Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DWiK1wn5r70ckskya4319hE-kMs.roa
File: DWiK1wn5r70ckskya4319hE-kMs.roa (raw, json)
Hash identifier: nbTPDN0HFcW86gNhPgZtcmqM1pEdj/P4pgQGzlqKAUE=
Subject key identifier: 0D:68:8A:D7:09:F9:AF:BD:1C:92:C9:32:6B:8D:F5:F6:11:3E:90:CB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5356
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DWiK1wn5r70ckskya4319hE-kMs.roa
Signing time: Thu 09 May 2024 16:54:26 +0000
ROA not before: Thu 09 May 2024 16:54:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21334 (0x5356)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 16:54:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0D688AD709F9AFBD1C92C9326B8DF5F6113E90CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6f:7c:49:1c:a1:22:be:6a:8f:18:66:05:63:
4e:7c:9b:17:13:dc:de:76:6a:11:d3:e9:c0:af:db:
d6:9e:3f:b0:b4:b9:f8:38:e5:44:44:f2:26:42:aa:
4d:1f:39:72:19:fc:43:1a:a8:ac:d9:de:ac:3c:4c:
aa:b2:24:57:76:fa:b8:d9:db:d7:fc:c8:d7:8d:fc:
fb:01:1e:b5:5f:29:90:35:59:9c:70:2f:a8:8d:09:
50:f8:88:df:9a:c4:65:30:c2:6c:4c:4b:a6:19:07:
07:2f:43:4c:01:eb:a4:fc:ab:2e:24:d1:81:f0:ca:
0a:1c:dd:db:79:12:76:be:e4:f7:77:06:89:aa:c0:
88:4a:71:74:53:cb:1f:5b:ee:67:71:6a:02:63:56:
57:d5:80:6c:13:4b:d9:e2:75:d8:87:c4:ad:02:2b:
48:e9:79:67:a2:90:a6:3b:8a:31:83:90:c4:1c:8b:
13:75:47:1e:14:4c:98:d4:47:4f:ff:e3:3d:c8:d8:
a7:c1:3f:c7:e6:de:45:3b:02:be:12:13:b1:b3:23:
4f:d4:24:68:13:6f:6e:a5:0c:b1:3a:fc:a6:71:a5:
5b:14:7e:20:7d:a0:57:dd:9d:1c:36:7f:e5:a6:c4:
a7:79:25:e2:22:12:0d:60:d2:b7:46:cf:94:c2:54:
d2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:68:8A:D7:09:F9:AF:BD:1C:92:C9:32:6B:8D:F5:F6:11:3E:90:CB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DWiK1wn5r70ckskya4319hE-kMs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:d1:d0:87:18:24:a3:4f:ea:24:b6:cc:ad:ba:a0:76:e6:30:
57:6b:9b:9e:58:ad:20:56:51:9c:77:66:8a:a0:a1:6f:78:93:
9e:89:46:96:3e:40:69:8a:a5:7d:9f:e5:9c:85:90:65:63:2b:
39:50:c0:5a:33:69:a2:3e:74:72:a1:fc:6c:7f:8f:4c:b5:70:
a1:09:e6:b5:fb:e5:72:af:cd:a5:52:68:cc:e6:8f:64:e7:e3:
b3:b1:19:4f:d1:81:89:b6:de:ec:a6:c9:68:68:44:5d:26:b1:
5c:04:ea:34:db:88:8f:3f:6a:fb:62:ff:41:de:e1:8c:61:06:
53:43:4b:b4:76:01:e4:8c:15:e0:d5:e1:a1:93:a5:d4:4b:1e:
91:a6:de:83:5b:a1:29:f3:f2:a6:ce:47:2c:63:69:ee:cf:dd:
6e:b6:cc:ab:7f:63:8e:a0:0f:24:43:41:9e:e2:89:0b:21:f5:
ae:1f:8e:f0:1d:e0:34:72:11:4a:5a:fd:35:46:30:03:7a:f9:
00:79:0b:23:bd:8e:f5:d4:02:28:f6:fc:1b:4b:7b:04:1c:b6:
8a:11:4b:77:9d:6b:38:42:dd:9f:02:18:3a:b7:60:13:19:9a:
80:a1:66:47:11:ab:ca:90:29:d6:6a:76:f7:0c:7a:18:76:47:
cc:ef:97:ec
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU1YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
NjU0MjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBENjg4QUQ3MDlGOUFG
QkQxQzkyQzkzMjZCOERGNUY2MTEzRTkwQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHb3xJHKEivmqPGGYFY058mxcT3N52ahHT6cCv29aeP7C0ufg4
5URE8iZCqk0fOXIZ/EMaqKzZ3qw8TKqyJFd2+rjZ29f8yNeN/PsBHrVfKZA1WZxw
L6iNCVD4iN+axGUwwmxMS6YZBwcvQ0wB66T8qy4k0YHwygoc3dt5Ena+5Pd3Bomq
wIhKcXRTyx9b7mdxagJjVlfVgGwTS9niddiHxK0CK0jpeWeikKY7ijGDkMQcixN1
Rx4UTJjUR0//4z3I2KfBP8fm3kU7Ar4SE7GzI0/UJGgTb26lDLE6/KZxpVsUfiB9
oFfdnRw2f+WmxKd5JeIiEg1g0rdGz5TCVNKbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUDWiK1wn5r70ckskya4319hE+kMswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RXaUsxd241cjcwY2tz
a3lhNDMxOWhFLWtNcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAJtHQhxgko0/qJLbMrbqgduYwV2ubnlit
IFZRnHdmiqChb3iTnolGlj5AaYqlfZ/lnIWQZWMrOVDAWjNpoj50cqH8bH+PTLVw
oQnmtfvlcq/NpVJozOaPZOfjs7EZT9GBibbe7KbJaGhEXSaxXATqNNuIjz9q+2L/
Qd7hjGEGU0NLtHYB5IwV4NXhoZOl1Esekabeg1uhKfPyps5HLGNp7s/dbrbMq39j
jqAPJENBnuKJCyH1rh+O8B3gNHIRSlr9NUYwA3r5AHkLI72O9dQCKPb8G0t7BBy2
ihFLd51rOELdnwIYOrdgExmagKFmRxGrypAp1mp29wx6GHZHzO+X7A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:23 2025 by rpki-client