Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SPa7Owx9rYNx6ZythRqSFZv-Iq8.roa
File: SPa7Owx9rYNx6ZythRqSFZv-Iq8.roa (raw, json)
Hash identifier: g0gWs37bcD5X0dMDZRbc3CctFT7S/vNCwrCZ5kvq/2Y=
Subject key identifier: 48:F6:BB:3B:0C:7D:AD:83:71:E9:9C:AD:85:1A:92:15:9B:FE:22:AF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34DA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SPa7Owx9rYNx6ZythRqSFZv-Iq8.roa
Signing time: Sat 30 Mar 2024 01:22:07 +0000
ROA not before: Sat 30 Mar 2024 01:22:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13530 (0x34da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 01:22:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=48F6BB3B0C7DAD8371E99CAD851A92159BFE22AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e2:b7:76:cf:0a:ab:7b:3d:90:3e:d0:f7:cc:
77:75:ea:b4:6f:7f:78:24:47:4f:ee:63:b7:e9:5d:
2a:58:6f:28:d5:7c:da:7f:5d:a9:d3:73:54:f5:d7:
de:eb:16:6b:11:aa:fd:7d:24:cc:c5:7a:a1:55:ab:
0a:99:8a:9e:0f:85:62:6c:c6:1d:c3:e8:44:1a:1b:
3c:af:a9:37:53:eb:a5:16:97:47:e8:a8:a9:f8:a0:
4f:48:bc:2e:e8:03:88:26:35:87:19:32:a6:9a:ce:
ed:e0:9e:b8:34:f0:df:3a:8c:1b:32:6a:a3:ee:a1:
41:ca:fd:83:fb:eb:d7:e2:94:77:6d:b9:39:c7:f2:
50:d1:2b:52:36:fa:16:ed:21:3b:aa:33:af:f3:fd:
66:92:46:d8:d6:c3:ee:44:bd:75:ce:62:5d:03:fa:
ef:6b:1c:c2:18:ce:51:4c:16:c3:a2:b0:b9:88:9d:
6d:16:90:c7:e0:90:6c:09:f8:fd:d2:13:a3:06:2c:
00:35:a0:cb:f4:d0:fb:b4:8c:00:ad:c9:73:13:b7:
9c:45:fb:09:f4:df:f4:f0:f0:63:ad:24:86:d4:f2:
ea:a8:f2:d9:be:e8:39:90:1b:73:db:14:40:f3:e2:
53:86:13:d4:b3:fa:ae:7d:40:24:30:9f:eb:11:54:
69:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F6:BB:3B:0C:7D:AD:83:71:E9:9C:AD:85:1A:92:15:9B:FE:22:AF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SPa7Owx9rYNx6ZythRqSFZv-Iq8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bc:b7:cd:f4:95:0f:b3:c3:68:17:3f:d4:fe:4e:a0:ed:d5:4b:
07:5c:fb:eb:1d:2a:21:6b:39:aa:3b:03:62:c6:e7:d6:f2:1e:
71:4a:b7:8c:69:39:11:28:ca:b8:a9:c9:d0:1c:6e:99:98:0d:
a9:2a:57:b9:63:60:93:dd:40:b1:ec:30:30:55:36:56:0f:1f:
81:7d:9d:d9:0f:00:1d:a5:c1:13:e4:66:0e:99:73:63:95:a6:
c7:a1:b3:b6:95:ac:e1:9d:96:43:a8:9c:a5:53:6a:79:e9:0a:
f6:05:de:1b:88:1a:81:ae:00:59:83:ba:d9:1d:b1:0c:7c:0e:
a6:9c:1b:31:4b:bd:ec:a1:40:96:37:03:c1:45:84:bb:ee:37:
e9:32:5d:64:34:15:85:3c:74:9e:22:ea:a8:b3:a0:7c:c4:92:
a6:73:c7:23:ec:aa:e0:bf:d8:28:e1:80:c4:8e:bf:36:c0:ea:
55:5a:0a:8a:67:df:a0:7e:98:1f:8c:b1:fa:6d:17:78:39:33:
a0:6a:16:5a:e7:26:e4:56:96:68:37:c8:47:37:7a:d0:54:1a:
78:54:05:9e:0a:ad:46:85:72:28:12:22:d9:17:22:f0:c7:e3:
cc:ea:88:9e:51:11:d0:43:70:0c:11:a6:37:46:7f:33:78:d5:
2a:67:4f:0a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNNowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
MTIyMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ4RjZCQjNCMEM3REFE
ODM3MUU5OUNBRDg1MUE5MjE1OUJGRTIyQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx4rd2zwqrez2QPtD3zHd16rRvf3gkR0/uY7fpXSpYbyjVfNp/
XanTc1T1197rFmsRqv19JMzFeqFVqwqZip4PhWJsxh3D6EQaGzyvqTdT66UWl0fo
qKn4oE9IvC7oA4gmNYcZMqaazu3gnrg08N86jBsyaqPuoUHK/YP769filHdtuTnH
8lDRK1I2+hbtITuqM6/z/WaSRtjWw+5EvXXOYl0D+u9rHMIYzlFMFsOisLmInW0W
kMfgkGwJ+P3SE6MGLAA1oMv00Pu0jACtyXMTt5xF+wn03/Tw8GOtJIbU8uqo8tm+
6DmQG3PbFEDz4lOGE9Sz+q59QCQwn+sRVGltAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUSPa7Owx9rYNx6ZythRqSFZv+Iq8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NQYTdPd3g5cllOeDZa
eXRoUnFTRlp2LUlxOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAvLfN9JUPs8NoFz/U/k6g7dVLB1z76x0q
IWs5qjsDYsbn1vIecUq3jGk5ESjKuKnJ0BxumZgNqSpXuWNgk91AsewwMFU2Vg8f
gX2d2Q8AHaXBE+RmDplzY5Wmx6GztpWs4Z2WQ6icpVNqeekK9gXeG4gaga4AWYO6
2R2xDHwOppwbMUu97KFAljcDwUWEu+436TJdZDQVhTx0niLqqLOgfMSSpnPHI+yq
4L/YKOGAxI6/NsDqVVoKimffoH6YH4yx+m0XeDkzoGoWWucm5FaWaDfIRzd60FQa
eFQFngqtRoVyKBIi2Rci8MfjzOqInlER0ENwDBGmN0Z/M3jVKmdPCg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:42 2025 by rpki-client