Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DBJRGWpdCHcUGuer_c7rOb71mwo.roa
File: DBJRGWpdCHcUGuer_c7rOb71mwo.roa (raw, json)
Hash identifier: 3BWEHtAhzsZ2dCJaUbYB+Iog1O2AVt3vtc/vVeRNUvg=
Subject key identifier: 0C:12:51:19:6A:5D:08:77:14:1A:E7:AB:FD:CE:EB:39:BE:F5:9B:0A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3BBA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DBJRGWpdCHcUGuer_c7rOb71mwo.roa
Signing time: Mon 08 Apr 2024 05:22:35 +0000
ROA not before: Mon 08 Apr 2024 05:22:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15290 (0x3bba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 05:22:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0C1251196A5D0877141AE7ABFDCEEB39BEF59B0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:28:c5:65:f4:07:c8:3b:95:2a:e2:82:4c:94:
aa:50:c7:7e:93:f8:21:1d:c4:2a:93:f5:f2:fa:e4:
2f:d0:fd:8c:67:c7:10:4c:81:b1:49:65:58:9c:f1:
f1:29:41:3f:07:7c:a8:38:d7:25:7f:40:a7:05:6c:
4e:39:fa:c5:ce:8d:58:d9:a8:2f:d0:68:fe:88:c3:
11:27:21:96:88:89:01:94:03:37:52:48:50:d6:a5:
53:d3:a0:80:b2:9f:48:94:93:34:e4:40:4c:74:94:
72:71:92:a4:c4:e7:06:28:fd:d2:72:90:de:da:8c:
4c:a5:3a:19:f5:6b:c7:be:7e:c2:b5:d3:93:10:20:
c6:16:de:2a:e3:2a:b1:cb:bb:6e:c6:aa:67:d7:4e:
07:19:c6:60:52:e4:ea:70:d1:59:e9:4b:d1:01:f4:
38:be:b8:49:de:4b:8f:95:d7:10:6f:09:bc:36:36:
05:4f:cf:fa:ac:85:de:f8:57:4b:97:8b:5a:23:25:
7e:a5:43:18:0f:e7:5a:a0:bf:59:72:2e:c9:5c:df:
86:b1:24:0d:5b:78:4a:cc:d3:10:f6:e8:ad:5c:d7:
ca:75:f8:bb:79:ad:fa:05:ce:b9:21:ba:5c:c8:9c:
57:18:01:8d:e2:ee:fc:3e:56:94:87:e9:20:a5:df:
70:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:12:51:19:6A:5D:08:77:14:1A:E7:AB:FD:CE:EB:39:BE:F5:9B:0A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DBJRGWpdCHcUGuer_c7rOb71mwo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b6:be:c4:bb:06:1c:6e:14:a5:a3:19:7a:46:33:c8:57:d5:28:
61:a2:e9:17:db:cd:78:3d:5b:a6:10:e7:f1:76:26:cc:27:95:
45:04:f4:f0:19:e9:78:5e:54:2e:c8:9f:9e:0c:c8:da:d8:22:
2c:27:06:2b:b9:a4:19:e6:4b:cd:70:2d:ae:df:3d:eb:f7:54:
fe:3d:fd:98:f6:8c:14:cf:a0:ce:a4:18:53:bd:24:d7:c5:c4:
e5:84:f2:a6:9c:ee:cd:66:95:f1:54:66:0c:2d:1d:71:2d:0d:
cb:e0:4e:bc:03:f0:b3:2e:91:df:06:c9:36:06:5c:6d:20:7d:
58:fb:a8:7b:78:8f:d0:b6:31:26:7c:9e:45:d9:af:22:e4:5a:
57:7c:cb:26:77:6f:51:48:05:e9:0c:1f:03:42:51:d8:30:a0:
5b:a9:7d:86:9c:79:68:51:16:f8:b6:0b:bd:35:b1:b8:ab:72:
ba:c2:5d:40:20:43:01:f1:59:f5:4f:67:42:93:65:7c:ab:d6:
d0:64:f3:88:d5:d3:a2:5d:5f:ee:ac:3e:8d:d3:58:da:f3:e6:
bd:0c:33:79:49:a2:ac:85:77:ee:5e:da:1a:54:a1:fc:a9:e9:
14:60:86:79:63:a1:0f:04:9e:e5:b6:f6:27:ea:ff:7e:6e:b7:
10:2f:62:85
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICO7owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgw
NTIyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBDMTI1MTE5NkE1RDA4
NzcxNDFBRTdBQkZEQ0VFQjM5QkVGNTlCMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIKMVl9AfIO5Uq4oJMlKpQx36T+CEdxCqT9fL65C/Q/YxnxxBM
gbFJZVic8fEpQT8HfKg41yV/QKcFbE45+sXOjVjZqC/QaP6IwxEnIZaIiQGUAzdS
SFDWpVPToICyn0iUkzTkQEx0lHJxkqTE5wYo/dJykN7ajEylOhn1a8e+fsK105MQ
IMYW3irjKrHLu27GqmfXTgcZxmBS5Opw0VnpS9EB9Di+uEneS4+V1xBvCbw2NgVP
z/qshd74V0uXi1ojJX6lQxgP51qgv1lyLslc34axJA1beErM0xD26K1c18p1+Lt5
rfoFzrkhulzInFcYAY3i7vw+VpSH6SCl33CPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUDBJRGWpdCHcUGuer/c7rOb71mwowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RCSlJHV3BkQ0hjVUd1
ZXJfYzdyT2I3MW13by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAtr7EuwYcbhSloxl6RjPIV9UoYaLpF9vN
eD1bphDn8XYmzCeVRQT08BnpeF5ULsifngzI2tgiLCcGK7mkGeZLzXAtrt896/dU
/j39mPaMFM+gzqQYU70k18XE5YTyppzuzWaV8VRmDC0dcS0Ny+BOvAPwsy6R3wbJ
NgZcbSB9WPuoe3iP0LYxJnyeRdmvIuRaV3zLJndvUUgF6QwfA0JR2DCgW6l9hpx5
aFEW+LYLvTWxuKtyusJdQCBDAfFZ9U9nQpNlfKvW0GTziNXTol1f7qw+jdNY2vPm
vQwzeUmirIV37l7aGlSh/KnpFGCGeWOhDwSe5bb2J+r/fm63EC9ihQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:45 2025 by rpki-client