Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VEyWMHW4frzLSLF96FA8_9ASYrM.roa
File: VEyWMHW4frzLSLF96FA8_9ASYrM.roa (raw, json)
Hash identifier: 3j1A8RvUMk2BdlxIhGdXAbbDp9bYHKvA0Om/++xCJpE=
Subject key identifier: 54:4C:96:30:75:B8:7E:BC:CB:48:B1:7D:E8:50:3C:FF:D0:12:62:B3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 382A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VEyWMHW4frzLSLF96FA8_9ASYrM.roa
Signing time: Wed 03 Apr 2024 11:22:20 +0000
ROA not before: Wed 03 Apr 2024 11:22:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14378 (0x382a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 11:22:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=544C963075B87EBCCB48B17DE8503CFFD01262B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f1:82:ab:2f:22:13:2c:50:24:9c:f2:3e:bd:
56:78:30:a3:cc:30:41:19:2c:d4:09:b3:2a:86:f3:
3f:2d:b4:d2:a7:60:a5:73:3d:bf:1f:81:98:9c:ed:
54:95:0e:53:ce:2e:4b:a9:0c:02:3e:56:41:45:ec:
aa:08:ee:0b:f5:d4:70:ab:87:9c:72:5b:dd:e9:6f:
99:8f:ba:7f:9a:94:0c:1a:4c:98:45:f4:56:7d:f2:
79:79:a3:ac:1b:b2:34:2a:cc:e2:33:4b:e1:6a:62:
f2:0e:b6:d9:43:48:f8:59:70:8c:5a:e1:d4:a8:cd:
b5:e1:d8:b0:c9:c9:0d:e9:53:86:29:18:19:22:3d:
b2:21:05:df:97:4a:83:49:65:4a:0e:dc:66:e8:fa:
b6:70:11:ab:8c:21:cb:1c:84:db:bf:87:cf:a3:ae:
0e:ab:b5:96:db:77:fd:05:3a:7e:cc:b0:87:00:d9:
1d:84:bc:df:30:ca:4d:5f:c0:5e:ac:34:a2:87:9f:
9f:a5:11:63:fc:a1:92:d9:65:38:3c:89:d0:9b:f9:
30:8d:6a:d8:6c:8a:c6:b1:b9:00:f3:c9:d0:20:e5:
b6:c2:fe:e6:56:c6:56:4f:5a:0e:26:de:2a:4a:34:
90:2d:29:cf:55:2a:e0:2e:38:54:39:71:1b:e4:5c:
e6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:4C:96:30:75:B8:7E:BC:CB:48:B1:7D:E8:50:3C:FF:D0:12:62:B3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VEyWMHW4frzLSLF96FA8_9ASYrM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:ef:ba:3b:b5:35:34:54:d7:31:2d:a5:6f:bb:02:45:5c:f6:
7b:9f:0b:ad:2b:1a:7b:55:eb:f8:8c:8e:6f:cb:f1:0c:58:4e:
03:04:36:b6:8c:be:a0:14:e4:5d:6e:18:49:0a:71:4a:21:a6:
1b:18:34:f1:59:93:9f:a2:ae:45:a8:a9:40:cc:0a:cf:5a:46:
ec:f9:8c:67:4b:0f:9f:56:20:5e:60:5f:7b:aa:4f:40:53:28:
e7:44:31:ae:73:03:8f:43:d2:72:fa:1b:d6:f8:8b:56:fb:16:
8a:26:be:fe:c9:72:8b:9e:14:ec:f7:79:4d:b0:bc:6d:69:78:
d7:66:2d:32:c2:5e:00:52:f3:7f:9f:63:91:20:a9:ea:8a:9e:
79:5f:91:10:57:32:5a:be:13:3d:3f:66:6a:f3:41:0f:6c:bd:
d2:6b:f4:ae:e7:ef:38:8b:b1:13:25:4f:4d:e7:12:61:e1:1e:
22:90:4a:d5:c2:2a:32:ef:7e:a4:64:6c:69:2f:7b:11:7c:9d:
ef:55:a9:7c:13:3a:a5:d9:45:95:21:53:f0:cf:1b:d5:50:c5:
ff:a1:ae:7b:00:1a:3d:62:45:fe:02:e1:68:93:f3:5b:3e:b9:
46:75:5c:f5:9e:ca:93:de:7a:0d:06:76:e5:31:c9:71:aa:5d:
df:78:86:28
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOCowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMx
MTIyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU0NEM5NjMwNzVCODdF
QkNDQjQ4QjE3REU4NTAzQ0ZGRDAxMjYyQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu8YKrLyITLFAknPI+vVZ4MKPMMEEZLNQJsyqG8z8ttNKnYKVz
Pb8fgZic7VSVDlPOLkupDAI+VkFF7KoI7gv11HCrh5xyW93pb5mPun+alAwaTJhF
9FZ98nl5o6wbsjQqzOIzS+FqYvIOttlDSPhZcIxa4dSozbXh2LDJyQ3pU4YpGBki
PbIhBd+XSoNJZUoO3Gbo+rZwEauMIcschNu/h8+jrg6rtZbbd/0FOn7MsIcA2R2E
vN8wyk1fwF6sNKKHn5+lEWP8oZLZZTg8idCb+TCNathsisaxuQDzydAg5bbC/uZW
xlZPWg4m3ipKNJAtKc9VKuAuOFQ5cRvkXOb1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVEyWMHW4frzLSLF96FA8/9ASYrMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZFeVdNSFc0ZnJ6TFNM
Rjk2RkE4XzlBU1lyTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAUO+6O7U1NFTXMS2lb7sCRVz2e58LrSsa
e1Xr+IyOb8vxDFhOAwQ2toy+oBTkXW4YSQpxSiGmGxg08VmTn6KuRaipQMwKz1pG
7PmMZ0sPn1YgXmBfe6pPQFMo50QxrnMDj0PScvob1viLVvsWiia+/slyi54U7Pd5
TbC8bWl412YtMsJeAFLzf59jkSCp6oqeeV+REFcyWr4TPT9mavNBD2y90mv0rufv
OIuxEyVPTecSYeEeIpBK1cIqMu9+pGRsaS97EXyd71WpfBM6pdlFlSFT8M8b1VDF
/6GuewAaPWJF/gLhaJPzWz65RnVc9Z7Kk956DQZ25THJcapd33iGKA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:09:47 2025 by rpki-client