roa
Signing time: Mon 06 May 2024 14:24:02 +0000
ROA not before: Mon 06 May 2024 14:24:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20738 (0x5102)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 14:24:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F30224188EDC31C682082D79109B7C43960ADA29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:15:cc:f7:ac:14:bd:c9:7f:e9:8c:a7:66:6b:
26:26:54:20:a9:2c:46:1f:ad:0e:93:b0:66:92:cc:
28:fd:16:3b:13:f0:f2:fe:fa:eb:60:60:72:d4:69:
33:0f:c7:96:70:82:cd:5e:65:d5:b5:3a:8a:20:5f:
64:8c:23:77:bd:3c:45:dd:6e:eb:e5:81:48:e2:1f:
f4:30:db:60:7c:06:6c:d9:9a:59:d9:e9:1e:2b:7a:
9b:e8:59:64:7e:b1:16:c3:9b:fb:cc:59:a1:a5:d0:
41:08:35:16:d6:91:ef:62:5c:62:85:93:81:14:ab:
d1:5c:35:74:61:2d:b2:7c:ca:50:66:3d:c7:7f:41:
6f:09:4c:dd:b9:22:3e:b9:07:e3:ca:c3:8e:9a:20:
69:01:37:0b:45:05:55:36:97:da:21:3d:78:dc:1f:
a4:e5:93:70:aa:1e:08:d0:82:ae:b5:82:5d:5d:bb:
f8:8f:12:52:f3:f3:0b:47:4a:8a:51:c5:24:7a:ca:
b1:e8:76:a0:20:27:b8:a5:8d:96:4f:1a:d4:2c:cf:
ca:e4:b8:cb:18:a6:c9:ae:5e:77:38:41:9c:fb:f4:
81:c1:94:b1:e9:5d:91:46:fc:66:88:3f:54:2d:66:
55:05:c6:d8:d4:22:1f:96:49:df:48:84:3e:17:cf:
45:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:02:24:18:8E:DC:31:C6:82:08:2D:79:10:9B:7C:43:96:0A:DA:29
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8wIkGI7cMcaCCC15EJt8Q5YK2ik.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:78:9c:39:f2:bc:07:24:57:86:6f:98:96:c0:83:74:ff:b9:
24:53:62:bb:88:08:c2:77:d3:11:bd:66:82:35:0e:52:dc:e0:
45:58:a2:09:9a:23:e3:31:1c:9b:f8:fa:d6:90:94:33:09:af:
40:23:85:3a:43:0f:c9:7c:fd:46:0a:5a:7d:48:bc:c1:04:b2:
2c:4a:4a:6c:62:34:01:4f:69:83:b9:82:65:82:09:b4:8b:0b:
a1:3d:b3:92:34:c7:85:d4:25:3a:93:0a:5c:48:fc:3b:3f:43:
5b:3b:40:7e:b5:e2:52:fe:b9:62:b2:20:82:52:58:0d:37:65:
84:d4:99:0d:f1:23:1d:34:06:f9:c7:76:c9:77:9a:8b:a3:a7:
44:f4:d1:70:da:79:c6:23:a4:d6:22:73:53:14:a7:d8:1c:c7:
63:bf:14:71:6b:12:27:c7:0f:9a:9c:11:10:a9:d4:15:f5:8a:
12:f5:a4:2f:f9:5f:05:af:a3:71:35:27:26:f5:4a:13:80:12:
8d:12:5b:f8:ac:30:d3:94:6a:be:c2:7d:11:45:3e:6b:d8:20:
5f:7a:03:92:34:a1:65:19:4f:c7:24:0e:f6:7c:9d:86:52:88:
66:ad:4d:9b:3b:81:29:a3:07:b4:78:f9:5b:5c:fb:32:94:26:
7e:fd:3b:3b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUQIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYx
NDI0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYzMDIyNDE4OEVEQzMx
QzY4MjA4MkQ3OTEwOUI3QzQzOTYwQURBMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLFcz3rBS9yX/pjKdmayYmVCCpLEYfrQ6TsGaSzCj9FjsT8PL+
+utgYHLUaTMPx5Zwgs1eZdW1OoogX2SMI3e9PEXdbuvlgUjiH/Qw22B8BmzZmlnZ
6R4repvoWWR+sRbDm/vMWaGl0EEINRbWke9iXGKFk4EUq9FcNXRhLbJ8ylBmPcd/
QW8JTN25Ij65B+PKw46aIGkBNwtFBVU2l9ohPXjcH6Tlk3CqHgjQgq61gl1du/iP
ElLz8wtHSopRxSR6yrHodqAgJ7iljZZPGtQsz8rkuMsYpsmuXnc4QZz79IHBlLHp
XZFG/GaIP1QtZlUFxtjUIh+WSd9IhD4Xz0XLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU8wIkGI7cMcaCCC15EJt8Q5YK2ikwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Lzh3SWtHSTdjTWNhQ0ND
MTVFSnQ4UTVZSzJpay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAgXicOfK8ByRXhm+YlsCDdP+5JFNiu4gI
wnfTEb1mgjUOUtzgRViiCZoj4zEcm/j61pCUMwmvQCOFOkMPyXz9RgpafUi8wQSy
LEpKbGI0AU9pg7mCZYIJtIsLoT2zkjTHhdQlOpMKXEj8Oz9DWztAfrXiUv65YrIg
glJYDTdlhNSZDfEjHTQG+cd2yXeai6OnRPTRcNp5xiOk1iJzUxSn2BzHY78UcWsS
J8cPmpwREKnUFfWKEvWkL/lfBa+jcTUnJvVKE4ASjRJb+Kww05RqvsJ9EUU+a9gg
X3oDkjShZRlPxyQO9nydhlKIZq1NmzuBKaMHtHj5W1z7MpQmfv07Ow==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:50 2025 by rpki-client