Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/JQFxXA5ftta7e5VfDwxGciyvsWk.roa
File: JQFxXA5ftta7e5VfDwxGciyvsWk.roa (raw, json)
Hash identifier: 0BzxQoWMXOlV4Vwq0jPQSDb0AEx452L8IKERxxCfgkw=
Subject key identifier: 25:01:71:5C:0E:5F:B6:D6:BB:7B:95:5F:0F:0C:46:72:2C:AF:B1:69
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4032
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JQFxXA5ftta7e5VfDwxGciyvsWk.roa
Signing time: Sun 14 Apr 2024 04:22:51 +0000
ROA not before: Sun 14 Apr 2024 04:22:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16434 (0x4032)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 04:22:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2501715C0E5FB6D6BB7B955F0F0C46722CAFB169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f2:5d:06:24:00:6e:ae:e8:1b:76:13:f9:38:
49:f5:7b:a3:ab:b5:ca:53:61:58:ca:fe:81:10:94:
45:d6:44:b0:9d:da:f8:22:5a:f7:70:53:02:e4:f0:
88:63:1e:62:82:48:31:73:8e:30:cc:41:73:44:a6:
93:e8:02:97:cc:36:41:cf:e6:3c:11:bb:4b:37:5d:
26:09:60:4c:9b:9a:5d:c5:03:c7:3b:cc:87:a3:4b:
a7:be:1c:9d:0a:49:cd:2e:a6:6d:e3:a5:28:fe:0a:
f5:37:e8:e9:8e:e5:f2:ac:08:89:f8:e5:5f:78:ee:
0d:04:7e:19:2f:ab:3b:fe:1f:c0:5a:5e:4e:59:e8:
44:1a:7f:da:65:8e:d6:09:c0:1a:9d:9b:96:d9:46:
81:96:f2:34:c7:15:76:2b:95:fc:ae:2a:44:a7:e3:
37:a0:b3:50:ea:ad:8e:d7:3f:89:6f:ed:2a:46:e6:
ef:62:5d:6c:62:10:1d:52:69:42:48:a9:75:e9:f7:
3d:31:d5:1f:87:ec:23:0f:75:1f:fb:ae:c4:ef:2e:
f2:af:8c:98:b1:80:e1:dc:40:e1:b2:7d:bc:0c:b9:
54:79:ca:04:5a:f9:9c:c5:64:12:55:4d:c9:2c:82:
39:8d:61:d2:1f:b6:f9:16:43:6a:c8:b3:f3:20:79:
4f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:01:71:5C:0E:5F:B6:D6:BB:7B:95:5F:0F:0C:46:72:2C:AF:B1:69
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JQFxXA5ftta7e5VfDwxGciyvsWk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
10:d8:31:9e:7c:e8:55:3f:0d:db:63:c6:90:22:92:c3:6c:14:
0e:56:a9:d4:bd:64:1a:f7:71:93:98:79:83:df:17:9e:b4:83:
cb:2b:8f:ec:74:98:b2:f5:5e:03:ba:c7:09:e1:30:3b:37:46:
08:e4:65:b0:05:8a:a8:cb:75:29:6b:0c:fc:35:94:e1:b2:53:
4d:29:81:72:9f:50:8e:d6:27:bc:b9:c2:eb:c6:c8:22:5c:46:
dd:12:03:88:ef:05:e0:67:3d:24:ce:79:6c:8c:11:91:c0:2e:
8f:09:f9:91:2a:ee:58:36:6c:4e:f2:49:34:fe:6c:0c:34:ce:
68:c8:70:9f:bd:74:c1:be:d6:c9:4b:fe:f8:e0:3d:9a:70:7b:
44:d4:b9:ca:ef:29:24:0f:e2:f2:c4:60:06:ea:c9:0d:71:7c:
a2:9e:46:4e:41:75:f6:7e:68:36:61:7d:b8:65:d6:cf:4d:13:
cb:ea:e4:56:86:4f:0a:ee:e0:7e:15:27:86:25:36:b0:f7:d2:
ed:5d:88:04:24:87:c7:f5:1f:19:ac:94:96:06:f5:ed:1d:2c:
fa:ac:d6:55:be:c5:9d:62:56:a9:06:d4:a2:b1:f1:ee:92:e4:
01:dc:53:fc:7a:a6:c9:24:7e:4c:bd:74:7b:4e:15:0a:2b:a5:
b7:f3:a3:30
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQDIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
NDIyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI1MDE3MTVDMEU1RkI2
RDZCQjdCOTU1RjBGMEM0NjcyMkNBRkIxNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv8l0GJABurugbdhP5OEn1e6OrtcpTYVjK/oEQlEXWRLCd2vgi
WvdwUwLk8IhjHmKCSDFzjjDMQXNEppPoApfMNkHP5jwRu0s3XSYJYEybml3FA8c7
zIejS6e+HJ0KSc0upm3jpSj+CvU36OmO5fKsCIn45V947g0Efhkvqzv+H8BaXk5Z
6EQaf9pljtYJwBqdm5bZRoGW8jTHFXYrlfyuKkSn4zegs1DqrY7XP4lv7SpG5u9i
XWxiEB1SaUJIqXXp9z0x1R+H7CMPdR/7rsTvLvKvjJixgOHcQOGyfbwMuVR5ygRa
+ZzFZBJVTcksgjmNYdIftvkWQ2rIs/MgeU/ZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUJQFxXA5ftta7e5VfDwxGciyvsWkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0pRRnhYQTVmdHRhN2U1
VmZEd3hHY2l5dnNXay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAENgxnnzoVT8N22PGkCKSw2wUDlap1L1k
Gvdxk5h5g98XnrSDyyuP7HSYsvVeA7rHCeEwOzdGCORlsAWKqMt1KWsM/DWU4bJT
TSmBcp9QjtYnvLnC68bIIlxG3RIDiO8F4Gc9JM55bIwRkcAujwn5kSruWDZsTvJJ
NP5sDDTOaMhwn710wb7WyUv++OA9mnB7RNS5yu8pJA/i8sRgBurJDXF8op5GTkF1
9n5oNmF9uGXWz00Ty+rkVoZPCu7gfhUnhiU2sPfS7V2IBCSHx/UfGayUlgb17R0s
+qzWVb7FnWJWqQbUorHx7pLkAdxT/HqmySR+TL10e04VCiult/OjMA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:07 2025 by rpki-client