Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/D3nf_eJ-LIz5U13QQoEuDw7fFMs.roa
File: D3nf_eJ-LIz5U13QQoEuDw7fFMs.roa (raw, json)
Hash identifier: YrW/rJ2nf3GeUaZTWEVxQmDmS1NyHQRJnEr0FdNzthk=
Subject key identifier: 0F:79:DF:FD:E2:7E:2C:8C:F9:53:5D:D0:42:81:2E:0F:0E:DF:14:CB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A8E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/D3nf_eJ-LIz5U13QQoEuDw7fFMs.roa
Signing time: Sat 06 Apr 2024 15:52:28 +0000
ROA not before: Sat 06 Apr 2024 15:52:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14990 (0x3a8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 15:52:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0F79DFFDE27E2C8CF9535DD042812E0F0EDF14CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:35:4b:31:2b:35:70:29:5f:e8:d8:8c:19:e0:
de:90:83:f1:2a:eb:0d:f1:07:89:a9:e1:cc:88:f2:
df:b2:ef:fa:72:2d:63:29:ed:7c:11:f9:05:6a:24:
eb:72:f8:76:2f:b0:b7:e2:7f:b7:fd:61:e1:1e:de:
15:74:6e:03:53:9f:6c:a5:1f:a0:07:21:fe:68:4e:
f4:68:83:e3:1a:aa:52:18:d2:e7:4b:d0:63:0d:30:
dd:68:c4:1f:0b:6e:c1:62:bc:2a:8e:73:20:14:dc:
e5:da:0a:5e:57:d9:2b:c1:9f:37:ee:de:fb:c4:e9:
98:b7:d8:49:e0:dc:14:92:97:38:55:bc:99:24:74:
7d:b5:12:cc:d9:21:85:68:b5:d1:bd:da:2d:ba:cb:
91:23:94:7d:b5:5e:a5:98:f9:b0:b8:53:ad:73:60:
ed:d0:e7:a1:0a:e0:7c:8a:a6:a6:d3:3a:02:a9:58:
b3:4f:72:a3:a2:22:16:18:4e:ae:a1:d6:cc:7f:fa:
5f:ff:91:ab:b3:21:00:79:fd:13:51:db:65:a0:e9:
d0:43:3b:ab:40:79:78:c6:ce:46:61:98:1d:12:65:
c9:06:f3:f6:f7:f4:af:75:53:54:3d:8a:a4:4b:1a:
38:f7:ef:4f:19:1b:22:88:37:a7:f0:9d:dc:1f:3d:
80:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:79:DF:FD:E2:7E:2C:8C:F9:53:5D:D0:42:81:2E:0F:0E:DF:14:CB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/D3nf_eJ-LIz5U13QQoEuDw7fFMs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:58:76:76:3b:ad:05:0e:00:d9:f8:ba:3f:81:70:41:a4:0f:
4c:b7:a5:a0:9a:96:e8:7f:d7:46:f8:be:0c:b0:d3:48:49:6a:
9c:38:f9:a4:72:f3:58:d4:be:58:f3:d2:ac:35:bb:66:ad:f4:
af:6d:a3:d2:b4:08:19:29:fe:7c:74:bb:c4:c6:c3:b7:20:5b:
d5:e1:f9:71:5e:20:cb:39:4f:88:81:a2:9a:c6:e4:e6:84:a4:
0b:ec:f7:fe:f3:f6:35:38:70:7a:fe:78:d2:a7:b6:a8:5a:80:
56:16:c4:91:d4:01:09:65:8b:9f:88:71:e9:6e:4f:7d:b0:0d:
9e:18:40:38:35:87:cc:af:ed:2a:35:e1:f5:27:e0:84:b4:98:
83:7d:c1:f3:b9:d8:57:3b:e4:63:e1:cd:b3:b8:33:2f:13:44:
83:4e:50:1b:37:b3:24:4a:65:6f:49:94:aa:d1:e6:5f:cb:b5:
5f:df:f7:44:66:e5:3e:f1:d3:d0:4c:42:48:5b:a7:b7:6c:8f:
ea:71:90:b4:66:79:cd:6c:0c:69:00:5c:c9:df:18:6b:9c:9c:
f8:13:c8:e3:a5:73:5a:a2:1f:6a:88:80:61:b8:49:80:7b:8d:
50:e8:1f:95:c2:62:01:c0:c1:15:99:99:1f:72:65:fa:72:2a:
04:50:d5:6c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYx
NTUyMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBGNzlERkZERTI3RTJD
OENGOTUzNUREMDQyODEyRTBGMEVERjE0Q0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZNUsxKzVwKV/o2IwZ4N6Qg/Eq6w3xB4mp4cyI8t+y7/pyLWMp
7XwR+QVqJOty+HYvsLfif7f9YeEe3hV0bgNTn2ylH6AHIf5oTvRog+MaqlIY0udL
0GMNMN1oxB8LbsFivCqOcyAU3OXaCl5X2SvBnzfu3vvE6Zi32Eng3BSSlzhVvJkk
dH21EszZIYVotdG92i26y5EjlH21XqWY+bC4U61zYO3Q56EK4HyKpqbTOgKpWLNP
cqOiIhYYTq6h1sx/+l//kauzIQB5/RNR22Wg6dBDO6tAeXjGzkZhmB0SZckG8/b3
9K91U1Q9iqRLGjj3708ZGyKIN6fwndwfPYA5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUD3nf/eJ+LIz5U13QQoEuDw7fFMswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0QzbmZfZUotTEl6NVUx
M1FRb0V1RHc3ZkZNcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAE1h2djutBQ4A2fi6P4FwQaQPTLeloJqW
6H/XRvi+DLDTSElqnDj5pHLzWNS+WPPSrDW7Zq30r22j0rQIGSn+fHS7xMbDtyBb
1eH5cV4gyzlPiIGimsbk5oSkC+z3/vP2NThwev540qe2qFqAVhbEkdQBCWWLn4hx
6W5PfbANnhhAODWHzK/tKjXh9SfghLSYg33B87nYVzvkY+HNs7gzLxNEg05QGzez
JEplb0mUqtHmX8u1X9/3RGblPvHT0ExCSFunt2yP6nGQtGZ5zWwMaQBcyd8Ya5yc
+BPI46VzWqIfaoiAYbhJgHuNUOgflcJiAcDBFZmZH3Jl+nIqBFDVbA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:47 2025 by rpki-client