Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ddP-sr5IrWN7L-6MDK1y-eL4qPQ.roa
File: ddP-sr5IrWN7L-6MDK1y-eL4qPQ.roa (raw, json)
Hash identifier: GGD2cCkrzipdcvZpzlaLlCAMw8lY8o8Qb96PsZtU5iI=
Subject key identifier: 75:D3:FE:B2:BE:48:AD:63:7B:2F:EE:8C:0C:AD:72:F9:E2:F8:A8:F4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34D2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ddP-sr5IrWN7L-6MDK1y-eL4qPQ.roa
Signing time: Sat 30 Mar 2024 00:22:08 +0000
ROA not before: Sat 30 Mar 2024 00:22:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13522 (0x34d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 00:22:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=75D3FEB2BE48AD637B2FEE8C0CAD72F9E2F8A8F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:96:ec:45:c8:e2:3d:8e:4f:51:15:80:78:96:
78:5d:da:a4:f7:4b:33:17:61:c8:f7:f5:18:a5:2d:
18:8c:12:ac:2a:43:03:30:ca:65:ff:38:b3:8f:61:
c0:58:ee:0f:d0:ad:01:16:49:e9:77:f1:9b:58:e6:
40:67:1c:c7:b6:76:02:49:26:6d:28:d4:4d:bb:69:
09:0d:36:12:49:30:1f:fa:e5:2a:1c:cc:8f:ef:11:
1d:56:95:03:04:c2:79:7c:27:fa:f6:ec:10:e7:e9:
39:69:01:89:52:8b:79:16:81:38:aa:23:18:c9:07:
e0:a4:83:4d:c3:c8:61:8c:49:cf:c9:e1:85:d3:95:
5f:02:e0:22:7d:5a:34:50:ab:b6:a2:6d:99:12:ea:
21:30:b4:db:7b:40:65:84:d2:52:be:f7:6d:95:da:
69:6c:61:b6:7d:08:36:cd:10:90:d0:7e:08:4a:fc:
39:0b:ac:90:57:0e:e8:e2:de:73:57:ef:9b:92:5c:
13:b5:6f:00:f4:08:4b:e4:b5:ae:91:e5:58:1a:5e:
3e:3f:eb:61:19:b7:83:82:69:09:52:0d:89:b0:82:
d0:87:6a:ef:06:7f:28:fa:2c:0f:07:92:db:fb:23:
d8:d5:4c:5b:97:18:fe:8e:7d:92:aa:7c:13:23:c0:
00:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D3:FE:B2:BE:48:AD:63:7B:2F:EE:8C:0C:AD:72:F9:E2:F8:A8:F4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ddP-sr5IrWN7L-6MDK1y-eL4qPQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:17:47:af:91:d8:db:43:72:60:c6:23:23:95:24:a8:d2:8a:
53:76:dc:77:f5:de:e3:a6:65:e2:db:5c:9b:da:7c:d3:d7:17:
60:14:e0:cf:fe:91:20:eb:02:79:60:14:68:24:04:a8:75:28:
01:62:00:44:98:16:ef:eb:7f:88:f9:4b:f9:c3:a9:d6:d2:5d:
cd:8e:ea:09:e5:89:91:88:38:13:a0:2f:b1:2b:88:d9:90:f1:
78:fa:2a:aa:4e:76:33:c4:25:d1:df:94:38:93:c7:68:33:90:
7e:66:3d:d7:64:f3:b9:2c:6f:14:6d:ca:65:88:db:2b:42:55:
1e:e2:28:f6:a3:7f:85:75:08:b2:99:a7:74:6d:62:78:53:de:
8d:b6:68:b5:2e:d1:f8:67:23:23:16:71:38:56:41:a0:1d:97:
8a:2b:2a:e7:16:5b:51:9c:7d:d3:04:0a:09:39:1a:9c:17:fc:
d0:76:af:ab:87:c7:8c:1b:a0:3e:ff:22:b9:e3:a6:8d:6c:1f:
02:5f:2f:66:af:80:5b:62:37:1a:70:0a:a6:12:f0:5e:34:95:
5b:aa:11:44:6a:40:79:95:c5:12:82:36:67:4a:da:5a:fc:09:
4b:04:ae:43:12:ef:4d:4e:cf:2e:db:eb:6a:30:02:c6:de:25:
8e:39:d6:8e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNNIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
MDIyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc1RDNGRUIyQkU0OEFE
NjM3QjJGRUU4QzBDQUQ3MkY5RTJGOEE4RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWluxFyOI9jk9RFYB4lnhd2qT3SzMXYcj39RilLRiMEqwqQwMw
ymX/OLOPYcBY7g/QrQEWSel38ZtY5kBnHMe2dgJJJm0o1E27aQkNNhJJMB/65Soc
zI/vER1WlQMEwnl8J/r27BDn6TlpAYlSi3kWgTiqIxjJB+Ckg03DyGGMSc/J4YXT
lV8C4CJ9WjRQq7aibZkS6iEwtNt7QGWE0lK+922V2mlsYbZ9CDbNEJDQfghK/DkL
rJBXDuji3nNX75uSXBO1bwD0CEvkta6R5VgaXj4/62EZt4OCaQlSDYmwgtCHau8G
fyj6LA8Hktv7I9jVTFuXGP6OfZKqfBMjwADvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUddP+sr5IrWN7L+6MDK1y+eL4qPQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RkUC1zcjVJcldON0wt
Nk1ESzF5LWVMNHFQUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAGxdHr5HY20NyYMYjI5UkqNKKU3bcd/Xe
46Zl4ttcm9p809cXYBTgz/6RIOsCeWAUaCQEqHUoAWIARJgW7+t/iPlL+cOp1tJd
zY7qCeWJkYg4E6AvsSuI2ZDxePoqqk52M8Ql0d+UOJPHaDOQfmY912TzuSxvFG3K
ZYjbK0JVHuIo9qN/hXUIspmndG1ieFPejbZotS7R+GcjIxZxOFZBoB2Xiisq5xZb
UZx90wQKCTkanBf80Havq4fHjBugPv8iueOmjWwfAl8vZq+AW2I3GnAKphLwXjSV
W6oRRGpAeZXFEoI2Z0raWvwJSwSuQxLvTU7PLtvrajACxt4ljjnWjg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:01 2025 by rpki-client