Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LW734qIqOnw-bwFA4GIGwrOYt3M.roa
File: LW734qIqOnw-bwFA4GIGwrOYt3M.roa (raw, json)
Hash identifier: winEyyS++YNoJFwzJYjGGqkcQWGGp/yKFa4X+9YZs6c=
Subject key identifier: 2D:6E:F7:E2:A2:2A:3A:7C:3E:6F:01:40:E0:62:06:C2:B3:98:B7:73
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 570A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LW734qIqOnw-bwFA4GIGwrOYt3M.roa
Signing time: Tue 14 May 2024 15:24:09 +0000
ROA not before: Tue 14 May 2024 15:24:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22282 (0x570a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 15:24:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2D6EF7E2A22A3A7C3E6F0140E06206C2B398B773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:5d:32:74:49:4d:48:fb:d5:4b:df:7e:7f:3d:
e2:93:fa:7c:88:3e:9f:48:f4:d4:2e:45:2f:e2:34:
9e:5e:76:8c:d0:49:af:ae:37:d5:02:19:8f:7c:93:
47:be:be:90:2b:13:07:96:9c:c2:bb:05:1e:ef:67:
cc:52:fa:4c:da:bc:cc:d6:b1:57:a0:fd:ce:90:6f:
4a:c4:97:62:03:f0:00:79:a8:a5:eb:8c:a6:01:e6:
9c:d3:42:dc:3d:fb:81:cf:6d:cd:45:b3:9f:ba:36:
da:c5:5e:67:3e:e1:ba:a1:52:32:92:58:a6:10:97:
9d:bb:82:d8:02:28:fd:1f:71:be:70:9f:bb:2d:6d:
30:43:72:2b:c0:5b:58:35:cf:82:48:b8:c1:51:9b:
71:66:03:a8:2e:3b:fe:88:1a:b4:e1:9b:f9:d1:f2:
38:7c:99:0a:07:05:fe:56:7f:85:b7:35:f6:8d:c6:
22:7d:00:56:3d:e0:01:b9:46:18:21:1f:c1:bf:ed:
8d:da:c5:86:16:c2:36:5d:1e:ff:9d:52:d0:bc:54:
d0:95:e9:a1:85:a2:83:dd:ce:bd:94:3e:9b:fa:d9:
9d:9f:b5:63:6a:38:8b:4f:77:1f:a3:dc:42:2f:b8:
30:80:d2:b2:6d:e8:66:8f:c9:8b:d9:cb:22:46:9a:
40:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:6E:F7:E2:A2:2A:3A:7C:3E:6F:01:40:E0:62:06:C2:B3:98:B7:73
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LW734qIqOnw-bwFA4GIGwrOYt3M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:85:6c:98:14:f6:d6:ad:db:d0:a3:ae:90:bb:42:46:97:cc:
b4:e2:72:7d:e6:84:8a:85:c7:9c:8d:ae:23:20:3b:20:af:69:
fc:4e:79:75:a8:88:0e:22:59:fd:bd:5d:6b:26:92:4f:50:e8:
38:cd:38:c3:97:dc:74:c8:52:44:24:37:ab:dd:28:a8:54:94:
22:49:eb:ce:fb:ff:7d:0f:86:3c:40:08:50:1e:d0:47:d5:5d:
55:8d:51:83:29:86:a8:78:81:de:0d:32:ce:bd:32:65:93:49:
41:10:38:e3:42:81:01:7a:55:ca:fb:c9:77:ec:58:b3:c5:e1:
60:04:52:20:61:7f:bc:c8:54:fb:dd:c4:57:4d:81:00:b3:90:
45:19:96:fb:1f:02:2b:49:f2:2b:02:54:47:fe:1d:12:0d:f8:
7a:9f:cf:9f:a0:ea:b2:34:34:61:9f:0a:b5:f6:4d:e3:43:82:
60:a9:bc:11:bc:bd:43:77:21:64:98:df:8f:6b:ee:b8:1d:c0:
38:0c:84:b1:23:e9:eb:b1:21:7b:b0:3f:01:65:40:4a:0c:50:
46:8b:98:4f:b4:03:87:3a:3b:e8:12:13:16:cb:f9:27:99:10:
78:e0:ea:12:9f:e0:40:64:03:5f:64:81:87:95:2f:70:88:ed:
43:fa:b5:b0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVwowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQx
NTI0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJENkVGN0UyQTIyQTNB
N0MzRTZGMDE0MEUwNjIwNkMyQjM5OEI3NzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIXTJ0SU1I+9VL335/PeKT+nyIPp9I9NQuRS/iNJ5edozQSa+u
N9UCGY98k0e+vpArEweWnMK7BR7vZ8xS+kzavMzWsVeg/c6Qb0rEl2ID8AB5qKXr
jKYB5pzTQtw9+4HPbc1Fs5+6NtrFXmc+4bqhUjKSWKYQl527gtgCKP0fcb5wn7st
bTBDcivAW1g1z4JIuMFRm3FmA6guO/6IGrThm/nR8jh8mQoHBf5Wf4W3NfaNxiJ9
AFY94AG5RhghH8G/7Y3axYYWwjZdHv+dUtC8VNCV6aGFooPdzr2UPpv62Z2ftWNq
OItPdx+j3EIvuDCA0rJt6GaPyYvZyyJGmkAJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULW734qIqOnw+bwFA4GIGwrOYt3MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xXNzM0cUlxT253LWJ3
RkE0R0lHd3JPWXQzTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAc4VsmBT21q3b0KOukLtCRpfMtOJyfeaE
ioXHnI2uIyA7IK9p/E55daiIDiJZ/b1dayaST1DoOM04w5fcdMhSRCQ3q90oqFSU
Iknrzvv/fQ+GPEAIUB7QR9VdVY1RgymGqHiB3g0yzr0yZZNJQRA440KBAXpVyvvJ
d+xYs8XhYARSIGF/vMhU+93EV02BALOQRRmW+x8CK0nyKwJUR/4dEg34ep/Pn6Dq
sjQ0YZ8KtfZN40OCYKm8Eby9Q3chZJjfj2vuuB3AOAyEsSPp67Ehe7A/AWVASgxQ
RouYT7QDhzo76BITFsv5J5kQeODqEp/gQGQDX2SBh5UvcIjtQ/q1sA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:23 2025 by rpki-client