Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KZ5d4WXxSywRzQgbrY63_RaB9y0.roa
File: KZ5d4WXxSywRzQgbrY63_RaB9y0.roa (raw, json)
Hash identifier: gU3Vnc7r742JU/KDZ7IkmtpzqnMuFh+otxBm870Gmro=
Subject key identifier: 29:9E:5D:E1:65:F1:4B:2C:11:CD:08:1B:AD:8E:B7:FD:16:81:F7:2D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F52
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KZ5d4WXxSywRzQgbrY63_RaB9y0.roa
Signing time: Sat 04 May 2024 08:23:59 +0000
ROA not before: Sat 04 May 2024 08:23:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20306 (0x4f52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 08:23:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=299E5DE165F14B2C11CD081BAD8EB7FD1681F72D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8f:de:8d:d1:19:f8:aa:aa:fc:0e:e8:3d:23:
6a:ba:b1:a8:31:d0:80:03:df:cf:ef:f3:11:93:e8:
f7:d8:2f:00:e6:3d:41:0c:53:ba:08:51:cc:37:d8:
8c:71:52:9d:a5:63:77:aa:8a:b8:1a:4e:2f:99:22:
74:a5:46:bf:61:83:97:4b:ca:a4:b8:25:d7:f4:74:
c1:91:9a:4a:03:51:92:6f:f0:7c:89:50:4f:25:6f:
90:b2:dd:09:72:eb:d5:31:33:84:52:03:00:24:6e:
cf:f5:68:cb:03:39:d3:f7:34:b0:f8:13:fc:2c:50:
05:33:04:ea:63:da:d5:93:67:68:69:33:1e:79:40:
6b:92:89:b1:b0:0e:56:4c:eb:b6:94:f2:52:33:aa:
e9:8f:12:5e:29:11:0f:d7:32:3c:30:4b:4b:e4:3f:
7b:9f:17:ef:f4:31:57:10:fe:ab:11:37:b7:c4:1e:
3a:76:02:0a:d6:df:a8:46:20:10:08:09:de:8f:1c:
e9:5c:91:f2:b8:2e:91:50:55:81:87:31:58:aa:61:
75:84:0f:ec:59:95:9f:f7:f3:9f:66:34:a7:31:eb:
34:92:d2:65:30:80:b5:7c:f3:87:03:60:d0:51:60:
b7:be:97:22:65:3e:b7:f4:3c:29:ba:77:62:94:c9:
c5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9E:5D:E1:65:F1:4B:2C:11:CD:08:1B:AD:8E:B7:FD:16:81:F7:2D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KZ5d4WXxSywRzQgbrY63_RaB9y0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:45:e7:00:ef:0e:c3:89:2e:24:32:ac:0b:52:34:17:53:e0:
09:9c:d7:63:44:a3:75:77:a6:13:c5:65:33:3e:b6:6f:aa:30:
ff:f2:24:35:59:72:93:e4:39:82:e3:a6:69:8f:ae:d2:05:ce:
47:78:16:aa:92:b0:d1:43:50:f6:19:35:4b:e6:01:ca:38:01:
88:44:42:f2:cb:2c:81:2c:e4:6a:e2:76:14:b8:94:d2:d7:6b:
cc:bb:7c:3d:f7:b7:ed:83:9c:fe:52:89:ba:82:3f:32:77:5f:
ce:18:41:e0:72:c9:d5:6a:18:e8:7d:7d:f8:af:ee:46:55:8c:
70:50:82:87:8a:de:50:0a:89:ef:e1:18:f5:83:3c:44:b4:50:
55:cc:44:28:81:ae:cf:71:fa:67:c5:44:db:30:32:e3:90:74:
82:c1:1e:f1:cd:fb:9a:18:86:6c:0f:a6:7e:ac:5e:71:07:5c:
9f:2b:b1:1a:8c:59:f7:84:eb:d5:c4:42:02:1e:68:5c:90:a1:
74:63:f4:54:1d:3d:90:bb:84:19:74:f1:fe:ae:68:76:ae:d7:
06:88:da:20:71:87:2a:39:6e:53:6a:85:48:b1:00:08:45:3d:
72:16:4a:f1:f9:63:88:bd:db:87:a5:d9:53:9a:73:37:6e:7e:
c7:4e:f8:6b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICT1IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQw
ODIzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5OUU1REUxNjVGMTRC
MkMxMUNEMDgxQkFEOEVCN0ZEMTY4MUY3MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaj96N0Rn4qqr8Dug9I2q6sagx0IAD38/v8xGT6PfYLwDmPUEM
U7oIUcw32IxxUp2lY3eqirgaTi+ZInSlRr9hg5dLyqS4Jdf0dMGRmkoDUZJv8HyJ
UE8lb5Cy3Qly69UxM4RSAwAkbs/1aMsDOdP3NLD4E/wsUAUzBOpj2tWTZ2hpMx55
QGuSibGwDlZM67aU8lIzqumPEl4pEQ/XMjwwS0vkP3ufF+/0MVcQ/qsRN7fEHjp2
AgrW36hGIBAICd6PHOlckfK4LpFQVYGHMViqYXWED+xZlZ/3859mNKcx6zSS0mUw
gLV884cDYNBRYLe+lyJlPrf0PCm6d2KUycUZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKZ5d4WXxSywRzQgbrY63/RaB9y0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0taNWQ0V1h4U3l3UnpR
Z2JyWTYzX1JhQjl5MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEALUXnAO8Ow4kuJDKsC1I0F1PgCZzXY0Sj
dXemE8VlMz62b6ow//IkNVlyk+Q5guOmaY+u0gXOR3gWqpKw0UNQ9hk1S+YByjgB
iERC8sssgSzkauJ2FLiU0tdrzLt8Pfe37YOc/lKJuoI/MndfzhhB4HLJ1WoY6H19
+K/uRlWMcFCCh4reUAqJ7+EY9YM8RLRQVcxEKIGuz3H6Z8VE2zAy45B0gsEe8c37
mhiGbA+mfqxecQdcnyuxGoxZ94Tr1cRCAh5oXJChdGP0VB09kLuEGXTx/q5odq7X
BojaIHGHKjluU2qFSLEACEU9chZK8fljiL3bh6XZU5pzN25+x074aw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:13 2025 by rpki-client