Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Rw0JTjAx62Gd0sFFf2MVbN0sQ44.roa
File: Rw0JTjAx62Gd0sFFf2MVbN0sQ44.roa (raw, json)
Hash identifier: moXsTv9MpNHwbgTJyIAcovjju4ZkacLd5/oE0dMsPVU=
Subject key identifier: 47:0D:09:4E:30:31:EB:61:9D:D2:C1:45:7F:63:15:6C:DD:2C:43:8E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3306
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Rw0JTjAx62Gd0sFFf2MVbN0sQ44.roa
Signing time: Wed 27 Mar 2024 14:52:29 +0000
ROA not before: Wed 27 Mar 2024 14:52:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13062 (0x3306)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 14:52:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=470D094E3031EB619DD2C1457F63156CDD2C438E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8a:89:51:a3:83:be:bf:6a:7b:76:f2:c2:71:
37:82:11:c7:46:5d:35:c7:08:d2:a0:54:70:3f:35:
f5:f3:1e:d8:93:b4:fd:68:4d:e6:b6:d5:9f:da:94:
c9:19:9f:dd:34:91:c0:ac:d4:d4:45:ce:47:36:06:
c7:0d:c1:af:38:29:05:0b:05:43:e6:75:d2:80:0c:
6a:c8:a5:2d:99:6c:8e:fd:4c:34:ca:8c:bd:22:76:
32:e6:6d:b7:d0:4c:a4:30:2c:db:1c:a7:57:72:0b:
ef:81:79:78:81:48:bb:30:ea:fe:b3:25:2b:55:63:
f4:e5:54:4b:3b:76:76:79:9f:62:85:fe:5d:1b:75:
eb:15:78:66:d5:85:52:dc:f6:5e:20:79:38:60:a9:
b2:c6:72:07:30:f6:17:c9:f6:34:7a:80:79:84:02:
e0:1b:0a:56:2e:6e:d3:72:cf:97:7f:9f:56:f2:23:
6a:26:3d:26:a6:e8:d3:1d:09:7c:a8:81:e2:c4:2b:
02:5b:98:da:a5:68:66:74:2c:cc:81:e8:fc:78:13:
cb:ce:d8:f2:45:0b:19:5c:54:5b:94:88:fa:7e:17:
96:cd:8c:f2:0f:37:13:90:e6:e3:d6:ac:35:b3:1b:
21:c8:f6:5a:0f:29:3c:2c:e0:49:4c:2a:ac:3c:32:
f2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:0D:09:4E:30:31:EB:61:9D:D2:C1:45:7F:63:15:6C:DD:2C:43:8E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Rw0JTjAx62Gd0sFFf2MVbN0sQ44.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:a8:bd:3d:36:1c:c0:4d:9a:a9:07:3f:fc:b6:ea:83:8b:59:
b6:c0:98:f0:0f:89:cf:e1:02:14:de:94:72:d2:33:2c:6a:63:
b9:c5:ef:3c:bb:3d:cf:56:30:ee:a5:09:68:fd:f8:22:40:d3:
73:56:0f:54:07:8f:7b:20:be:4f:48:8f:7d:c5:8c:c6:9d:80:
6f:3f:16:36:ec:8d:0f:6d:2b:66:52:58:72:f4:42:c3:9b:0f:
8d:da:a5:6a:b7:70:9f:01:2a:18:37:8e:95:45:0b:16:3e:5c:
d5:6f:85:1a:54:9f:5f:02:5f:27:d8:af:70:b7:12:91:aa:08:
28:30:98:3c:a5:b4:b8:ff:d6:25:d2:ea:29:52:d8:a8:22:35:
ec:19:f6:09:94:17:08:df:62:35:dd:64:3c:e2:a4:bb:0a:44:
19:b9:ec:b7:59:f6:7f:c6:60:40:61:97:d7:db:0d:eb:5b:ff:
48:f6:6a:30:f2:2e:0c:3c:ed:09:dd:62:f3:32:5e:e1:87:9b:
ae:e3:f0:cc:ab:6a:05:fa:8e:76:19:b0:92:72:7b:60:e7:18:
ec:cc:61:d9:19:73:84:09:56:4a:fa:6a:b1:f4:59:48:19:8a:
89:6b:7f:81:a0:83:c1:7a:57:c2:4a:6e:a1:70:b4:ef:ad:24:
85:65:eb:f4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICMwYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
NDUyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ3MEQwOTRFMzAzMUVC
NjE5REQyQzE0NTdGNjMxNTZDREQyQzQzOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuiolRo4O+v2p7dvLCcTeCEcdGXTXHCNKgVHA/NfXzHtiTtP1o
Tea21Z/alMkZn900kcCs1NRFzkc2BscNwa84KQULBUPmddKADGrIpS2ZbI79TDTK
jL0idjLmbbfQTKQwLNscp1dyC++BeXiBSLsw6v6zJStVY/TlVEs7dnZ5n2KF/l0b
desVeGbVhVLc9l4geThgqbLGcgcw9hfJ9jR6gHmEAuAbClYubtNyz5d/n1byI2om
PSam6NMdCXyogeLEKwJbmNqlaGZ0LMyB6Px4E8vO2PJFCxlcVFuUiPp+F5bNjPIP
NxOQ5uPWrDWzGyHI9loPKTws4ElMKqw8MvKtAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQURw0JTjAx62Gd0sFFf2MVbN0sQ44wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1J3MEpUakF4NjJHZDBz
RkZmMk1WYk4wc1E0NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAWqi9PTYcwE2aqQc//Lbqg4tZtsCY8A+J
z+ECFN6UctIzLGpjucXvPLs9z1Yw7qUJaP34IkDTc1YPVAePeyC+T0iPfcWMxp2A
bz8WNuyND20rZlJYcvRCw5sPjdqlardwnwEqGDeOlUULFj5c1W+FGlSfXwJfJ9iv
cLcSkaoIKDCYPKW0uP/WJdLqKVLYqCI17Bn2CZQXCN9iNd1kPOKkuwpEGbnst1n2
f8ZgQGGX19sN61v/SPZqMPIuDDztCd1i8zJe4YebruPwzKtqBfqOdhmwknJ7YOcY
7Mxh2RlzhAlWSvpqsfRZSBmKiWt/gaCDwXpXwkpuoXC0760khWXr9A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:40 2025 by rpki-client