Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/EOsBD2gZbAydl7jAcb24cFkQf6M.roa
File: EOsBD2gZbAydl7jAcb24cFkQf6M.roa (raw, json)
Hash identifier: HOs97cSPZTy8yB+qkpjW8uPJYhBz+J9j2S20yoxOitM=
Subject key identifier: 10:EB:01:0F:68:19:6C:0C:9D:97:B8:C0:71:BD:B8:70:59:10:7F:A3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4276
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EOsBD2gZbAydl7jAcb24cFkQf6M.roa
Signing time: Wed 17 Apr 2024 04:52:59 +0000
ROA not before: Wed 17 Apr 2024 04:52:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17014 (0x4276)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 04:52:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=10EB010F68196C0C9D97B8C071BDB87059107FA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8d:50:cc:d3:89:c8:ba:9f:93:be:af:27:ea:
a7:a9:7f:e0:4b:c2:c9:87:29:88:52:7c:99:c8:23:
a9:58:f7:49:7e:e8:d2:04:66:87:3d:c9:89:0a:29:
53:4d:3b:cf:86:6f:9c:11:be:e4:b7:7a:8b:1e:5c:
61:84:94:c1:88:d1:47:f8:21:f7:7f:cb:22:40:aa:
48:43:01:4c:d8:f0:c4:0e:62:59:3b:9b:54:a0:78:
7c:70:ea:55:ff:7f:31:62:13:e3:25:28:df:9c:1b:
65:a6:2e:eb:7a:bf:e0:bf:95:25:c3:7f:c1:cb:a4:
a1:99:d1:6c:1f:92:f6:b4:a7:0d:08:98:7e:f4:aa:
7d:ca:93:b2:f5:36:1b:af:9d:8b:60:de:69:a7:95:
3e:71:b0:5d:12:8d:37:17:48:c3:94:99:dc:6a:c1:
7b:a6:90:bc:62:99:bb:b5:76:62:b5:3e:6d:df:ee:
18:6a:47:da:21:24:57:26:7a:d5:5d:fd:b0:1b:ac:
92:5e:dc:25:dc:b6:30:83:44:06:48:5d:42:45:84:
49:ee:1d:66:17:67:97:92:a3:10:66:e3:78:ff:04:
70:52:96:fa:83:dd:de:e8:55:3a:c3:48:90:7b:68:
d1:4b:f9:59:6a:d5:86:9c:5c:76:5e:68:8f:82:16:
3c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:EB:01:0F:68:19:6C:0C:9D:97:B8:C0:71:BD:B8:70:59:10:7F:A3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EOsBD2gZbAydl7jAcb24cFkQf6M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:7b:02:08:d8:e9:e0:a0:62:1d:b3:30:8e:b3:c1:81:98:5c:
37:8c:f0:81:b3:3e:e2:00:cb:0e:1e:b3:be:2d:19:1a:48:0d:
f5:52:1d:1e:36:c9:9d:fc:c9:f0:00:c3:2f:a6:ed:66:7d:8c:
64:44:01:81:23:d0:df:c0:be:b0:81:ac:72:7f:c1:7e:67:64:
20:cc:70:55:d9:94:bc:01:31:81:2c:ed:49:db:d6:68:bb:12:
fb:0b:3c:34:5f:fe:fc:09:8a:b7:7d:f3:d2:cd:06:dc:c2:fc:
2e:0d:ef:ff:11:ee:60:54:10:44:e0:51:51:34:f9:8b:f1:57:
97:6d:5f:32:29:5f:f9:46:66:d8:03:72:73:44:86:61:d4:1f:
04:8e:a6:21:ac:66:9d:72:bd:5e:42:97:f8:bc:1c:8c:e3:13:
13:03:8c:93:a5:5a:45:6b:93:3b:d0:4d:ad:4d:4a:05:0b:ab:
0d:2c:49:dc:dc:e5:58:cc:48:20:51:af:96:1d:9c:89:1a:6d:
22:d7:c5:d2:45:40:ac:85:68:90:25:8f:e0:5c:ba:55:a5:57:
ac:fd:f9:fd:18:33:7a:32:94:35:a1:ae:f2:66:8f:c6:8d:df:
f0:3c:93:d4:5e:a5:8f:6d:05:72:13:16:45:51:f8:96:75:a9:
06:a8:da:15
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQnYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
NDUyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEwRUIwMTBGNjgxOTZD
MEM5RDk3QjhDMDcxQkRCODcwNTkxMDdGQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHjVDM04nIup+Tvq8n6qepf+BLwsmHKYhSfJnII6lY90l+6NIE
Zoc9yYkKKVNNO8+Gb5wRvuS3eoseXGGElMGI0Uf4Ifd/yyJAqkhDAUzY8MQOYlk7
m1SgeHxw6lX/fzFiE+MlKN+cG2WmLut6v+C/lSXDf8HLpKGZ0Wwfkva0pw0ImH70
qn3Kk7L1NhuvnYtg3mmnlT5xsF0SjTcXSMOUmdxqwXumkLximbu1dmK1Pm3f7hhq
R9ohJFcmetVd/bAbrJJe3CXctjCDRAZIXUJFhEnuHWYXZ5eSoxBm43j/BHBSlvqD
3d7oVTrDSJB7aNFL+Vlq1YacXHZeaI+CFjxBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUEOsBD2gZbAydl7jAcb24cFkQf6MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0VPc0JEMmdaYkF5ZGw3
akFjYjI0Y0ZrUWY2TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAh3sCCNjp4KBiHbMwjrPBgZhcN4zwgbM+
4gDLDh6zvi0ZGkgN9VIdHjbJnfzJ8ADDL6btZn2MZEQBgSPQ38C+sIGscn/Bfmdk
IMxwVdmUvAExgSztSdvWaLsS+ws8NF/+/AmKt33z0s0G3ML8Lg3v/xHuYFQQROBR
UTT5i/FXl21fMilf+UZm2ANyc0SGYdQfBI6mIaxmnXK9XkKX+LwcjOMTEwOMk6Va
RWuTO9BNrU1KBQurDSxJ3NzlWMxIIFGvlh2ciRptItfF0kVArIVokCWP4Fy6VaVX
rP35/RgzejKUNaGu8maPxo3f8DyT1F6lj20FchMWRVH4lnWpBqjaFQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:40 2025 by rpki-client