Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bCNZREVa2HOxuLNyR41KzicZJv4.roa
File: bCNZREVa2HOxuLNyR41KzicZJv4.roa (raw, json)
Hash identifier: cHv7mikwxftqho2vqRsvBt/SJnQBD/19/73vNn6XoX8=
Subject key identifier: 6C:23:59:44:45:5A:D8:73:B1:B8:B3:72:47:8D:4A:CE:27:19:26:FE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E52
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bCNZREVa2HOxuLNyR41KzicZJv4.roa
Signing time: Thu 11 Apr 2024 16:22:47 +0000
ROA not before: Thu 11 Apr 2024 16:22:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15954 (0x3e52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 16:22:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6C235944455AD873B1B8B372478D4ACE271926FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:87:be:c4:c9:78:f7:d9:8c:87:fa:05:f0:03:
c6:4a:bf:68:27:55:08:08:0c:39:10:ef:b7:16:d3:
89:bc:7d:3f:dd:3e:ec:8e:c1:ae:0c:2b:40:47:c5:
e2:c0:9b:73:5e:d6:31:cc:e5:d2:7a:cf:7d:16:93:
c7:ae:06:26:2f:66:76:b8:65:74:b8:b2:c1:32:e7:
13:75:ad:f5:36:29:6a:0a:df:9b:cd:8f:ad:ff:ae:
1b:f1:ca:15:6b:fb:16:ea:8c:00:ad:08:6d:e7:7c:
ee:be:ef:15:a3:d5:25:bc:48:58:8f:30:2c:17:3d:
13:aa:b4:7e:2e:f8:a9:9c:b8:3c:d9:ee:ec:77:1f:
7f:eb:2d:62:53:47:70:31:71:30:56:be:b6:1b:c2:
4d:1b:fd:11:52:88:7c:30:34:90:29:4f:d3:9d:5f:
87:f7:7a:e1:c7:17:77:03:47:5e:62:d9:a8:73:23:
ed:fb:6b:75:57:f3:31:03:b3:c0:6a:18:c7:23:c1:
7e:7f:68:e2:c7:05:ee:0e:73:ed:a7:b5:90:e5:97:
d6:32:66:10:52:5b:b4:b7:13:ef:d1:11:32:20:5c:
a5:57:f2:ed:d5:a5:27:7b:9d:f7:0d:f5:cb:b5:8a:
54:24:71:cb:7e:1b:9c:49:dd:47:53:5e:1a:0c:bd:
09:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:23:59:44:45:5A:D8:73:B1:B8:B3:72:47:8D:4A:CE:27:19:26:FE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bCNZREVa2HOxuLNyR41KzicZJv4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:89:07:4f:f6:eb:a6:ee:e0:82:c0:13:c9:58:b9:32:e2:bf:
d0:e4:3b:4e:c0:9e:88:6f:f1:3c:4e:34:02:39:3a:16:7a:e0:
19:7b:57:71:5a:c9:f9:d5:fc:c1:37:d5:a6:7a:af:13:cf:3c:
ad:1d:fd:65:55:c3:23:65:7d:95:04:2e:62:2d:db:a7:18:77:
ae:dd:aa:99:90:d8:75:87:7d:3d:1e:f9:65:4f:f8:1d:c1:ff:
05:2e:8d:78:be:57:f0:80:c7:7b:a7:85:43:bf:90:0c:b0:0c:
d1:64:35:de:81:2b:5e:f8:ae:53:86:99:c8:ef:41:12:66:09:
5d:f1:e4:66:13:a1:bb:d0:bb:ca:d4:f9:a9:62:68:80:96:5b:
60:97:4f:bd:da:bb:80:49:93:94:17:d9:cc:80:29:57:58:fd:
e7:26:9e:cd:fd:45:38:06:a5:b0:4d:22:05:c0:0f:f4:04:cf:
fe:52:73:55:64:64:45:e2:30:2c:76:8c:f9:6f:2f:c9:f3:32:
c6:00:75:51:7e:40:62:b1:2d:69:ed:af:4c:5f:5b:e3:4c:9c:
fb:cc:8b:81:cf:7f:8e:37:8c:25:e0:81:ca:1d:0c:ca:e8:bc:
c8:00:dc:67:b3:71:61:7b:73:78:36:38:98:17:cc:1e:c9:38:
12:96:29:a3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPlIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEx
NjIyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZDMjM1OTQ0NDU1QUQ4
NzNCMUI4QjM3MjQ3OEQ0QUNFMjcxOTI2RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYh77EyXj32YyH+gXwA8ZKv2gnVQgIDDkQ77cW04m8fT/dPuyO
wa4MK0BHxeLAm3Ne1jHM5dJ6z30Wk8euBiYvZna4ZXS4ssEy5xN1rfU2KWoK35vN
j63/rhvxyhVr+xbqjACtCG3nfO6+7xWj1SW8SFiPMCwXPROqtH4u+KmcuDzZ7ux3
H3/rLWJTR3AxcTBWvrYbwk0b/RFSiHwwNJApT9OdX4f3euHHF3cDR15i2ahzI+37
a3VX8zEDs8BqGMcjwX5/aOLHBe4Oc+2ntZDll9YyZhBSW7S3E+/RETIgXKVX8u3V
pSd7nfcN9cu1ilQkcct+G5xJ3UdTXhoMvQndAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUbCNZREVa2HOxuLNyR41KzicZJv4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JDTlpSRVZhMkhPeHVM
TnlSNDFLemljWkp2NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAIIkHT/brpu7ggsATyVi5MuK/0OQ7TsCe
iG/xPE40Ajk6FnrgGXtXcVrJ+dX8wTfVpnqvE888rR39ZVXDI2V9lQQuYi3bpxh3
rt2qmZDYdYd9PR75ZU/4HcH/BS6NeL5X8IDHe6eFQ7+QDLAM0WQ13oErXviuU4aZ
yO9BEmYJXfHkZhOhu9C7ytT5qWJogJZbYJdPvdq7gEmTlBfZzIApV1j95yaezf1F
OAalsE0iBcAP9ATP/lJzVWRkReIwLHaM+W8vyfMyxgB1UX5AYrEtae2vTF9b40yc
+8yLgc9/jjeMJeCByh0Myui8yADcZ7NxYXtzeDY4mBfMHsk4EpYpow==
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:49:43 2025 by rpki-client