Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Tmgu2-1mLIWBdwDpcshLryZD8uo.roa
File: Tmgu2-1mLIWBdwDpcshLryZD8uo.roa (raw, json)
Hash identifier: elBydup11DxXibuPv3v8dxXaqH//PuGesuTRbA2YCcs=
Subject key identifier: 4E:68:2E:DB:ED:66:2C:85:81:77:00:E9:72:C8:4B:AF:26:43:F2:EA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3AFA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Tmgu2-1mLIWBdwDpcshLryZD8uo.roa
Signing time: Sun 07 Apr 2024 05:22:29 +0000
ROA not before: Sun 07 Apr 2024 05:22:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15098 (0x3afa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 05:22:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4E682EDBED662C85817700E972C84BAF2643F2EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:33:50:3e:22:8a:19:50:02:79:b8:03:34:a0:
fe:da:55:74:1e:da:ab:33:3b:86:46:35:b4:32:76:
c9:0f:dc:54:5f:63:bc:cd:4e:eb:9a:7a:54:95:3d:
2a:b0:eb:eb:fe:ea:a8:de:2e:ac:9e:67:13:94:b9:
71:f0:2c:9b:41:01:73:66:6b:c9:9b:a6:93:ec:fc:
3e:d5:45:85:16:27:4e:c9:7d:78:0b:f6:1d:49:91:
e9:f5:50:fb:a4:53:3f:12:7f:90:cc:e1:f3:27:20:
15:d3:e0:0b:71:1f:29:3a:7a:65:8e:e5:7f:bd:34:
25:f9:96:82:bd:30:0c:9f:a0:fa:7b:4d:2f:61:d1:
20:75:9e:a3:ef:e0:44:b8:50:d2:2e:c2:99:e5:e5:
eb:dc:d2:66:d6:c9:9c:f2:fd:5b:fd:6f:b1:af:4b:
ed:82:8c:c1:a3:f1:12:04:31:b0:75:8b:57:4e:e5:
f0:62:8e:bd:a1:b5:8f:14:9d:20:95:d4:12:e9:25:
ce:af:23:53:2a:d9:bd:45:d7:32:56:41:c7:51:cd:
cc:49:d0:67:47:ef:e3:d8:56:5e:da:06:65:e5:fc:
a4:a9:35:5f:7a:08:9d:90:77:80:75:e6:d0:be:fe:
7b:d9:d9:57:fc:c2:2a:d0:01:58:0d:88:93:11:fa:
68:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:68:2E:DB:ED:66:2C:85:81:77:00:E9:72:C8:4B:AF:26:43:F2:EA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Tmgu2-1mLIWBdwDpcshLryZD8uo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:92:96:dd:a0:58:ab:bd:fd:68:69:03:a7:3e:53:34:20:fd:
ca:2e:bb:f8:99:d0:fa:fb:cc:fe:d1:4e:14:ff:4a:51:72:b0:
9b:10:e7:ff:dd:60:c3:d8:56:a1:78:89:20:47:2d:09:1b:75:
f1:38:ea:a7:d8:a7:2f:5f:0c:27:99:f1:13:ff:c9:21:88:e1:
5c:e2:d2:e0:a6:0c:55:7a:8c:5b:5b:6f:40:b1:74:e1:3b:4b:
ee:92:24:15:51:f2:49:1b:63:dd:66:65:d7:f9:14:f1:a7:e9:
f1:2b:a0:5f:18:cf:6b:6b:ad:03:4d:44:fd:6e:9d:ce:09:51:
56:c1:99:a7:15:3e:52:31:50:97:25:dc:54:37:38:69:75:a0:
cf:05:40:8b:bf:c8:38:2d:f3:e0:ed:ce:f5:50:f4:c4:e5:ce:
f4:b3:fd:35:75:3e:8e:bb:ae:c1:2e:f8:36:fc:6f:13:59:3e:
bc:0f:37:65:8e:69:06:54:8e:af:60:7a:e2:f2:28:c4:3f:fd:
1a:24:62:e1:5a:b7:d8:8d:1c:4e:b6:29:44:73:02:38:ce:92:
26:12:53:ec:fc:a6:83:79:dd:87:d4:67:36:b5:78:7f:b2:26:
2c:e0:bc:1f:46:5d:a7:1d:c5:bd:13:c3:0b:ab:6c:41:1f:00:
b9:12:ca:69
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOvowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
NTIyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRFNjgyRURCRUQ2NjJD
ODU4MTc3MDBFOTcyQzg0QkFGMjY0M0YyRUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFM1A+IooZUAJ5uAM0oP7aVXQe2qszO4ZGNbQydskP3FRfY7zN
TuuaelSVPSqw6+v+6qjeLqyeZxOUuXHwLJtBAXNma8mbppPs/D7VRYUWJ07JfXgL
9h1Jken1UPukUz8Sf5DM4fMnIBXT4AtxHyk6emWO5X+9NCX5loK9MAyfoPp7TS9h
0SB1nqPv4ES4UNIuwpnl5evc0mbWyZzy/Vv9b7GvS+2CjMGj8RIEMbB1i1dO5fBi
jr2htY8UnSCV1BLpJc6vI1Mq2b1F1zJWQcdRzcxJ0GdH7+PYVl7aBmXl/KSpNV96
CJ2Qd4B15tC+/nvZ2Vf8wirQAVgNiJMR+mh1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUTmgu2+1mLIWBdwDpcshLryZD8uowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RtZ3UyLTFtTElXQmR3
RHBjc2hMcnlaRDh1by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAS5KW3aBYq739aGkDpz5TNCD9yi67+JnQ
+vvM/tFOFP9KUXKwmxDn/91gw9hWoXiJIEctCRt18Tjqp9inL18MJ5nxE//JIYjh
XOLS4KYMVXqMW1tvQLF04TtL7pIkFVHySRtj3WZl1/kU8afp8SugXxjPa2utA01E
/W6dzglRVsGZpxU+UjFQlyXcVDc4aXWgzwVAi7/IOC3z4O3O9VD0xOXO9LP9NXU+
jruuwS74NvxvE1k+vA83ZY5pBlSOr2B64vIoxD/9GiRi4Vq32I0cTrYpRHMCOM6S
JhJT7Pymg3ndh9RnNrV4f7ImLOC8H0Zdpx3FvRPDC6tsQR8AuRLKaQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:23 2025 by rpki-client