Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AvX3xmDyOWpslsmpOzd1g3wQkus.roa
File: AvX3xmDyOWpslsmpOzd1g3wQkus.roa (raw, json)
Hash identifier: 7QRpXOL2JvQxfCrBrKXRz4ASmuyQZPHBqgTy18K9uB8=
Subject key identifier: 02:F5:F7:C6:60:F2:39:6A:6C:96:C9:A9:3B:37:75:83:7C:10:92:EB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40EA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AvX3xmDyOWpslsmpOzd1g3wQkus.roa
Signing time: Mon 15 Apr 2024 03:22:52 +0000
ROA not before: Mon 15 Apr 2024 03:22:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16618 (0x40ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 03:22:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=02F5F7C660F2396A6C96C9A93B3775837C1092EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0b:56:30:23:39:8f:22:dc:32:77:fd:96:8b:
63:ca:54:59:73:43:f2:87:97:86:23:f0:10:ba:53:
19:a8:29:df:d1:5e:a2:0e:88:2e:a5:b5:8a:c7:ec:
10:44:05:a1:c1:89:87:f5:15:6a:a9:4b:3a:63:11:
9e:33:31:9a:3e:21:3e:f9:b3:89:bb:23:c3:34:3c:
e7:d7:47:f3:48:f5:da:65:1c:a7:d0:04:76:69:5c:
6b:4b:f4:6e:a2:36:b2:b4:77:15:5e:d5:cf:27:2a:
2e:51:b5:e3:cc:7f:0b:ae:f3:19:2f:d6:b3:57:80:
13:53:35:05:a3:c7:a6:40:05:5e:6e:90:da:dd:ce:
af:70:15:ce:fb:80:fe:b1:13:fb:a1:64:0b:d1:26:
9c:ab:c0:84:ff:2d:ea:30:0c:0a:23:37:9b:7d:20:
b9:af:97:7a:41:1e:eb:56:36:1c:6a:2f:9f:62:34:
96:83:59:c1:c3:6b:65:00:53:4f:f2:e5:90:5e:71:
7e:4c:dc:1a:88:5f:a7:79:84:bb:ac:6e:35:73:91:
07:ae:bf:1c:b3:d3:ab:cc:e3:4b:38:e1:66:1f:cb:
a7:b0:3a:c9:ed:8f:4a:59:cc:89:dc:a0:18:f5:11:
2d:8c:28:3b:12:7c:da:3a:fc:94:f2:e9:de:2c:a0:
0d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F5:F7:C6:60:F2:39:6A:6C:96:C9:A9:3B:37:75:83:7C:10:92:EB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AvX3xmDyOWpslsmpOzd1g3wQkus.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:9a:7a:50:5b:ee:18:b5:79:6e:14:98:5f:59:80:a5:54:f0:
56:c7:d4:fe:36:36:5a:c0:fb:d0:5d:da:c4:71:0e:2d:41:6b:
06:47:18:0c:3c:9d:26:8d:1a:62:d7:ed:4c:5e:56:01:cd:59:
31:8c:ac:26:3c:61:c0:e0:87:04:fe:27:3d:32:a7:10:e6:64:
a9:9f:3f:97:ed:4c:6e:57:fa:10:1a:2a:22:76:a7:d7:b6:0b:
06:83:aa:70:79:4d:53:14:3b:45:fc:e5:e1:5e:9f:b8:e6:30:
22:c9:6d:e4:f1:63:7f:b0:26:17:78:37:e4:a1:cb:94:79:9a:
c2:c9:19:af:0d:4f:0e:26:49:3d:56:5e:1b:4a:fe:71:a3:26:
06:e5:5d:f6:36:12:32:ba:50:09:29:bf:80:5b:ed:15:d2:69:
7b:b2:9c:64:ca:fc:d8:62:50:22:f5:13:c6:fb:4f:ae:68:f1:
d3:85:72:e3:fe:79:7a:77:fb:0b:a4:69:99:77:ad:01:a1:75:
b7:d4:d3:49:80:fd:83:62:3e:e4:9e:62:ff:87:17:7e:b6:11:
a4:3f:f6:b0:39:d1:8b:ba:1d:db:e1:b9:1a:ef:13:04:0a:f5:
e3:21:e2:75:fe:a0:bf:9a:dc:0e:3e:1a:7a:b3:72:29:1b:d5:
bd:37:15:a5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQOowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
MzIyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAyRjVGN0M2NjBGMjM5
NkE2Qzk2QzlBOTNCMzc3NTgzN0MxMDkyRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnC1YwIzmPItwyd/2Wi2PKVFlzQ/KHl4Yj8BC6UxmoKd/RXqIO
iC6ltYrH7BBEBaHBiYf1FWqpSzpjEZ4zMZo+IT75s4m7I8M0POfXR/NI9dplHKfQ
BHZpXGtL9G6iNrK0dxVe1c8nKi5RtePMfwuu8xkv1rNXgBNTNQWjx6ZABV5ukNrd
zq9wFc77gP6xE/uhZAvRJpyrwIT/LeowDAojN5t9ILmvl3pBHutWNhxqL59iNJaD
WcHDa2UAU0/y5ZBecX5M3BqIX6d5hLusbjVzkQeuvxyz06vM40s44WYfy6ewOsnt
j0pZzIncoBj1ES2MKDsSfNo6/JTy6d4soA2jAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUAvX3xmDyOWpslsmpOzd1g3wQkuswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0F2WDN4bUR5T1dwc2xz
bXBPemQxZzN3UWt1cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAkpp6UFvuGLV5bhSYX1mApVTwVsfU/jY2
WsD70F3axHEOLUFrBkcYDDydJo0aYtftTF5WAc1ZMYysJjxhwOCHBP4nPTKnEOZk
qZ8/l+1Mblf6EBoqInan17YLBoOqcHlNUxQ7Rfzl4V6fuOYwIslt5PFjf7AmF3g3
5KHLlHmawskZrw1PDiZJPVZeG0r+caMmBuVd9jYSMrpQCSm/gFvtFdJpe7KcZMr8
2GJQIvUTxvtPrmjx04Vy4/55enf7C6RpmXetAaF1t9TTSYD9g2I+5J5i/4cXfrYR
pD/2sDnRi7od2+G5Gu8TBAr14yHidf6gv5rcDj4aerNyKRvVvTcVpQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:10 2025 by rpki-client