Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AwINOao1c59TWXDVkXvf02VV61U.roa
File: AwINOao1c59TWXDVkXvf02VV61U.roa (raw, json)
Hash identifier: 3WcnQEsqd4kdOpzebzpgDxlOXufvItPnCoL8ueDuG1k=
Subject key identifier: 03:02:0D:39:AA:35:73:9F:53:59:70:D5:91:7B:DF:D3:65:55:EB:55
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4106
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AwINOao1c59TWXDVkXvf02VV61U.roa
Signing time: Mon 15 Apr 2024 06:54:30 +0000
ROA not before: Mon 15 Apr 2024 06:54:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16646 (0x4106)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 06:54:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=03020D39AA35739F535970D5917BDFD36555EB55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d6:e2:84:8a:4c:bc:32:32:4a:93:8a:60:fa:
47:2a:78:53:35:51:03:c7:09:29:3d:42:32:cd:9a:
f0:4f:c1:af:1e:e5:e4:71:1a:1e:68:c6:5f:32:1a:
57:15:35:2d:92:97:24:9a:ce:3b:bc:88:ab:62:e0:
9a:19:0a:2b:d4:6a:0b:48:60:da:5b:a6:b3:f1:56:
bb:05:e6:0b:be:0c:a3:1f:fd:2f:8d:13:05:df:45:
ed:a8:6e:fc:d8:d3:73:d8:f7:35:dc:a7:94:53:7d:
b3:f3:e1:22:6f:d3:cb:4a:d9:07:e8:57:57:fc:ae:
c6:9b:8c:5b:35:90:b1:62:98:d3:4f:f4:03:56:8f:
3e:d1:73:2f:78:b0:06:76:cd:99:59:db:af:a2:5f:
36:6a:44:e1:c3:d7:4b:3e:8e:d7:85:d5:a9:a2:86:
fb:2f:55:90:87:f4:65:21:5b:29:21:e0:8c:8c:3f:
58:27:13:33:3d:ac:e4:a1:08:4e:56:eb:09:6f:82:
c1:e7:33:eb:43:96:70:47:21:55:3d:39:e2:a7:e9:
c0:38:ad:a7:fd:b9:b9:34:64:31:df:fe:0c:c6:49:
89:fc:22:77:cb:9d:c3:5b:e9:46:7a:46:f9:0f:8e:
90:06:c2:08:18:a1:06:55:e9:7c:e7:e6:d2:1c:72:
72:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:02:0D:39:AA:35:73:9F:53:59:70:D5:91:7B:DF:D3:65:55:EB:55
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AwINOao1c59TWXDVkXvf02VV61U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:b6:fb:c8:90:73:ed:47:25:77:c0:78:70:bc:91:12:b5:7d:
cc:a3:d4:53:31:81:f5:01:39:b1:e1:63:63:b4:51:cd:f3:55:
cf:11:38:6a:2a:da:ae:73:29:6c:bd:9f:b7:37:91:e4:9d:94:
ee:9e:fc:11:2a:eb:b2:de:bc:d3:85:e5:44:8a:5d:c1:98:ed:
04:f4:19:1d:db:5c:20:3d:b2:f9:80:14:4d:52:92:2d:bc:4a:
70:0e:91:71:37:a6:f1:42:63:b6:00:62:3c:24:a8:71:3b:63:
55:7f:43:a3:6b:cd:60:20:d6:ad:83:2e:75:21:9b:2a:88:a4:
01:0d:55:29:c9:56:91:1b:11:bd:f4:9a:19:d2:6c:86:f6:4d:
93:8b:61:bb:1f:28:3d:f6:22:e6:23:35:21:81:c5:0e:2e:63:
5d:80:02:cd:69:a4:d6:e4:46:00:45:52:15:7b:1a:35:ed:b9:
ea:11:3a:77:fe:e3:40:d0:97:b2:e0:c7:2b:cc:c9:5b:90:f4:
80:47:72:a3:a0:3e:b8:5c:a6:ea:9b:1c:83:e4:5f:ea:32:9b:
28:7a:ed:7e:b3:f6:e4:19:f5:7c:39:e0:93:72:98:9e:d4:21:
35:58:3f:60:4a:c4:81:40:1d:ec:d3:ff:54:e6:92:95:60:2a:
b0:5f:84:7f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQQYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
NjU0MzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAzMDIwRDM5QUEzNTcz
OUY1MzU5NzBENTkxN0JERkQzNjU1NUVCNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo1uKEiky8MjJKk4pg+kcqeFM1UQPHCSk9QjLNmvBPwa8e5eRx
Gh5oxl8yGlcVNS2SlySazju8iKti4JoZCivUagtIYNpbprPxVrsF5gu+DKMf/S+N
EwXfRe2obvzY03PY9zXcp5RTfbPz4SJv08tK2QfoV1f8rsabjFs1kLFimNNP9ANW
jz7Rcy94sAZ2zZlZ26+iXzZqROHD10s+jteF1amihvsvVZCH9GUhWykh4IyMP1gn
EzM9rOShCE5W6wlvgsHnM+tDlnBHIVU9OeKn6cA4raf9ubk0ZDHf/gzGSYn8InfL
ncNb6UZ6RvkPjpAGwggYoQZV6Xzn5tIccnIdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUAwINOao1c59TWXDVkXvf02VV61UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0F3SU5PYW8xYzU5VFdY
RFZrWHZmMDJWVjYxVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEASLb7yJBz7Ucld8B4cLyRErV9zKPUUzGB
9QE5seFjY7RRzfNVzxE4airarnMpbL2ftzeR5J2U7p78ESrrst6804XlRIpdwZjt
BPQZHdtcID2y+YAUTVKSLbxKcA6RcTem8UJjtgBiPCSocTtjVX9Do2vNYCDWrYMu
dSGbKoikAQ1VKclWkRsRvfSaGdJshvZNk4thux8oPfYi5iM1IYHFDi5jXYACzWmk
1uRGAEVSFXsaNe256hE6d/7jQNCXsuDHK8zJW5D0gEdyo6A+uFym6pscg+Rf6jKb
KHrtfrP25Bn1fDngk3KYntQhNVg/YErEgUAd7NP/VOaSlWAqsF+Efw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:32 2025 by rpki-client