Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/asuZFc-ItOqxkxs9LkCnKkpWeXs.roa
File: asuZFc-ItOqxkxs9LkCnKkpWeXs.roa (raw, json)
Hash identifier: xr6ECjYPRFVZIKblT5QVpgW5Cao8M1AG+tT8okudoy4=
Subject key identifier: 6A:CB:99:15:CF:88:B4:EA:B1:93:1B:3D:2E:40:A7:2A:4A:56:79:7B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C4A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/asuZFc-ItOqxkxs9LkCnKkpWeXs.roa
Signing time: Mon 08 Apr 2024 23:22:35 +0000
ROA not before: Mon 08 Apr 2024 23:22:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15434 (0x3c4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 23:22:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6ACB9915CF88B4EAB1931B3D2E40A72A4A56797B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:92:f0:ce:c2:fa:ee:76:ca:20:69:53:07:d0:
9c:e5:fe:15:31:cf:57:4b:12:da:68:81:50:ff:e5:
88:17:85:2a:8a:c3:fe:ae:ef:52:a5:71:40:31:86:
5e:dc:a4:39:47:6e:34:90:95:f2:23:55:b4:4c:89:
24:70:cb:2e:e8:20:c2:0e:35:cc:e6:6e:50:24:a7:
cc:6c:a0:67:92:dc:e0:1e:07:76:33:d0:92:90:94:
5a:52:69:33:a8:29:0a:de:1f:05:21:77:7c:81:40:
a6:be:de:39:3f:42:e7:5c:bb:31:b0:ff:90:c6:9b:
bd:ca:3b:1d:b9:82:ee:cd:2f:52:30:a0:50:6b:cc:
2b:d0:a6:93:8e:9e:a6:22:4f:b6:3d:84:10:14:a4:
8b:7e:bd:1d:ca:1d:5d:84:c9:77:ff:5f:e5:2a:f8:
35:8f:31:92:5d:7a:14:fa:86:0f:4a:42:6b:fa:cd:
46:de:e6:24:b2:54:14:8b:d2:13:57:bb:1c:1b:4e:
c4:37:49:15:39:23:17:41:2b:52:d9:cb:16:eb:ef:
2c:e4:91:c8:08:10:7a:04:50:9b:e0:1a:17:83:56:
af:c3:31:3f:da:91:31:86:65:9a:5f:cd:2a:2b:5f:
59:1b:e1:f5:9d:95:f9:2f:15:11:6a:88:0a:5a:63:
0c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:CB:99:15:CF:88:B4:EA:B1:93:1B:3D:2E:40:A7:2A:4A:56:79:7B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/asuZFc-ItOqxkxs9LkCnKkpWeXs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:c1:e6:a6:a7:55:19:68:e3:11:e4:e3:d1:f9:71:22:30:ab:
e6:43:10:fa:11:b7:5a:8b:52:4f:dc:42:88:cf:20:bd:f3:1a:
11:10:cf:36:b0:c0:85:c5:95:48:6e:ed:64:a7:f8:16:6f:9c:
94:d5:d7:68:ba:cf:32:ad:6b:ac:e9:1a:8c:96:d2:84:a1:92:
02:55:6c:23:b5:d6:4e:7a:69:8d:48:50:08:c6:a0:4f:79:5a:
91:84:24:9f:1c:de:df:c0:88:13:21:13:dc:0b:bf:d5:79:af:
32:a2:03:2e:99:b7:e4:2e:8b:3f:7e:20:39:ea:6b:c4:df:f4:
88:57:ba:11:ab:18:ef:d6:1a:e1:d6:3e:8f:07:0a:24:49:88:
01:4c:10:2a:a2:d4:ed:dd:5d:08:58:32:be:ec:c5:29:aa:04:
d9:57:fc:86:88:32:66:6c:12:e5:7e:79:98:24:aa:c7:de:66:
02:10:1d:b6:a0:ec:57:5e:29:f8:43:b9:13:64:73:7a:1e:01:
ff:62:be:c7:9f:45:ac:7f:f0:85:fa:ba:f0:40:21:b0:95:6d:
f1:ee:ef:c2:25:c6:7b:ad:0d:0d:4d:2b:46:c0:f5:87:b1:be:
81:92:da:e9:9a:c5:9a:87:7a:46:a8:91:da:67:29:da:d2:7a:
35:8c:1c:fe
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPEowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgy
MzIyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBQ0I5OTE1Q0Y4OEI0
RUFCMTkzMUIzRDJFNDBBNzJBNEE1Njc5N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgkvDOwvrudsogaVMH0Jzl/hUxz1dLEtpogVD/5YgXhSqKw/6u
71KlcUAxhl7cpDlHbjSQlfIjVbRMiSRwyy7oIMIONczmblAkp8xsoGeS3OAeB3Yz
0JKQlFpSaTOoKQreHwUhd3yBQKa+3jk/QudcuzGw/5DGm73KOx25gu7NL1IwoFBr
zCvQppOOnqYiT7Y9hBAUpIt+vR3KHV2EyXf/X+Uq+DWPMZJdehT6hg9KQmv6zUbe
5iSyVBSL0hNXuxwbTsQ3SRU5IxdBK1LZyxbr7yzkkcgIEHoEUJvgGheDVq/DMT/a
kTGGZZpfzSorX1kb4fWdlfkvFRFqiApaYwwBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUasuZFc+ItOqxkxs9LkCnKkpWeXswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FzdVpGYy1JdE9xeGt4
czlMa0NuS2twV2VYcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQcHmpqdVGWjjEeTj0flxIjCr5kMQ+hG3
WotST9xCiM8gvfMaERDPNrDAhcWVSG7tZKf4Fm+clNXXaLrPMq1rrOkajJbShKGS
AlVsI7XWTnppjUhQCMagT3lakYQknxze38CIEyET3Au/1XmvMqIDLpm35C6LP34g
OeprxN/0iFe6EasY79Ya4dY+jwcKJEmIAUwQKqLU7d1dCFgyvuzFKaoE2Vf8hogy
ZmwS5X55mCSqx95mAhAdtqDsV14p+EO5E2Rzeh4B/2K+x59FrH/whfq68EAhsJVt
8e7vwiXGe60NDU0rRsD1h7G+gZLa6ZrFmod6RqiR2mcp2tJ6NYwc/g==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:09:45 2025 by rpki-client