Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KePalxonEABBvteBWW6kYCHmhTE.roa
File: KePalxonEABBvteBWW6kYCHmhTE.roa (raw, json)
Hash identifier: kSvZyAolTR/2c1qj7sk6LFQUo1piksH4OFei3oISQMI=
Subject key identifier: 29:E3:DA:97:1A:27:10:00:41:BE:D7:81:59:6E:A4:60:21:E6:85:31
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3462
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KePalxonEABBvteBWW6kYCHmhTE.roa
Signing time: Fri 29 Mar 2024 10:22:04 +0000
ROA not before: Fri 29 Mar 2024 10:22:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13410 (0x3462)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 10:22:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=29E3DA971A27100041BED781596EA46021E68531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d5:71:10:6e:c8:8b:33:0f:57:3c:c4:7f:3e:
0a:ce:21:f9:85:6b:20:2f:e4:82:a0:91:20:03:c9:
2f:0f:58:de:65:00:a6:3b:2f:b6:2e:42:81:6d:4e:
15:fe:d9:fd:cc:ca:94:14:a4:5d:9f:aa:8d:7e:70:
e6:db:fe:62:70:e5:03:46:91:ee:49:5e:8f:16:5c:
35:6a:7a:40:a1:6a:22:19:9f:a6:1e:5f:1d:18:2d:
ff:ea:85:d2:67:ab:44:94:c6:5a:f0:43:c5:d0:07:
b4:77:bd:60:4a:09:2a:05:e9:bf:6d:58:d4:9d:3b:
21:2f:d3:d0:0c:5d:b0:75:2b:16:9d:d1:c9:65:e3:
3a:06:3e:6a:1c:d0:d7:a6:fa:dc:7d:1a:ff:55:dc:
27:20:60:5d:a0:08:83:f2:cc:f1:ba:f3:92:f1:54:
8f:ad:0e:42:ba:ce:e1:2e:21:25:66:85:66:c3:af:
7d:61:63:c3:20:ac:ed:94:3a:9a:90:ae:71:83:cb:
df:c9:c4:f1:57:06:8d:d5:3b:fd:f2:77:e0:4c:13:
10:0b:64:06:ae:b0:d7:d7:1f:ff:de:09:d9:03:6a:
8b:94:79:c2:1a:9f:4c:10:8d:b8:ac:38:c0:a8:c0:
76:db:9b:a4:0b:cc:86:13:69:6e:46:0b:71:2a:16:
46:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E3:DA:97:1A:27:10:00:41:BE:D7:81:59:6E:A4:60:21:E6:85:31
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KePalxonEABBvteBWW6kYCHmhTE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:1a:ed:5b:c9:c3:19:dc:58:18:6e:a9:d9:0c:c6:35:8e:79:
2f:60:4e:97:c2:dc:a1:7b:4c:0e:57:4f:9e:59:51:11:9d:4b:
cb:a4:3c:d4:ef:de:b0:cf:7b:6f:31:11:c8:a4:1e:03:bc:92:
36:1c:3a:5a:2c:d6:95:d8:a2:f3:10:32:cd:c1:8d:7e:68:19:
67:b6:c5:b6:a6:b9:74:5f:ed:d9:83:62:ff:bf:fe:8d:6b:de:
93:4c:c1:eb:07:c1:b5:32:77:07:4d:51:73:0d:9c:49:18:eb:
b9:49:be:60:b9:a9:14:57:da:6b:e3:89:96:fe:be:dc:fc:14:
b8:b1:98:83:ee:70:d2:4f:30:5d:3d:63:74:06:fb:59:e6:3e:
cc:b5:94:9d:53:98:f4:70:30:69:2a:5e:18:62:63:68:42:23:
7d:87:7f:c8:92:e9:52:ce:a7:44:6b:12:19:41:56:98:b4:35:
a0:17:dd:49:80:c6:b1:3e:2b:d9:d2:a9:9a:a7:23:28:64:92:
41:cb:d8:a2:60:df:2c:61:fc:a6:02:1a:bd:d2:1e:5c:84:dd:
64:6f:63:c6:04:19:68:5b:36:c5:a3:84:74:85:7a:33:fc:51:
ec:77:66:3d:2d:1f:b5:45:cc:d9:0c:0d:a3:70:fc:83:0a:60:
ef:17:b9:1c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNGIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkx
MDIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5RTNEQTk3MUEyNzEw
MDA0MUJFRDc4MTU5NkVBNDYwMjFFNjg1MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDY1XEQbsiLMw9XPMR/PgrOIfmFayAv5IKgkSADyS8PWN5lAKY7
L7YuQoFtThX+2f3MypQUpF2fqo1+cObb/mJw5QNGke5JXo8WXDVqekChaiIZn6Ye
Xx0YLf/qhdJnq0SUxlrwQ8XQB7R3vWBKCSoF6b9tWNSdOyEv09AMXbB1Kxad0cll
4zoGPmoc0Nem+tx9Gv9V3CcgYF2gCIPyzPG685LxVI+tDkK6zuEuISVmhWbDr31h
Y8MgrO2UOpqQrnGDy9/JxPFXBo3VO/3yd+BMExALZAausNfXH//eCdkDaouUecIa
n0wQjbisOMCowHbbm6QLzIYTaW5GC3EqFkbNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKePalxonEABBvteBWW6kYCHmhTEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tlUGFseG9uRUFCQnZ0
ZUJXVzZrWUNIbWhURS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAVRrtW8nDGdxYGG6p2QzGNY55L2BOl8Lc
oXtMDldPnllREZ1Ly6Q81O/esM97bzERyKQeA7ySNhw6WizWldii8xAyzcGNfmgZ
Z7bFtqa5dF/t2YNi/7/+jWvek0zB6wfBtTJ3B01Rcw2cSRjruUm+YLmpFFfaa+OJ
lv6+3PwUuLGYg+5w0k8wXT1jdAb7WeY+zLWUnVOY9HAwaSpeGGJjaEIjfYd/yJLp
Us6nRGsSGUFWmLQ1oBfdSYDGsT4r2dKpmqcjKGSSQcvYomDfLGH8pgIavdIeXITd
ZG9jxgQZaFs2xaOEdIV6M/xR7HdmPS0ftUXM2QwNo3D8gwpg7xe5HA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:51 2025 by rpki-client