Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Ujf6T0sT1LiHGEbOalRKAw0DDZ4.roa
File: Ujf6T0sT1LiHGEbOalRKAw0DDZ4.roa (raw, json)
Hash identifier: 6U/VHr26n514KalYGdWSovPI5f0Dt+dwZSdJ/wdQhKQ=
Subject key identifier: 52:37:FA:4F:4B:13:D4:B8:87:18:46:CE:6A:54:4A:03:0D:03:0D:9E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35CA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ujf6T0sT1LiHGEbOalRKAw0DDZ4.roa
Signing time: Sun 31 Mar 2024 07:22:37 +0000
ROA not before: Sun 31 Mar 2024 07:22:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13770 (0x35ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 07:22:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5237FA4F4B13D4B8871846CE6A544A030D030D9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e6:e3:41:ca:fc:fd:50:16:2e:16:0e:d1:22:
1d:d7:ca:21:d6:3d:d5:cc:7e:92:6c:ba:c0:72:1f:
88:04:bb:05:cc:d5:15:dd:74:bb:7b:07:37:9d:11:
ae:c7:4b:06:ab:b2:1a:39:f7:42:e0:eb:d6:c4:dd:
09:89:36:0f:f5:38:f4:9f:e6:aa:f7:5b:27:1a:c3:
94:c1:93:8e:8b:b7:aa:8d:9d:59:39:42:33:f4:73:
07:0b:32:25:51:17:00:77:5c:6f:d8:b1:cf:ed:a1:
ce:46:4d:ea:de:31:88:99:b3:45:fc:2f:79:4c:b5:
b7:e7:62:b2:67:6e:fa:dc:17:d1:58:d2:6d:30:93:
5f:1e:fb:17:7f:62:f3:e2:d5:72:c0:f8:b1:17:29:
98:ab:4c:ce:17:eb:53:8b:c0:2c:b3:a5:8a:0e:c0:
5e:ed:35:a8:a9:0f:6a:f4:b7:76:1f:29:82:8f:d4:
dc:aa:bb:52:95:65:fd:b4:c9:23:d4:77:0b:a8:4a:
a1:b0:e0:af:bf:db:1a:72:3e:fd:c6:d5:0b:91:e6:
05:f1:e9:29:4d:64:68:6a:b0:9d:e6:dd:35:ec:9e:
d3:33:72:12:b5:99:bd:da:a3:ca:ce:e1:37:af:f2:
02:6b:cb:f6:25:99:74:c3:63:5c:6c:c5:7b:94:1d:
14:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:37:FA:4F:4B:13:D4:B8:87:18:46:CE:6A:54:4A:03:0D:03:0D:9E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ujf6T0sT1LiHGEbOalRKAw0DDZ4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:5b:33:ed:60:3f:86:5b:16:14:20:e7:59:d7:7a:29:00:5b:
15:73:7e:67:c5:2a:48:74:14:6b:d6:a0:dc:bb:7b:9d:ac:b1:
0b:50:7c:dc:46:ab:8f:99:6a:e9:24:31:85:22:af:9a:5e:18:
8d:05:da:fb:62:eb:c9:8c:fa:00:3f:55:9a:dd:41:95:84:15:
20:23:59:f3:2e:fb:1a:5d:25:71:43:26:be:0b:64:cd:4b:80:
b3:0d:9d:35:3e:00:c7:1d:13:95:a2:37:01:4e:c7:7b:3f:16:
48:ad:39:54:71:47:d3:a5:48:5a:0b:4a:1c:09:be:f7:63:59:
14:6d:b2:69:15:a4:51:e3:92:9a:27:c3:0e:10:8e:c7:8e:3f:
13:a8:3a:9e:96:44:cb:a4:a9:9d:c3:b5:86:1e:9f:71:2d:8b:
6d:13:bc:f2:d6:6b:f1:ce:a2:68:1f:c4:27:af:9e:52:7a:10:
c7:a3:37:f4:2e:b5:f8:dd:ae:36:dd:e8:ba:8d:5e:d3:cc:7b:
38:63:39:cf:0f:81:5b:16:b0:c3:27:d4:3f:27:0b:22:94:74:
ee:4f:57:e7:82:eb:d7:67:18:a7:6e:19:65:b6:0c:78:8a:5f:
f1:e7:cd:1b:c1:0c:24:03:fd:2e:2b:03:b3:48:76:87:2c:12:
82:b7:da:cb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNcowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
NzIyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUyMzdGQTRGNEIxM0Q0
Qjg4NzE4NDZDRTZBNTQ0QTAzMEQwMzBEOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr5uNByvz9UBYuFg7RIh3XyiHWPdXMfpJsusByH4gEuwXM1RXd
dLt7BzedEa7HSwarsho590Lg69bE3QmJNg/1OPSf5qr3Wycaw5TBk46Lt6qNnVk5
QjP0cwcLMiVRFwB3XG/Ysc/toc5GTereMYiZs0X8L3lMtbfnYrJnbvrcF9FY0m0w
k18e+xd/YvPi1XLA+LEXKZirTM4X61OLwCyzpYoOwF7tNaipD2r0t3YfKYKP1Nyq
u1KVZf20ySPUdwuoSqGw4K+/2xpyPv3G1QuR5gXx6SlNZGhqsJ3m3TXsntMzchK1
mb3ao8rO4Tev8gJry/YlmXTDY1xsxXuUHRTFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUUjf6T0sT1LiHGEbOalRKAw0DDZ4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VqZjZUMHNUMUxpSEdF
Yk9hbFJLQXcwRERaNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAl1sz7WA/hlsWFCDnWdd6KQBbFXN+Z8Uq
SHQUa9ag3Lt7nayxC1B83Earj5lq6SQxhSKvml4YjQXa+2LryYz6AD9Vmt1BlYQV
ICNZ8y77Gl0lcUMmvgtkzUuAsw2dNT4Axx0TlaI3AU7Hez8WSK05VHFH06VIWgtK
HAm+92NZFG2yaRWkUeOSmifDDhCOx44/E6g6npZEy6SpncO1hh6fcS2LbRO88tZr
8c6iaB/EJ6+eUnoQx6M39C61+N2uNt3ouo1e08x7OGM5zw+BWxawwyfUPycLIpR0
7k9X54Lr12cYp24ZZbYMeIpf8efNG8EMJAP9LisDs0h2hywSgrfayw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:24:30 2025 by rpki-client