Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UR7TkFLpPNjeX820GO-QKDe_Yas.roa
File: UR7TkFLpPNjeX820GO-QKDe_Yas.roa (raw, json)
Hash identifier: 91Z1uT7XrKhrV8SPhE5GtEpqB0Q2aq17wjhtw3XWpzE=
Subject key identifier: 51:1E:D3:90:52:E9:3C:D8:DE:5F:CD:B4:18:EF:90:28:37:BF:61:AB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43AE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UR7TkFLpPNjeX820GO-QKDe_Yas.roa
Signing time: Thu 18 Apr 2024 19:53:00 +0000
ROA not before: Thu 18 Apr 2024 19:53:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17326 (0x43ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 19:53:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=511ED39052E93CD8DE5FCDB418EF902837BF61AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3a:d8:57:db:54:42:e6:4d:ec:1e:68:0d:c3:
a3:fc:d8:39:29:ce:e9:1e:ee:29:65:e5:09:b6:75:
73:db:4d:2c:12:52:05:cd:09:aa:d2:92:f3:bb:65:
1e:80:c5:6b:8c:70:3d:97:84:bb:51:cd:1c:03:6c:
b3:a6:03:b8:d8:6e:07:81:34:73:ff:0d:b4:a2:79:
35:62:aa:f9:fc:fb:1f:90:14:0d:d8:5a:d3:6d:51:
4b:82:eb:a9:68:56:3f:d5:77:33:39:c1:ff:50:1b:
d7:7d:52:e2:1d:42:67:ae:dd:58:42:18:ad:ba:3a:
55:42:71:f7:49:a6:ee:17:d8:ff:aa:c6:ff:27:e5:
93:eb:ac:63:c7:d2:ce:16:bb:b8:a2:58:f1:cb:58:
9a:8c:d6:88:1f:da:16:09:69:e0:fd:6a:64:bb:03:
de:59:fb:0a:2d:f9:91:37:e7:49:18:cc:73:09:e2:
15:b7:a7:e9:1e:f6:df:82:8e:aa:0f:31:f0:2e:2d:
40:bf:02:00:9d:30:1c:cf:b8:ce:55:b5:ad:a0:e0:
0a:2e:bf:f2:b0:60:5b:12:a6:ca:06:71:dc:c3:d1:
f3:5f:c2:03:02:12:2d:ac:b1:6d:d6:d3:82:72:77:
22:28:c6:72:37:0a:93:b0:69:78:89:44:88:f9:da:
a4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1E:D3:90:52:E9:3C:D8:DE:5F:CD:B4:18:EF:90:28:37:BF:61:AB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UR7TkFLpPNjeX820GO-QKDe_Yas.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:58:ba:1f:3c:6f:e9:49:c2:94:b4:35:d6:78:1a:29:58:19:
45:a6:68:88:3f:2c:d1:f4:3f:88:38:a9:c8:7e:b6:c0:76:33:
25:ce:f6:db:6d:ce:17:2f:71:8f:01:af:e8:a7:c8:98:fd:3e:
ab:e2:9e:3a:8b:33:da:ff:2b:8d:6b:d3:e3:9c:ce:17:96:7b:
8a:6b:49:9e:cc:48:29:a6:7c:3a:37:26:20:d2:1b:9a:db:9d:
d0:8f:83:b1:a1:10:ec:a4:8b:f3:8f:3f:ac:97:a6:97:8a:91:
5b:b6:10:da:9e:a0:0a:a5:cb:eb:27:50:14:4e:8e:2c:a1:f4:
b0:70:b9:15:99:b5:c5:96:a7:4f:84:5e:f6:a4:a2:b2:a8:ee:
85:f0:12:be:88:26:16:2d:ee:ed:61:86:cd:5d:11:f3:1d:fb:
e5:1e:90:31:e7:fd:00:4f:94:88:60:3e:90:f0:10:ad:d2:df:
62:33:3e:39:c6:d7:6d:25:c6:e9:ec:6d:9c:8a:97:e8:fd:d7:
a4:b4:b8:35:2d:ad:f2:2e:59:29:64:06:90:ef:97:d4:9e:49:
f0:ec:fc:83:bf:25:30:e8:81:8d:34:f4:9b:e3:b3:5d:bf:ae:
26:60:fc:ba:bf:4a:6f:bb:91:d9:ec:c1:64:bc:d8:7d:eb:12:
34:b9:bb:73
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ64wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
OTUzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUxMUVEMzkwNTJFOTND
RDhERTVGQ0RCNDE4RUY5MDI4MzdCRjYxQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVOthX21RC5k3sHmgNw6P82Dkpzuke7ill5Qm2dXPbTSwSUgXN
CarSkvO7ZR6AxWuMcD2XhLtRzRwDbLOmA7jYbgeBNHP/DbSieTViqvn8+x+QFA3Y
WtNtUUuC66loVj/VdzM5wf9QG9d9UuIdQmeu3VhCGK26OlVCcfdJpu4X2P+qxv8n
5ZPrrGPH0s4Wu7iiWPHLWJqM1ogf2hYJaeD9amS7A95Z+wot+ZE350kYzHMJ4hW3
p+ke9t+CjqoPMfAuLUC/AgCdMBzPuM5Vta2g4Aouv/KwYFsSpsoGcdzD0fNfwgMC
Ei2ssW3W04JydyIoxnI3CpOwaXiJRIj52qT/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUUR7TkFLpPNjeX820GO+QKDe/YaswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VSN1RrRkxwUE5qZVg4
MjBHTy1RS0RlX1lhcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAsli6Hzxv6UnClLQ11ngaKVgZRaZoiD8s
0fQ/iDipyH62wHYzJc72223OFy9xjwGv6KfImP0+q+KeOosz2v8rjWvT45zOF5Z7
imtJnsxIKaZ8OjcmINIbmtud0I+DsaEQ7KSL848/rJeml4qRW7YQ2p6gCqXL6ydQ
FE6OLKH0sHC5FZm1xZanT4Re9qSisqjuhfASvogmFi3u7WGGzV0R8x375R6QMef9
AE+UiGA+kPAQrdLfYjM+OcbXbSXG6extnIqX6P3XpLS4NS2t8i5ZKWQGkO+X1J5J
8Oz8g78lMOiBjTT0m+OzXb+uJmD8ur9Kb7uR2ezBZLzYfesSNLm7cw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:39:51 2025 by rpki-client