Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TmihCZhu9V-_3rtGyvF9IO1iJ38.roa
File: TmihCZhu9V-_3rtGyvF9IO1iJ38.roa (raw, json)
Hash identifier: pjqNBOKiTZCmJcdzlPA6K7Dqy9zUFxBDZKo6mJ6l0F0=
Subject key identifier: 4E:68:A1:09:98:6E:F5:5F:BF:DE:BB:46:CA:F1:7D:20:ED:62:27:7F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 404E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TmihCZhu9V-_3rtGyvF9IO1iJ38.roa
Signing time: Sun 14 Apr 2024 07:52:53 +0000
ROA not before: Sun 14 Apr 2024 07:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16462 (0x404e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 07:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4E68A109986EF55FBFDEBB46CAF17D20ED62277F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:95:0f:82:9c:9a:a1:b4:b1:94:df:da:ea:90:
a5:78:b2:7c:6b:17:d0:65:7f:12:d2:a4:64:30:cc:
04:57:eb:ec:88:19:0d:90:59:58:53:84:17:89:64:
23:36:2e:f1:12:5d:37:ef:c4:13:57:8f:10:d1:1b:
ab:7f:8d:2b:31:a3:a0:1f:0c:ae:3d:75:e9:cf:97:
fa:53:31:48:6d:d7:34:4c:8a:d6:3b:57:74:ae:62:
f8:8e:05:30:c0:d2:11:ed:3e:31:25:49:d2:4f:f2:
95:da:64:00:d6:71:25:2c:c2:78:b2:44:c6:78:f5:
85:1f:2d:7b:ef:9b:18:48:d8:09:38:f4:3c:0b:43:
9e:fa:ce:e8:2b:b1:26:8a:66:75:7d:0c:3e:03:60:
46:9b:e9:1b:80:8e:f4:ba:a1:9b:ed:ec:f5:e0:70:
29:fd:51:47:c4:3d:c0:e9:2c:64:81:44:2d:f3:95:
fe:74:35:c4:15:2a:1e:d1:c0:6b:67:ce:62:13:28:
06:ed:56:de:f6:39:43:fe:23:2f:38:ce:2f:59:bd:
a6:95:47:a0:96:55:80:e4:a7:2d:91:55:f0:fc:e8:
ed:35:29:a2:eb:35:d0:59:aa:53:6d:84:f5:75:18:
c9:09:38:96:a6:0f:a1:f3:2e:e5:1b:3c:fd:04:25:
98:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:68:A1:09:98:6E:F5:5F:BF:DE:BB:46:CA:F1:7D:20:ED:62:27:7F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TmihCZhu9V-_3rtGyvF9IO1iJ38.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:57:14:2f:fe:fb:ff:70:9b:ca:99:f9:49:c0:19:0d:dd:8b:
83:c7:18:39:07:59:cf:63:e3:1f:9d:81:f3:53:bf:17:a9:14:
27:42:aa:c7:6c:d5:03:0d:88:b0:dc:0e:f2:c6:a6:d7:97:c2:
d2:a8:26:dc:11:11:15:d1:c8:89:36:de:35:b2:18:6d:28:77:
76:4e:cd:74:d4:55:4a:93:5d:ba:01:fc:31:40:ff:92:93:10:
69:53:14:21:00:e9:e7:d5:84:ee:7c:fe:30:73:e5:7f:fd:27:
60:4a:67:d0:27:c3:c7:b3:10:4b:85:e9:68:95:6c:34:86:5a:
8e:b2:9b:e7:68:ee:23:d1:2d:61:8a:7e:2a:1e:79:b4:3a:0a:
8b:5c:3e:e8:6c:ac:e4:15:5a:ac:87:3a:8b:5c:51:51:a3:34:
42:5b:1a:9d:68:8b:86:8d:27:ff:26:db:91:0e:af:bf:d1:67:
ff:2f:15:cc:7b:75:a4:f0:43:47:e3:e5:4b:1d:6e:ea:35:2c:
7e:d5:f9:66:6a:6d:e9:a4:c8:5a:88:80:55:11:af:e4:d7:32:
1a:ee:8e:22:59:b8:cb:f1:79:1b:5f:9d:68:e7:e5:67:a3:dd:
4b:fe:94:8c:1b:70:70:1a:dd:41:d0:0b:73:f7:17:e2:35:72:
1b:f0:8d:42
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQE4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
NzUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRFNjhBMTA5OTg2RUY1
NUZCRkRFQkI0NkNBRjE3RDIwRUQ2MjI3N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCylQ+CnJqhtLGU39rqkKV4snxrF9BlfxLSpGQwzARX6+yIGQ2Q
WVhThBeJZCM2LvESXTfvxBNXjxDRG6t/jSsxo6AfDK49denPl/pTMUht1zRMitY7
V3SuYviOBTDA0hHtPjElSdJP8pXaZADWcSUswniyRMZ49YUfLXvvmxhI2Ak49DwL
Q576zugrsSaKZnV9DD4DYEab6RuAjvS6oZvt7PXgcCn9UUfEPcDpLGSBRC3zlf50
NcQVKh7RwGtnzmITKAbtVt72OUP+Iy84zi9ZvaaVR6CWVYDkpy2RVfD86O01KaLr
NdBZqlNthPV1GMkJOJamD6HzLuUbPP0EJZghAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUTmihCZhu9V+/3rtGyvF9IO1iJ38wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RtaWhDWmh1OVYtXzNy
dEd5dkY5SU8xaUozOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAPlcUL/77/3Cbypn5ScAZDd2Lg8cYOQdZ
z2PjH52B81O/F6kUJ0Kqx2zVAw2IsNwO8sam15fC0qgm3BERFdHIiTbeNbIYbSh3
dk7NdNRVSpNdugH8MUD/kpMQaVMUIQDp59WE7nz+MHPlf/0nYEpn0CfDx7MQS4Xp
aJVsNIZajrKb52juI9EtYYp+Kh55tDoKi1w+6Gys5BVarIc6i1xRUaM0QlsanWiL
ho0n/ybbkQ6vv9Fn/y8VzHt1pPBDR+PlSx1u6jUsftX5Zmpt6aTIWoiAVRGv5Ncy
Gu6OIlm4y/F5G1+daOflZ6PdS/6UjBtwcBrdQdALc/cX4jVyG/CNQg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:09 2025 by rpki-client