Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MCO4cGQfn3qlZuK2FCCeLMiY1FA.roa
File: MCO4cGQfn3qlZuK2FCCeLMiY1FA.roa (raw, json)
Hash identifier: YeNb+upOkJrGJshQkmFtQS9TmonB5ikasRdIVqBs2TA=
Subject key identifier: 30:23:B8:70:64:1F:9F:7A:A5:66:E2:B6:14:20:9E:2C:C8:98:D4:50
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 32F2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MCO4cGQfn3qlZuK2FCCeLMiY1FA.roa
Signing time: Wed 27 Mar 2024 12:22:10 +0000
ROA not before: Wed 27 Mar 2024 12:22:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13042 (0x32f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 12:22:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3023B870641F9F7AA566E2B614209E2CC898D450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:59:47:91:df:2d:23:d6:1d:7b:4e:3c:b2:cd:
b6:e7:80:a5:55:9d:12:73:57:34:2e:78:36:1d:0e:
f9:b5:6c:11:51:ff:fc:bb:70:88:00:f5:d0:6d:1a:
40:86:44:1c:36:48:b6:12:4f:6f:d5:74:eb:95:b1:
4c:f0:cd:a8:6e:72:bf:98:43:82:12:7b:d6:d8:89:
dd:ff:8d:10:ca:0d:14:eb:7f:f1:c3:7d:08:75:47:
d3:e9:21:12:b7:40:e0:a9:b6:e7:93:ee:b6:27:39:
66:6d:0e:e0:cb:81:45:ec:5b:19:42:7a:8c:b5:de:
c3:d6:01:81:1d:91:fd:3b:33:cb:a8:61:b1:4c:33:
60:b6:a0:98:61:43:56:90:5f:44:03:24:2a:5d:2c:
a8:4a:fc:b6:3a:08:9a:d4:77:fe:20:d4:23:94:a7:
41:90:71:63:d0:4f:59:4e:65:2c:2a:00:b0:42:36:
fb:3c:ee:36:39:5e:1b:91:3c:c3:71:08:b0:93:d8:
5a:09:02:d1:bd:8e:c5:27:2f:dd:f4:62:08:bb:3b:
55:4a:5f:77:fb:13:33:1e:e4:85:8f:44:6b:e8:cc:
28:6b:78:ea:b4:70:ad:d9:4d:a0:fc:99:09:e5:a0:
c0:c7:93:a2:49:85:7d:d7:44:32:4a:6a:d1:9c:94:
d1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:23:B8:70:64:1F:9F:7A:A5:66:E2:B6:14:20:9E:2C:C8:98:D4:50
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MCO4cGQfn3qlZuK2FCCeLMiY1FA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:e7:cf:ff:a6:e2:b6:9c:be:4e:22:b4:42:f8:09:b5:1b:2d:
9a:3f:8f:86:f6:d9:7e:30:cb:cd:a8:a2:ca:b2:ee:7a:1f:c8:
cc:7d:89:d7:13:aa:a4:ae:90:bc:93:a7:cb:ed:2c:f1:d4:0b:
e9:30:67:09:fd:ba:34:1b:54:47:94:4e:7a:28:10:e7:0b:ae:
5e:c9:22:05:77:0e:a1:ef:e1:6e:5a:a0:c4:b6:40:31:a4:70:
bd:a3:7a:87:27:8c:ef:a7:e3:bc:8a:ad:07:b2:7f:ee:2d:58:
7a:05:02:a8:c9:5d:74:e6:58:33:6f:25:d4:e3:c5:1b:61:f3:
c0:93:d7:d6:4d:3a:ad:fb:66:37:da:3c:ac:74:8f:df:d0:a4:
6d:df:b5:61:31:e1:c4:64:ed:59:5b:7c:b7:3c:e3:c5:f8:61:
54:6b:85:de:a7:f9:f7:22:ad:9a:95:41:5a:7f:32:7e:fd:61:
c6:7a:25:c7:6f:2e:8a:1f:69:e3:ff:ce:0f:57:33:62:2f:f2:
d4:59:b1:97:d8:54:7b:43:89:b1:70:fb:f2:e5:ac:50:90:fa:
6d:42:09:ff:83:95:7e:2b:8f:81:1e:d7:c8:5d:15:e0:3e:39:
9a:6c:b9:a8:95:d2:d8:07:38:e3:a8:b3:e0:45:ba:12:3f:49:
c0:a5:49:c3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICMvIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
MjIyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMwMjNCODcwNjQxRjlG
N0FBNTY2RTJCNjE0MjA5RTJDQzg5OEQ0NTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSWUeR3y0j1h17TjyyzbbngKVVnRJzVzQueDYdDvm1bBFR//y7
cIgA9dBtGkCGRBw2SLYST2/VdOuVsUzwzahucr+YQ4ISe9bYid3/jRDKDRTrf/HD
fQh1R9PpIRK3QOCptueT7rYnOWZtDuDLgUXsWxlCeoy13sPWAYEdkf07M8uoYbFM
M2C2oJhhQ1aQX0QDJCpdLKhK/LY6CJrUd/4g1COUp0GQcWPQT1lOZSwqALBCNvs8
7jY5XhuRPMNxCLCT2FoJAtG9jsUnL930Ygi7O1VKX3f7EzMe5IWPRGvozChreOq0
cK3ZTaD8mQnloMDHk6JJhX3XRDJKatGclNGpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUMCO4cGQfn3qlZuK2FCCeLMiY1FAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01DTzRjR1FmbjNxbFp1
SzJGQ0NlTE1pWTFGQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAg+fP/6bitpy+TiK0QvgJtRstmj+PhvbZ
fjDLzaiiyrLueh/IzH2J1xOqpK6QvJOny+0s8dQL6TBnCf26NBtUR5ROeigQ5wuu
XskiBXcOoe/hblqgxLZAMaRwvaN6hyeM76fjvIqtB7J/7i1YegUCqMlddOZYM28l
1OPFG2HzwJPX1k06rftmN9o8rHSP39Ckbd+1YTHhxGTtWVt8tzzjxfhhVGuF3qf5
9yKtmpVBWn8yfv1hxnolx28uih9p4//OD1czYi/y1Fmxl9hUe0OJsXD78uWsUJD6
bUIJ/4OVfiuPgR7XyF0V4D45mmy5qJXS2Ac446iz4EW6Ej9JwKVJww==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:18 2025 by rpki-client