Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/9he9Crd0K6njztcpu98kBhQSl80.roa
File: 9he9Crd0K6njztcpu98kBhQSl80.roa (raw, json)
Hash identifier: CgwVcEp2hP3nz8vhmBeeWvjZo97AvgAm1MZZuemKM+A=
Subject key identifier: F6:17:BD:0A:B7:74:2B:A9:E3:CE:D7:29:BB:DF:24:06:14:12:97:CD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E8E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9he9Crd0K6njztcpu98kBhQSl80.roa
Signing time: Thu 11 Apr 2024 23:52:49 +0000
ROA not before: Thu 11 Apr 2024 23:52:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16014 (0x3e8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 23:52:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F617BD0AB7742BA9E3CED729BBDF2406141297CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ab:04:aa:28:9f:4a:58:da:dc:30:9f:40:63:
89:4d:f5:d5:45:d4:58:24:69:86:9e:55:6e:fb:27:
cf:18:86:60:01:47:cd:57:94:90:19:89:f9:f4:52:
cc:56:4c:ea:4c:a3:84:e9:4a:99:87:2b:22:4d:3e:
a5:46:01:73:69:33:84:8b:f7:56:92:96:53:29:de:
7c:3e:dc:b0:d7:47:a5:82:8e:48:3e:f5:39:ac:da:
62:cb:2c:cb:71:62:47:77:ee:88:20:91:1f:e6:0c:
9a:46:0a:6b:3a:8a:9f:e2:c5:01:8c:63:16:9d:bc:
77:68:2f:39:d8:c5:de:18:36:6f:5b:b2:ba:11:58:
de:bb:2b:d8:7a:a5:24:65:2a:62:5a:bb:90:67:bb:
32:0e:2d:bb:e9:bb:cf:ce:67:73:06:6d:5a:0b:ae:
ff:d5:a7:80:da:2a:a4:31:5a:a8:4b:18:3d:59:29:
61:5c:07:44:d7:d4:19:d6:a0:33:ca:c3:ee:90:f7:
c8:4f:de:bc:d8:b8:12:3b:0a:66:20:a1:25:92:35:
2e:c1:ba:40:80:63:f2:24:bf:c6:36:f8:5a:7d:46:
ce:a1:e6:12:71:88:41:ed:a8:2b:6c:21:fa:2f:e7:
52:ff:d7:3b:b3:48:9e:08:07:49:a3:be:ba:aa:09:
9a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:17:BD:0A:B7:74:2B:A9:E3:CE:D7:29:BB:DF:24:06:14:12:97:CD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9he9Crd0K6njztcpu98kBhQSl80.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:77:77:d5:a8:16:2c:bd:30:ae:30:88:15:bd:5a:98:b1:61:
dc:70:2e:41:cb:6b:96:f6:c2:37:89:12:bb:ba:03:0d:24:31:
08:05:4c:bf:09:e5:86:a5:85:11:35:a5:4d:c8:cf:4d:d2:08:
d6:82:64:9c:09:43:ee:1f:16:d7:89:ae:7b:77:5a:5e:b3:0d:
28:36:9c:49:29:45:07:62:f4:e6:23:9a:11:ee:5a:45:43:d5:
21:c0:27:d4:11:48:24:dc:10:a2:24:34:eb:a1:c9:f0:da:3b:
2a:a5:06:55:10:2e:31:da:7f:08:e1:5a:1e:b0:e2:92:0a:0f:
40:6e:0c:bd:40:ad:f9:6d:89:7c:2d:9c:3e:33:c8:33:c1:9b:
a3:45:b5:25:53:ad:75:b5:72:1a:de:96:1c:c6:ea:f9:f9:3f:
c2:49:33:d2:e3:bf:29:94:a1:a8:87:9d:7c:7f:61:0e:ec:cd:
8c:6b:17:bf:25:83:ae:f1:1f:ef:1b:aa:aa:e6:8a:35:34:23:
df:67:96:7c:54:f5:83:a2:9c:08:2c:ee:b5:17:e5:d0:60:e6:
53:b4:2f:4d:8d:6c:8a:32:53:4c:0a:41:63:b6:f3:00:25:54:
60:69:39:71:c5:75:9e:68:a2:af:b5:51:a5:60:19:a2:c8:71:
e7:ab:2b:70
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEy
MzUyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY2MTdCRDBBQjc3NDJC
QTlFM0NFRDcyOUJCREYyNDA2MTQxMjk3Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxqwSqKJ9KWNrcMJ9AY4lN9dVF1FgkaYaeVW77J88YhmABR81X
lJAZifn0UsxWTOpMo4TpSpmHKyJNPqVGAXNpM4SL91aSllMp3nw+3LDXR6WCjkg+
9Tms2mLLLMtxYkd37oggkR/mDJpGCms6ip/ixQGMYxadvHdoLznYxd4YNm9bsroR
WN67K9h6pSRlKmJau5BnuzIOLbvpu8/OZ3MGbVoLrv/Vp4DaKqQxWqhLGD1ZKWFc
B0TX1BnWoDPKw+6Q98hP3rzYuBI7CmYgoSWSNS7BukCAY/Ikv8Y2+Fp9Rs6h5hJx
iEHtqCtsIfov51L/1zuzSJ4IB0mjvrqqCZr5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9he9Crd0K6njztcpu98kBhQSl80wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzloZTlDcmQwSzZuanp0
Y3B1OThrQmhRU2w4MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAnnd31agWLL0wrjCIFb1amLFh3HAuQctr
lvbCN4kSu7oDDSQxCAVMvwnlhqWFETWlTcjPTdII1oJknAlD7h8W14mue3daXrMN
KDacSSlFB2L05iOaEe5aRUPVIcAn1BFIJNwQoiQ066HJ8No7KqUGVRAuMdp/COFa
HrDikgoPQG4MvUCt+W2JfC2cPjPIM8Gbo0W1JVOtdbVyGt6WHMbq+fk/wkkz0uO/
KZShqIedfH9hDuzNjGsXvyWDrvEf7xuqquaKNTQj32eWfFT1g6KcCCzutRfl0GDm
U7QvTY1sijJTTApBY7bzACVUYGk5ccV1nmiir7VRpWAZoshx56srcA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:37 2025 by rpki-client