Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OCN8VRg2ZEAeLnHDRJbtO9xSjtg.roa
File: OCN8VRg2ZEAeLnHDRJbtO9xSjtg.roa (raw, json)
Hash identifier: SJQk6kJUpVxa2V3fVSjvYmap4fWIYuiLgzEUyvIwrmc=
Subject key identifier: 38:23:7C:55:18:36:64:40:1E:2E:71:C3:44:96:ED:3B:DC:52:8E:D8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4086
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OCN8VRg2ZEAeLnHDRJbtO9xSjtg.roa
Signing time: Sun 14 Apr 2024 14:53:01 +0000
ROA not before: Sun 14 Apr 2024 14:53:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16518 (0x4086)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 14:53:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=38237C55183664401E2E71C34496ED3BDC528ED8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ec:dd:e6:ad:d3:79:7d:d1:56:00:1e:9c:bf:
55:a9:2e:75:39:32:a1:64:b6:13:70:50:7f:a1:ea:
61:89:2e:90:49:a2:c8:3e:22:18:3c:54:12:dc:62:
7c:dc:73:d1:89:d3:16:ca:b1:0e:d6:ab:b4:3c:eb:
75:ef:c2:ed:2c:f1:91:07:72:c6:f7:12:5c:ec:ba:
39:7e:46:df:d9:84:e4:b2:68:95:df:a9:a6:14:fb:
13:a0:18:ae:e3:28:67:c2:aa:d1:a2:da:96:3f:8a:
b2:9d:7a:f5:b7:c3:bd:5e:8e:88:ff:08:37:18:eb:
ab:bc:2f:ed:92:79:43:58:9b:c0:4a:bc:62:75:42:
d4:2a:af:83:4e:65:ec:4a:4a:b8:1d:fa:34:72:9b:
32:01:b1:b3:9e:ef:c0:7b:59:42:64:c1:35:6f:b0:
bd:17:ce:51:25:6b:33:8e:d7:eb:21:2c:f7:55:59:
05:49:f6:93:bc:4d:fc:5f:8d:85:41:b3:ab:9e:9f:
bf:4e:6b:03:8f:3a:ab:27:8f:46:a0:19:f6:b8:30:
6d:cf:8d:9c:21:29:cd:90:7e:5e:43:db:91:a9:d3:
a2:3f:9b:6b:70:b2:12:3f:a2:45:84:9d:6e:00:8a:
d8:c7:76:85:1a:dc:48:94:fa:56:2a:19:22:29:42:
d6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:23:7C:55:18:36:64:40:1E:2E:71:C3:44:96:ED:3B:DC:52:8E:D8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OCN8VRg2ZEAeLnHDRJbtO9xSjtg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:20:0d:b3:3b:53:68:18:59:6c:d5:f6:7f:eb:06:ce:98:5f:
cd:da:9d:0b:0a:b6:83:ec:d3:f0:84:8a:e2:95:5e:f9:fc:f1:
a9:84:d0:63:11:53:3b:7d:f2:cf:0e:a1:17:99:0f:a5:ec:c6:
7d:93:f4:b9:af:7c:af:53:39:83:a2:54:82:87:53:86:6b:4e:
8f:a5:54:16:52:98:0c:fa:a2:0b:a2:cc:a3:a6:6e:72:5c:0e:
13:fc:ea:51:53:0b:6d:9f:e0:bd:f5:c8:cb:6a:eb:6c:a3:a6:
6b:50:42:c7:51:ef:ce:23:ad:71:d5:90:6e:44:ff:ca:b5:63:
e6:68:c1:5c:5a:f2:c5:19:3c:72:14:23:3d:8d:4e:de:dd:aa:
cd:c4:4f:dc:98:a7:44:c1:6c:f2:e8:9b:25:e4:eb:6f:17:51:
fe:55:39:6e:93:85:f4:01:2a:bc:55:4d:10:32:cc:5c:4f:a9:
f1:bd:e2:60:d5:bd:eb:52:37:c5:da:f7:46:47:76:b1:f4:ec:
0d:43:e1:66:66:cd:2f:87:77:c0:e5:9e:f1:24:30:20:8e:60:
16:68:ce:0b:b5:04:c3:aa:f4:13:6d:0a:bd:37:24:05:a7:d6:
ca:ba:ff:4a:d7:5b:ef:c2:72:94:c2:23:54:ac:fa:17:5d:83:
e1:c6:c2:64
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQIYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
NDUzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM4MjM3QzU1MTgzNjY0
NDAxRTJFNzFDMzQ0OTZFRDNCREM1MjhFRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCj7N3mrdN5fdFWAB6cv1WpLnU5MqFkthNwUH+h6mGJLpBJosg+
Ihg8VBLcYnzcc9GJ0xbKsQ7Wq7Q863Xvwu0s8ZEHcsb3Elzsujl+Rt/ZhOSyaJXf
qaYU+xOgGK7jKGfCqtGi2pY/irKdevW3w71ejoj/CDcY66u8L+2SeUNYm8BKvGJ1
QtQqr4NOZexKSrgd+jRymzIBsbOe78B7WUJkwTVvsL0XzlElazOO1+shLPdVWQVJ
9pO8TfxfjYVBs6uen79OawOPOqsnj0agGfa4MG3PjZwhKc2Qfl5D25Gp06I/m2tw
shI/okWEnW4AitjHdoUa3EiU+lYqGSIpQtYBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUOCN8VRg2ZEAeLnHDRJbtO9xSjtgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09DTjhWUmcyWkVBZUxu
SERSSmJ0Tzl4U2p0Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAXCANsztTaBhZbNX2f+sGzphfzdqdCwq2
g+zT8ISK4pVe+fzxqYTQYxFTO33yzw6hF5kPpezGfZP0ua98r1M5g6JUgodThmtO
j6VUFlKYDPqiC6LMo6ZuclwOE/zqUVMLbZ/gvfXIy2rrbKOma1BCx1HvziOtcdWQ
bkT/yrVj5mjBXFryxRk8chQjPY1O3t2qzcRP3JinRMFs8uibJeTrbxdR/lU5bpOF
9AEqvFVNEDLMXE+p8b3iYNW961I3xdr3Rkd2sfTsDUPhZmbNL4d3wOWe8SQwII5g
FmjOC7UEw6r0E20KvTckBafWyrr/Stdb78JylMIjVKz6F12D4cbCZA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:28 2025 by rpki-client