Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dL1BtL7Lz4lKpAsxSpBe1A5pR7E.roa
File: dL1BtL7Lz4lKpAsxSpBe1A5pR7E.roa (raw, json)
Hash identifier: XoUB3rTlxAt/1xDsUCk4eGQYSmKv5j10nsuXQdUrRoE=
Subject key identifier: 74:BD:41:B4:BE:CB:CF:89:4A:A4:0B:31:4A:90:5E:D4:0E:69:47:B1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4026
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dL1BtL7Lz4lKpAsxSpBe1A5pR7E.roa
Signing time: Sun 14 Apr 2024 02:52:53 +0000
ROA not before: Sun 14 Apr 2024 02:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16422 (0x4026)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 02:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=74BD41B4BECBCF894AA40B314A905ED40E6947B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:36:b8:34:70:1c:33:1d:28:68:f7:cf:7f:fc:
b0:24:ce:cd:da:55:ce:ca:48:2f:07:5b:3a:2a:89:
c2:c2:7b:e4:d6:82:76:d1:70:2a:fa:ef:d1:96:54:
23:18:64:e4:ad:23:0b:fe:f5:61:01:d4:5f:ac:0c:
00:5e:31:51:fc:b1:1e:38:bd:4f:45:56:e2:ab:3f:
f4:da:93:98:6c:fb:ed:1f:e2:c3:fb:33:1f:9a:6b:
4e:e6:b5:43:26:cf:89:5f:e8:37:c0:c9:47:78:fb:
91:d0:cb:bd:26:72:48:39:4a:f9:f3:d1:3e:82:76:
60:a1:a2:d9:e5:53:24:8b:67:e3:25:24:43:4c:66:
4f:ae:d3:45:98:29:49:ba:83:ec:3f:76:37:7c:c2:
c7:6d:be:53:07:7b:be:1a:66:52:b1:0d:f7:5e:6f:
19:f1:c1:8c:56:fc:2b:fe:8b:ec:30:dc:2e:6e:8d:
6a:5f:32:e5:1d:bc:c6:bc:3b:77:ef:05:cd:64:a1:
a3:be:9a:af:84:b6:57:e7:23:cd:93:44:cc:2e:4a:
ac:c8:e6:6d:ba:1b:91:f3:48:8c:4b:f9:33:79:0c:
b0:a7:d7:2b:97:79:d1:7d:ea:7a:c7:06:64:2c:37:
70:b3:e9:ac:95:46:b0:53:58:73:fe:50:7d:42:57:
d1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:BD:41:B4:BE:CB:CF:89:4A:A4:0B:31:4A:90:5E:D4:0E:69:47:B1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dL1BtL7Lz4lKpAsxSpBe1A5pR7E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:dc:38:3a:d2:34:82:ea:64:79:04:90:6e:e7:25:cd:2e:ff:
8c:47:7e:27:5a:ce:59:02:9c:22:7f:50:8b:71:f7:ea:51:ce:
b4:49:9b:c1:00:06:46:4c:5a:09:12:1d:f9:54:42:24:7c:f8:
ab:19:c5:03:4f:a7:ba:86:a5:fd:95:75:4a:70:3a:e2:78:98:
af:a4:88:91:1c:15:f1:51:9d:5f:1b:3a:ee:c9:da:7d:ae:e6:
19:62:9e:40:d5:2b:50:ff:88:14:10:eb:b2:d4:a7:7c:00:bc:
06:05:a9:9d:4f:aa:2e:f6:5b:0a:50:ea:0c:b1:b5:0f:25:7e:
04:4e:2b:e2:b9:49:dd:5a:4b:12:62:eb:57:4b:a2:95:30:6f:
88:73:7a:77:50:15:bf:86:07:a1:75:61:ed:b2:0d:67:a2:80:
71:0e:1e:e9:2f:e1:fd:b5:68:04:60:6e:39:20:41:57:29:35:
fa:c6:8a:66:b3:87:7f:9c:8d:94:ee:93:36:d1:db:e2:d9:2c:
aa:14:c7:46:fe:c6:ad:bc:49:3f:a4:57:3a:a6:b4:66:2b:67:
21:95:aa:b7:aa:29:f8:ed:f5:96:5f:84:30:8b:42:63:c1:a0:
1b:2d:68:fe:84:3d:b3:06:03:6a:60:c1:68:19:30:18:81:0d:
eb:52:8d:c9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQCYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
MjUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc0QkQ0MUI0QkVDQkNG
ODk0QUE0MEIzMTRBOTA1RUQ0MEU2OTQ3QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1Nrg0cBwzHSho989//LAkzs3aVc7KSC8HWzoqicLCe+TWgnbR
cCr679GWVCMYZOStIwv+9WEB1F+sDABeMVH8sR44vU9FVuKrP/Tak5hs++0f4sP7
Mx+aa07mtUMmz4lf6DfAyUd4+5HQy70mckg5Svnz0T6CdmChotnlUySLZ+MlJENM
Zk+u00WYKUm6g+w/djd8wsdtvlMHe74aZlKxDfdebxnxwYxW/Cv+i+ww3C5ujWpf
MuUdvMa8O3fvBc1koaO+mq+EtlfnI82TRMwuSqzI5m26G5HzSIxL+TN5DLCn1yuX
edF96nrHBmQsN3Cz6ayVRrBTWHP+UH1CV9HhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdL1BtL7Lz4lKpAsxSpBe1A5pR7EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RMMUJ0TDdMejRsS3BB
c3hTcEJlMUE1cFI3RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAI9w4OtI0gupkeQSQbuclzS7/jEd+J1rO
WQKcIn9Qi3H36lHOtEmbwQAGRkxaCRId+VRCJHz4qxnFA0+nuoal/ZV1SnA64niY
r6SIkRwV8VGdXxs67snafa7mGWKeQNUrUP+IFBDrstSnfAC8BgWpnU+qLvZbClDq
DLG1DyV+BE4r4rlJ3VpLEmLrV0uilTBviHN6d1AVv4YHoXVh7bINZ6KAcQ4e6S/h
/bVoBGBuOSBBVyk1+saKZrOHf5yNlO6TNtHb4tksqhTHRv7GrbxJP6RXOqa0Zitn
IZWqt6op+O31ll+EMItCY8GgGy1o/oQ9swYDamDBaBkwGIEN61KNyQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:01 2025 by rpki-client