Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Rs95LctH7b_5IhrGcqvmLA2Cjjc.roa
File: Rs95LctH7b_5IhrGcqvmLA2Cjjc.roa (raw, json)
Hash identifier: 9Zkk4ZHpkvmoJa9IqeFrFTe1rsZI38ZoJ0+B6tH4vm0=
Subject key identifier: 46:CF:79:2D:CB:47:ED:BF:F9:22:1A:C6:72:AB:E6:2C:0D:82:8E:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56B2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Rs95LctH7b_5IhrGcqvmLA2Cjjc.roa
Signing time: Tue 14 May 2024 04:24:08 +0000
ROA not before: Tue 14 May 2024 04:24:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22194 (0x56b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 04:24:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=46CF792DCB47EDBFF9221AC672ABE62C0D828E37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:dc:c1:47:07:d8:c2:12:c8:86:f4:32:88:94:
ec:5f:13:fb:6c:0d:53:e1:ab:08:be:0c:3b:cb:4d:
03:e5:b4:2b:8a:86:1c:e5:73:41:b4:d4:15:c9:6b:
4b:a7:59:d2:d4:0a:33:96:3f:2b:a8:4d:99:0e:ee:
71:36:f8:82:94:a9:e2:85:20:97:ac:78:fc:f1:c7:
22:9a:c2:47:c6:68:3b:22:39:05:cf:f3:b3:c5:50:
9e:6b:e7:26:bd:15:69:e4:aa:89:06:32:be:2d:5d:
91:c7:ee:18:6a:4c:94:6e:a7:96:21:ef:bb:bb:77:
fe:c3:54:3f:81:e1:c2:3a:e7:43:9d:99:a3:b4:cf:
49:33:12:64:85:0c:40:22:d6:18:75:09:dc:ea:ba:
14:ef:f7:04:4a:1d:60:9e:57:4d:b5:eb:6f:50:e2:
d9:ad:ab:a4:65:80:e1:96:ad:03:f8:9f:d6:d4:d0:
4e:83:4b:e5:25:c2:5d:68:b9:84:80:a7:5b:05:a1:
03:39:96:42:28:74:e1:e7:80:46:82:65:8a:cc:24:
1d:da:29:a4:a7:0f:1d:f6:90:ab:15:ab:c6:8e:97:
6b:5c:63:2a:e0:ec:79:9c:8b:97:c8:3e:03:2d:3f:
87:4e:e9:53:53:73:8d:1b:7b:5a:02:f0:e5:b0:bf:
44:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:CF:79:2D:CB:47:ED:BF:F9:22:1A:C6:72:AB:E6:2C:0D:82:8E:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Rs95LctH7b_5IhrGcqvmLA2Cjjc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:2f:8e:2c:46:0b:fe:fa:22:14:77:fc:3e:f6:52:b7:60:2e:
8d:d1:79:a1:fa:fe:28:f4:50:25:73:b0:da:29:b2:25:d7:19:
58:d8:08:ea:0c:e1:dc:21:05:6e:43:57:16:2f:f6:33:c7:da:
d4:94:49:e4:d1:6c:60:4b:7c:86:07:4d:7e:80:a1:72:bc:31:
e8:a1:ed:35:e9:73:96:3a:42:f6:77:2a:9b:1d:7b:f9:8d:74:
bc:d3:6b:10:3b:0a:3b:57:58:d7:9a:9a:03:6e:1e:21:f8:c6:
3d:14:9f:16:0e:ef:89:53:db:44:53:8c:f3:b8:53:9d:45:ba:
ab:f0:5a:d0:6a:b2:e1:76:a3:f2:70:25:4e:5e:28:bb:a3:4d:
09:2e:5a:32:be:44:7e:f0:ec:1e:df:3e:4a:bc:8f:44:de:e0:
d1:c6:e9:2d:59:70:1e:7d:b0:77:48:18:a1:c6:64:ed:7e:26:
d4:53:74:d2:96:23:63:b0:b1:a6:1f:f1:15:f1:78:e9:34:8b:
28:00:2a:ec:78:9d:ea:ae:75:39:55:7c:fe:a0:e2:63:84:22:
cc:b3:9e:7d:b3:b9:23:3a:0e:c7:38:d9:d0:b6:02:ef:ed:c9:
33:8b:8c:35:20:96:92:66:21:01:ad:a3:90:bb:84:14:fc:b3:
1e:48:b1:97
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVrIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQw
NDI0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ2Q0Y3OTJEQ0I0N0VE
QkZGOTIyMUFDNjcyQUJFNjJDMEQ4MjhFMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC73MFHB9jCEsiG9DKIlOxfE/tsDVPhqwi+DDvLTQPltCuKhhzl
c0G01BXJa0unWdLUCjOWPyuoTZkO7nE2+IKUqeKFIJesePzxxyKawkfGaDsiOQXP
87PFUJ5r5ya9FWnkqokGMr4tXZHH7hhqTJRup5Yh77u7d/7DVD+B4cI650OdmaO0
z0kzEmSFDEAi1hh1CdzquhTv9wRKHWCeV021629Q4tmtq6RlgOGWrQP4n9bU0E6D
S+Ulwl1ouYSAp1sFoQM5lkIodOHngEaCZYrMJB3aKaSnDx32kKsVq8aOl2tcYyrg
7Hmci5fIPgMtP4dO6VNTc40be1oC8OWwv0RnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQURs95LctH7b/5IhrGcqvmLA2CjjcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JzOTVMY3RIN2JfNUlo
ckdjcXZtTEEyQ2pqYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAoC+OLEYL/voiFHf8PvZSt2AujdF5ofr+
KPRQJXOw2imyJdcZWNgI6gzh3CEFbkNXFi/2M8fa1JRJ5NFsYEt8hgdNfoChcrwx
6KHtNelzljpC9ncqmx17+Y10vNNrEDsKO1dY15qaA24eIfjGPRSfFg7viVPbRFOM
87hTnUW6q/Ba0Gqy4Xaj8nAlTl4ou6NNCS5aMr5EfvDsHt8+SryPRN7g0cbpLVlw
Hn2wd0gYocZk7X4m1FN00pYjY7Cxph/xFfF46TSLKAAq7Hid6q51OVV8/qDiY4Qi
zLOefbO5IzoOxzjZ0LYC7+3JM4uMNSCWkmYhAa2jkLuEFPyzHkixlw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:21 2025 by rpki-client