Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QAewN01IYTWIJtbQ-KzUE4WGUeY.roa
File: QAewN01IYTWIJtbQ-KzUE4WGUeY.roa (raw, json)
Hash identifier: ZqFzf9ULauwpii1YKo3BeCbSf3tpzPS03jV3kfmJv1k=
Subject key identifier: 40:07:B0:37:4D:48:61:35:88:26:D6:D0:F8:AC:D4:13:85:86:51:E6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 562A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QAewN01IYTWIJtbQ-KzUE4WGUeY.roa
Signing time: Mon 13 May 2024 11:24:08 +0000
ROA not before: Mon 13 May 2024 11:24:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22058 (0x562a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 11:24:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4007B0374D4861358826D6D0F8ACD413858651E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a3:d0:b0:7d:74:f6:2f:8d:09:38:cd:8f:8c:
a3:23:bd:8c:b0:fd:94:3d:36:86:ec:1d:7d:bc:b0:
89:d2:9b:30:10:63:b4:72:35:11:65:1a:6c:7e:55:
b4:25:ea:e4:07:4d:4d:6f:dd:2e:82:c5:6e:83:60:
a3:78:cf:30:69:1c:47:e9:46:94:87:4b:00:7a:8b:
1a:9c:f5:58:a3:1a:6a:b2:f6:26:eb:94:6d:f3:cc:
70:31:1d:9b:71:d2:db:a8:e4:3c:8b:b0:88:f4:36:
81:9f:89:c2:59:f1:11:6c:08:06:49:cd:c2:88:47:
52:b3:bd:a6:c2:87:c5:8f:f1:da:78:57:4f:5d:55:
8a:1e:24:e3:20:ee:0d:aa:f0:75:d9:cd:95:83:08:
1b:a0:d4:c5:2b:ec:c2:19:94:8c:98:d7:32:79:fc:
a9:93:f1:35:a9:46:4c:d0:35:25:66:34:9d:61:45:
4b:73:6f:03:c4:0e:e0:5c:49:4f:c4:65:f3:9c:04:
52:1e:15:aa:59:ad:18:db:b9:1f:79:f2:26:f3:27:
b4:97:5e:af:43:b9:1e:d4:0b:de:4a:03:58:2a:e8:
ed:3d:85:f3:b4:59:58:52:f1:9b:4a:11:2f:e6:7d:
3c:60:5e:0c:b8:b0:80:46:00:51:41:79:8f:66:79:
72:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:07:B0:37:4D:48:61:35:88:26:D6:D0:F8:AC:D4:13:85:86:51:E6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QAewN01IYTWIJtbQ-KzUE4WGUeY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
12:e2:a5:e3:1f:70:e7:48:2d:78:4a:d9:94:51:37:4c:c5:b1:
92:f4:48:45:b2:a8:3c:21:cc:5d:30:76:27:e7:50:21:ff:f2:
28:f3:89:bb:5e:e4:e4:98:bb:d6:68:3d:06:4c:d3:b1:0f:96:
6d:2a:2c:02:5d:3f:9d:f8:26:98:e2:fe:45:d2:fc:9e:1c:aa:
29:46:f9:a7:94:25:50:53:b9:00:2c:a4:ee:d2:19:d7:27:85:
b2:06:0e:56:c2:26:6d:f5:1e:23:a9:3d:da:9a:94:c2:c4:ce:
a7:9a:f5:d3:cc:bd:64:50:28:ce:8d:e6:98:e2:ce:74:6a:a6:
0a:f0:7b:bf:b8:aa:c0:7b:3f:9e:21:39:e6:40:29:7f:a5:c7:
b6:8e:3c:b5:dc:5f:55:a2:6e:fc:ed:81:3a:52:59:8e:d5:ae:
0e:39:96:77:a5:f6:d3:da:e4:7e:02:e6:9c:b6:11:af:55:c4:
0c:cf:df:3b:0f:7a:85:e3:98:c1:f4:ba:3f:bc:55:ff:09:42:
a2:e9:f5:fe:7e:30:e0:34:01:19:93:35:f3:2b:61:36:49:e1:
80:7b:d2:9a:23:36:70:1d:ba:c4:09:2f:1e:05:a7:8e:e1:41:
e3:0b:b4:f2:9a:77:62:55:1d:fe:1d:3b:be:33:89:b9:27:3e:
42:c0:bb:9f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICViowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMx
MTI0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQwMDdCMDM3NEQ0ODYx
MzU4ODI2RDZEMEY4QUNENDEzODU4NjUxRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGo9CwfXT2L40JOM2PjKMjvYyw/ZQ9NobsHX28sInSmzAQY7Ry
NRFlGmx+VbQl6uQHTU1v3S6CxW6DYKN4zzBpHEfpRpSHSwB6ixqc9VijGmqy9ibr
lG3zzHAxHZtx0tuo5DyLsIj0NoGficJZ8RFsCAZJzcKIR1KzvabCh8WP8dp4V09d
VYoeJOMg7g2q8HXZzZWDCBug1MUr7MIZlIyY1zJ5/KmT8TWpRkzQNSVmNJ1hRUtz
bwPEDuBcSU/EZfOcBFIeFapZrRjbuR958ibzJ7SXXq9DuR7UC95KA1gq6O09hfO0
WVhS8ZtKES/mfTxgXgy4sIBGAFFBeY9meXIZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQAewN01IYTWIJtbQ+KzUE4WGUeYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FBZXdOMDFJWVRXSUp0
YlEtS3pVRTRXR1VlWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAEuKl4x9w50gteErZlFE3TMWxkvRIRbKo
PCHMXTB2J+dQIf/yKPOJu17k5Ji71mg9BkzTsQ+WbSosAl0/nfgmmOL+RdL8nhyq
KUb5p5QlUFO5ACyk7tIZ1yeFsgYOVsImbfUeI6k92pqUwsTOp5r108y9ZFAozo3m
mOLOdGqmCvB7v7iqwHs/niE55kApf6XHto48tdxfVaJu/O2BOlJZjtWuDjmWd6X2
09rkfgLmnLYRr1XEDM/fOw96heOYwfS6P7xV/wlCoun1/n4w4DQBGZM18ythNknh
gHvSmiM2cB26xAkvHgWnjuFB4wu08pp3YlUd/h07vjOJuSc+QsC7nw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:16 2025 by rpki-client