Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SLfXoIefMr_ZDRfyNdYH0KVRZ-k.roa
File: SLfXoIefMr_ZDRfyNdYH0KVRZ-k.roa (raw, json)
Hash identifier: RrO2Q469taJ16Ctr3e63uXX/u8o5H1F4t3VniVZ+aK0=
Subject key identifier: 48:B7:D7:A0:87:9F:32:BF:D9:0D:17:F2:35:D6:07:D0:A5:51:67:E9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F02
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SLfXoIefMr_ZDRfyNdYH0KVRZ-k.roa
Signing time: Fri 03 May 2024 22:23:57 +0000
ROA not before: Fri 03 May 2024 22:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20226 (0x4f02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 22:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=48B7D7A0879F32BFD90D17F235D607D0A55167E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6f:fb:1a:1e:35:b5:86:23:a9:59:00:8d:5a:
a1:4d:2a:ef:b3:d9:7f:bf:4e:f7:eb:46:44:09:45:
68:5c:97:6e:a8:9b:7e:3b:71:82:97:c7:00:57:0d:
27:53:ea:fd:ab:09:cd:ee:e0:fe:dd:d9:66:ce:ab:
5b:77:e7:b5:7c:fc:49:6c:b8:86:cf:30:b7:1e:3a:
0f:d3:53:d8:ac:d1:d3:71:52:a0:ea:d1:ba:fc:fc:
0b:03:9d:b6:c8:8d:71:00:dc:f4:ea:cd:9a:3f:5e:
15:b6:9e:cb:be:cb:57:97:e1:2c:62:ca:4d:54:6e:
59:04:ec:3e:9b:89:63:64:e3:cf:10:90:24:d3:63:
27:53:94:e1:d5:9e:1d:3b:fc:66:8d:08:9b:f8:cb:
26:c1:e9:e4:b5:fe:9f:c3:5e:09:bc:68:99:44:98:
5c:39:9a:e0:68:2d:46:28:24:90:dc:e8:77:68:c4:
66:5c:be:c6:1f:18:61:8c:51:48:75:73:45:e8:9e:
55:4e:69:27:39:4b:68:21:54:1c:61:ab:aa:55:a7:
36:ac:78:bc:b1:ea:d9:24:03:47:2c:a1:48:cf:b0:
10:7a:6b:85:00:b4:8f:be:99:65:84:9e:3d:c2:32:
ed:81:43:d2:68:b2:dc:35:34:93:cc:4c:95:87:58:
81:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B7:D7:A0:87:9F:32:BF:D9:0D:17:F2:35:D6:07:D0:A5:51:67:E9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SLfXoIefMr_ZDRfyNdYH0KVRZ-k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:f2:63:fc:68:a4:c3:d7:99:d5:a6:35:2f:b8:cd:97:f3:55:
a1:af:c3:e6:22:df:4d:18:5a:4f:d2:6d:ed:87:0f:91:0d:24:
05:fb:98:ac:8c:53:12:7e:e3:09:34:72:23:5e:05:6c:be:a2:
d8:8b:e7:5e:17:65:f0:82:38:3b:1e:74:da:bf:e3:bb:80:be:
fd:29:b7:3c:aa:cf:09:65:64:db:6f:f8:09:0e:07:d6:e9:06:
b5:f2:81:3e:e8:1f:6c:f0:7f:cb:58:a8:fb:d9:42:80:d9:e9:
da:29:36:4d:02:35:00:4b:8c:3e:6f:2d:2d:b8:06:68:e5:d5:
8a:64:6a:60:a0:ee:4a:94:01:4a:51:da:14:be:af:58:e4:b5:
92:5d:b4:22:4a:cd:02:39:4f:e6:80:6b:3d:cd:ec:71:41:bf:
e1:81:ab:a8:31:2e:0e:28:91:95:32:14:bd:a5:c5:a6:a6:d7:
85:cb:9b:ad:2c:07:f7:44:69:d5:2e:27:28:0e:69:62:49:dd:
c1:74:e3:98:1e:02:04:21:5f:18:99:d8:c7:c3:ff:78:89:9e:
3f:fb:8f:46:2b:28:b1:18:4d:a9:80:73:ad:f5:86:e1:47:da:
1b:5a:46:b4:0e:68:82:4f:50:46:96:63:20:6a:a6:48:e6:38:
6b:54:b4:c3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTwIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMy
MjIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ4QjdEN0EwODc5RjMy
QkZEOTBEMTdGMjM1RDYwN0QwQTU1MTY3RTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCb/saHjW1hiOpWQCNWqFNKu+z2X+/TvfrRkQJRWhcl26om347
cYKXxwBXDSdT6v2rCc3u4P7d2WbOq1t357V8/ElsuIbPMLceOg/TU9is0dNxUqDq
0br8/AsDnbbIjXEA3PTqzZo/XhW2nsu+y1eX4Sxiyk1UblkE7D6biWNk488QkCTT
YydTlOHVnh07/GaNCJv4yybB6eS1/p/DXgm8aJlEmFw5muBoLUYoJJDc6HdoxGZc
vsYfGGGMUUh1c0XonlVOaSc5S2ghVBxhq6pVpzaseLyx6tkkA0csoUjPsBB6a4UA
tI++mWWEnj3CMu2BQ9Jostw1NJPMTJWHWIHrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUSLfXoIefMr/ZDRfyNdYH0KVRZ+kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NMZlhvSWVmTXJfWkRS
ZnlOZFlIMEtWUlotay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAF/Jj/Gikw9eZ1aY1L7jNl/NVoa/D5iLf
TRhaT9Jt7YcPkQ0kBfuYrIxTEn7jCTRyI14FbL6i2IvnXhdl8II4Ox502r/ju4C+
/Sm3PKrPCWVk22/4CQ4H1ukGtfKBPugfbPB/y1io+9lCgNnp2ik2TQI1AEuMPm8t
LbgGaOXVimRqYKDuSpQBSlHaFL6vWOS1kl20IkrNAjlP5oBrPc3scUG/4YGrqDEu
DiiRlTIUvaXFpqbXhcubrSwH90Rp1S4nKA5pYkndwXTjmB4CBCFfGJnYx8P/eIme
P/uPRisosRhNqYBzrfWG4UfaG1pGtA5ogk9QRpZjIGqmSOY4a1S0ww==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:11:12 2025 by rpki-client