Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CsrSi1T1CIskoFildWIULyiAcs8.roa
File: CsrSi1T1CIskoFildWIULyiAcs8.roa (raw, json)
Hash identifier: 0vgo+Ostk150W3nDANPGmDOpw+qJj1RU2AP84GQeN2g=
Subject key identifier: 0A:CA:D2:8B:54:F5:08:8B:24:A0:58:A5:75:62:14:2F:28:80:72:CF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4A92
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CsrSi1T1CIskoFildWIULyiAcs8.roa
Signing time: Sun 28 Apr 2024 00:23:25 +0000
ROA not before: Sun 28 Apr 2024 00:23:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19090 (0x4a92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 00:23:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0ACAD28B54F5088B24A058A57562142F288072CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5d:46:0a:20:f4:26:54:0a:49:cb:0f:0d:56:
bb:a0:ff:a5:3c:4f:ac:ca:50:d6:02:bc:02:d6:e1:
cc:95:59:13:f5:46:ae:43:bd:6e:37:16:de:fe:59:
29:43:4d:5d:2c:5c:82:03:0c:25:7e:49:dd:cd:e6:
d0:7f:1b:15:bf:ee:9e:65:c9:63:4a:63:5f:67:4f:
29:35:3f:2a:7d:4c:ce:96:35:ee:fa:12:22:2b:f5:
ec:2d:9e:de:86:fe:43:4a:c7:d3:b1:c3:37:9b:71:
a1:e9:7c:61:74:52:79:9c:f6:3c:9f:83:48:0f:e4:
8a:a8:c1:dc:43:e6:6f:6c:ad:40:27:3f:c6:f0:db:
67:c2:0c:c3:02:6f:7d:53:9e:b9:06:6c:94:b6:ed:
ea:a4:91:ea:24:79:f2:68:9b:79:36:a3:f4:34:b9:
3f:d4:04:65:f3:4b:d7:ba:d2:aa:a5:bc:19:e2:54:
52:a7:72:04:1e:3e:35:b0:06:d5:c9:90:89:aa:51:
b1:c7:bb:c7:93:33:b5:ad:dc:3c:05:1f:e9:95:9a:
67:86:39:4e:c4:b7:2c:13:10:0d:76:55:5c:76:43:
21:db:2d:6a:5c:a6:4c:24:e8:53:31:df:0c:9a:b9:
7b:98:33:e9:ed:48:83:ad:89:98:72:41:bf:ad:7d:
4b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CA:D2:8B:54:F5:08:8B:24:A0:58:A5:75:62:14:2F:28:80:72:CF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CsrSi1T1CIskoFildWIULyiAcs8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:a5:0b:7e:47:e2:cf:70:5c:60:f3:8a:10:e3:1c:24:cd:8b:
17:c6:0b:ee:b7:de:27:5a:27:4c:bb:f7:a2:2c:16:62:e2:9b:
9e:b9:eb:90:e8:48:91:71:80:87:ae:94:ac:33:18:b3:7b:1b:
4c:be:9c:50:37:83:66:21:af:a6:38:50:18:bb:2a:04:9d:c5:
33:f8:c9:fd:fd:af:0e:30:52:ac:d3:68:a5:20:ee:72:94:72:
67:18:11:a3:80:f0:df:1e:dd:90:b3:88:a8:ec:d3:3a:f7:1c:
ef:aa:6f:d2:d4:19:f3:c8:4c:12:21:f5:f0:64:da:ab:6c:0d:
41:b1:22:91:6e:43:2b:7d:04:f1:c4:27:d2:2c:e5:01:d3:20:
cc:49:5c:4a:86:cd:c1:29:91:11:aa:1a:0c:d5:a5:61:7c:be:
38:52:c3:2e:c5:56:e4:b9:a9:c0:d9:78:98:43:3a:b2:7e:b0:
16:d3:69:19:d3:4f:57:1f:d4:a4:a0:d2:ed:b6:40:21:f3:2b:
c5:e7:11:01:9c:63:b7:5a:64:1e:5a:bc:2b:7e:24:68:73:0e:
a1:4a:85:5f:33:03:d4:99:e3:7e:5e:6d:24:20:c5:b6:cb:6f:
f0:a4:48:e5:ba:22:84:57:3f:70:d1:57:cd:41:d1:c0:94:ce:
27:c1:62:d1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSpIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgw
MDIzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBBQ0FEMjhCNTRGNTA4
OEIyNEEwNThBNTc1NjIxNDJGMjg4MDcyQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrXUYKIPQmVApJyw8NVrug/6U8T6zKUNYCvALW4cyVWRP1Rq5D
vW43Ft7+WSlDTV0sXIIDDCV+Sd3N5tB/GxW/7p5lyWNKY19nTyk1Pyp9TM6WNe76
EiIr9ewtnt6G/kNKx9OxwzebcaHpfGF0Unmc9jyfg0gP5IqowdxD5m9srUAnP8bw
22fCDMMCb31TnrkGbJS27eqkkeokefJom3k2o/Q0uT/UBGXzS9e60qqlvBniVFKn
cgQePjWwBtXJkImqUbHHu8eTM7Wt3DwFH+mVmmeGOU7EtywTEA12VVx2QyHbLWpc
pkwk6FMx3wyauXuYM+ntSIOtiZhyQb+tfUtnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCsrSi1T1CIskoFildWIULyiAcs8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NzclNpMVQxQ0lza29G
aWxkV0lVTHlpQWNzOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAGaULfkfiz3BcYPOKEOMcJM2LF8YL7rfe
J1onTLv3oiwWYuKbnrnrkOhIkXGAh66UrDMYs3sbTL6cUDeDZiGvpjhQGLsqBJ3F
M/jJ/f2vDjBSrNNopSDucpRyZxgRo4Dw3x7dkLOIqOzTOvcc76pv0tQZ88hMEiH1
8GTaq2wNQbEikW5DK30E8cQn0izlAdMgzElcSobNwSmREaoaDNWlYXy+OFLDLsVW
5LmpwNl4mEM6sn6wFtNpGdNPVx/UpKDS7bZAIfMrxecRAZxjt1pkHlq8K34kaHMO
oUqFXzMD1Jnjfl5tJCDFtstv8KRI5boihFc/cNFXzUHRwJTOJ8Fi0Q==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:23:09 2025 by rpki-client