Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/PnWWId0POFENjE3UkTO-rJnHL3Y.roa
File: PnWWId0POFENjE3UkTO-rJnHL3Y.roa (raw, json)
Hash identifier: KfBSB73SJ1cflrsdGlGbNJu2LYg8VoRgro1uA3yzwxw=
Subject key identifier: 3E:75:96:21:DD:0F:38:51:0D:8C:4D:D4:91:33:BE:AC:99:C7:2F:76
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33A2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PnWWId0POFENjE3UkTO-rJnHL3Y.roa
Signing time: Thu 28 Mar 2024 10:22:03 +0000
ROA not before: Thu 28 Mar 2024 10:22:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13218 (0x33a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 10:22:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3E759621DD0F38510D8C4DD49133BEAC99C72F76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f4:98:eb:f3:54:75:df:67:e0:99:35:95:24:
ec:30:fd:55:1c:9c:3f:40:7e:a2:97:92:0d:d9:7d:
ea:17:df:bc:8d:30:68:a4:54:13:60:07:8e:44:80:
d2:e2:84:94:69:64:07:3c:02:d3:9b:49:56:c1:04:
90:11:45:62:a5:c5:09:93:a1:6a:e1:18:14:21:82:
f1:a8:4a:ca:94:f0:38:b3:44:d2:8a:58:f4:40:a0:
f5:ab:6d:4b:ca:53:f9:ec:66:48:00:87:68:56:ce:
ec:24:6f:33:17:fb:63:61:f5:8d:9a:02:4a:ec:de:
be:58:00:bf:98:86:f7:7a:1e:3e:93:e0:e1:77:cf:
09:32:ea:36:9d:20:e9:71:c0:b7:c7:4c:c7:24:a6:
67:14:ff:5b:9c:98:56:bf:c6:7e:3e:dd:f8:47:6c:
4b:54:7b:be:61:16:8e:55:fb:49:c6:5c:6f:6f:d4:
1f:7f:e4:22:7c:8e:5e:87:0d:6e:58:f6:36:10:65:
a1:5c:11:67:40:0d:90:89:96:8a:09:67:24:3b:71:
29:74:e8:62:a6:a2:93:de:fc:36:16:fc:a6:bb:1a:
10:c6:3e:56:57:70:5b:13:ff:20:21:7d:1a:a2:38:
b0:35:73:3d:86:83:68:24:b6:2d:87:75:d5:af:4b:
d8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:75:96:21:DD:0F:38:51:0D:8C:4D:D4:91:33:BE:AC:99:C7:2F:76
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PnWWId0POFENjE3UkTO-rJnHL3Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:91:92:30:7e:b5:3d:73:e0:95:89:f1:4b:2b:3b:3f:af:bf:
24:0b:7e:3d:23:d4:76:6b:10:6a:f1:55:cb:27:72:77:17:45:
08:cb:de:0d:80:17:20:e3:d5:45:fd:eb:a8:79:4f:bb:fe:9e:
9d:e0:38:2f:60:12:51:7b:96:3f:52:03:93:48:26:ca:28:2e:
00:08:4c:2d:42:1f:75:66:91:bd:52:29:d2:ed:84:1b:52:66:
a4:ff:85:95:24:fb:31:59:fe:88:6c:b4:7d:15:9f:8e:76:de:
e5:7f:88:89:84:0e:cf:7e:44:e6:6a:b8:ef:ab:7e:8e:d7:31:
6c:cf:31:d2:c1:90:3e:1e:e2:76:ad:82:f6:b9:77:0c:fd:13:
ff:9f:bd:03:51:06:64:ba:c0:1c:20:0b:34:86:ed:fd:58:08:
b5:00:53:64:95:cb:d9:ee:50:86:00:4f:46:34:6e:12:6e:60:
c1:ab:4a:f4:f7:5d:ef:7e:ad:91:10:27:6c:95:0b:07:f1:46:
14:9c:0e:ab:b9:b7:0c:83:97:bb:47:81:32:ac:6d:8d:18:5b:
0b:a9:98:85:c8:f8:a8:e7:d8:53:d4:0a:0d:cf:06:e4:f8:63:
40:75:ed:f7:08:c0:f9:8c:f8:7a:5c:03:bb:b1:ec:8f:40:f9:
74:80:6e:51
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICM6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgx
MDIyMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNFNzU5NjIxREQwRjM4
NTEwRDhDNERENDkxMzNCRUFDOTlDNzJGNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQ9Jjr81R132fgmTWVJOww/VUcnD9AfqKXkg3ZfeoX37yNMGik
VBNgB45EgNLihJRpZAc8AtObSVbBBJARRWKlxQmToWrhGBQhgvGoSsqU8DizRNKK
WPRAoPWrbUvKU/nsZkgAh2hWzuwkbzMX+2Nh9Y2aAkrs3r5YAL+Yhvd6Hj6T4OF3
zwky6jadIOlxwLfHTMckpmcU/1ucmFa/xn4+3fhHbEtUe75hFo5V+0nGXG9v1B9/
5CJ8jl6HDW5Y9jYQZaFcEWdADZCJlooJZyQ7cSl06GKmopPe/DYW/Ka7GhDGPlZX
cFsT/yAhfRqiOLA1cz2Gg2gkti2HddWvS9gHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPnWWId0POFENjE3UkTO+rJnHL3YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1BuV1dJZDBQT0ZFTmpF
M1VrVE8tckpuSEwzWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAr5GSMH61PXPglYnxSys7P6+/JAt+PSPU
dmsQavFVyydydxdFCMveDYAXIOPVRf3rqHlPu/6eneA4L2ASUXuWP1IDk0gmyigu
AAhMLUIfdWaRvVIp0u2EG1JmpP+FlST7MVn+iGy0fRWfjnbe5X+IiYQOz35E5mq4
76t+jtcxbM8x0sGQPh7idq2C9rl3DP0T/5+9A1EGZLrAHCALNIbt/VgItQBTZJXL
2e5QhgBPRjRuEm5gwatK9Pdd736tkRAnbJULB/FGFJwOq7m3DIOXu0eBMqxtjRhb
C6mYhcj4qOfYU9QKDc8G5PhjQHXt9wjA+Yz4elwDu7Hsj0D5dIBuUQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:16 2025 by rpki-client