Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MoDiAGcPl92lcwvNpNFy3PyisMQ.roa
File: MoDiAGcPl92lcwvNpNFy3PyisMQ.roa (raw, json)
Hash identifier: lBTErQT6YzB3qPv2AYg4nDnIqjN++SOJuWH4zyqkXmA=
Subject key identifier: 32:80:E2:00:67:0F:97:DD:A5:73:0B:CD:A4:D1:72:DC:FC:A2:B0:C4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3EA2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MoDiAGcPl92lcwvNpNFy3PyisMQ.roa
Signing time: Fri 12 Apr 2024 02:22:49 +0000
ROA not before: Fri 12 Apr 2024 02:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16034 (0x3ea2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 02:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3280E200670F97DDA5730BCDA4D172DCFCA2B0C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5b:6c:11:3d:3c:44:d0:c7:56:79:1f:a5:e3:
37:4e:0f:9d:dc:c8:a7:c3:b4:f2:37:d9:3a:f0:62:
4a:f1:4f:16:dd:10:24:ac:89:55:f7:5e:2c:73:5c:
aa:2b:46:df:58:af:9c:41:b8:0a:3e:06:3d:26:ab:
5a:ae:69:df:34:e9:04:b4:ef:cb:3d:08:84:f9:d1:
d4:dd:bc:75:d3:64:f0:13:82:1d:2f:cf:3d:1c:3c:
f0:ae:2f:5d:3c:21:e0:7b:09:3b:f6:ce:65:30:09:
f6:13:1e:87:a1:cb:9f:6d:23:5f:d9:ce:bb:bd:6c:
93:a2:c8:4a:a0:e7:20:51:24:31:f5:66:91:43:1a:
72:34:0f:da:cf:c6:7d:d8:bf:cc:75:58:1a:50:21:
70:7d:6f:33:db:b7:ea:6e:86:5a:f1:15:95:7c:49:
b6:b7:ff:47:a7:9e:78:f4:a0:f4:fd:82:5a:e3:a2:
80:f1:5a:c8:22:86:b6:ad:ad:13:09:dc:53:e3:ab:
0a:f7:66:d7:5e:e7:b7:5c:de:c3:3b:33:c5:79:e5:
39:3e:bc:f9:d2:72:4a:e8:2d:72:11:a4:f4:c2:39:
14:dd:c1:f0:45:83:6e:23:ac:39:f0:a5:8f:34:b8:
e3:03:9b:20:40:6d:09:3e:c0:b1:36:4d:7e:18:32:
05:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:80:E2:00:67:0F:97:DD:A5:73:0B:CD:A4:D1:72:DC:FC:A2:B0:C4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MoDiAGcPl92lcwvNpNFy3PyisMQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:94:38:4f:4d:99:77:ee:48:6b:ac:e9:07:89:3c:42:01:92:
c0:eb:ce:fd:6b:1b:a6:86:e0:43:e0:69:9d:77:51:00:5b:f9:
27:a2:ed:cf:00:70:38:26:08:e4:8d:24:44:10:88:71:b9:6e:
3b:64:41:7d:2d:78:7a:f1:db:7b:7a:8c:aa:2c:05:e7:51:a2:
a5:73:c6:90:e4:b2:07:72:88:72:98:5c:c4:bc:9b:b2:16:a2:
7f:17:a8:f1:21:7d:90:f6:29:a9:a2:d2:53:c0:40:2c:79:88:
6b:c2:7e:63:f4:ee:60:86:8c:cf:07:7b:6e:d7:78:d5:e2:cf:
a1:8b:de:45:3a:5f:60:57:da:c0:73:6e:40:cd:aa:27:1c:d0:
35:23:48:cf:d2:73:4c:26:43:53:46:98:a4:49:e0:52:90:71:
d1:b1:86:db:c8:6d:55:d6:59:e8:8b:e3:df:07:cd:6f:33:69:
bb:d2:42:11:c6:7d:a1:11:b6:89:84:55:90:4d:59:10:53:2f:
36:40:8c:84:78:ca:ed:3f:27:11:68:74:7b:43:22:1a:4b:bc:
dc:5a:c4:2f:bb:9f:0c:7f:80:71:36:d6:13:00:cd:64:13:7f:
c9:22:e1:d0:c9:f8:de:d4:b8:43:ed:d2:5d:d6:ce:ad:ac:29:
b3:54:1f:a2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPqIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIw
MjIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMyODBFMjAwNjcwRjk3
RERBNTczMEJDREE0RDE3MkRDRkNBMkIwQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCXW2wRPTxE0MdWeR+l4zdOD53cyKfDtPI32TrwYkrxTxbdECSs
iVX3XixzXKorRt9Yr5xBuAo+Bj0mq1quad806QS078s9CIT50dTdvHXTZPATgh0v
zz0cPPCuL108IeB7CTv2zmUwCfYTHoehy59tI1/Zzru9bJOiyEqg5yBRJDH1ZpFD
GnI0D9rPxn3Yv8x1WBpQIXB9bzPbt+puhlrxFZV8Sba3/0ennnj0oPT9glrjooDx
WsgihratrRMJ3FPjqwr3Ztde57dc3sM7M8V55Tk+vPnSckroLXIRpPTCORTdwfBF
g24jrDnwpY80uOMDmyBAbQk+wLE2TX4YMgU/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUMoDiAGcPl92lcwvNpNFy3PyisMQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01vRGlBR2NQbDkybGN3
dk5wTkZ5M1B5aXNNUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAPJQ4T02Zd+5Ia6zpB4k8QgGSwOvO/Wsb
pobgQ+BpnXdRAFv5J6LtzwBwOCYI5I0kRBCIcbluO2RBfS14evHbe3qMqiwF51Gi
pXPGkOSyB3KIcphcxLybshaifxeo8SF9kPYpqaLSU8BALHmIa8J+Y/TuYIaMzwd7
btd41eLPoYveRTpfYFfawHNuQM2qJxzQNSNIz9JzTCZDU0aYpEngUpBx0bGG28ht
VdZZ6Ivj3wfNbzNpu9JCEcZ9oRG2iYRVkE1ZEFMvNkCMhHjK7T8nEWh0e0MiGku8
3FrEL7ufDH+AcTbWEwDNZBN/ySLh0Mn43tS4Q+3SXdbOrawps1Qfog==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:09:39 2025 by rpki-client