Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/eNzoAC0ZlFCTE4rKxeh9meiw9LU.roa
File: eNzoAC0ZlFCTE4rKxeh9meiw9LU.roa (raw, json)
Hash identifier: 7fCmN83xg8i1GdcOB4eaDdeTVeOQAQrytbtOLgzimGE=
Subject key identifier: 78:DC:E8:00:2D:19:94:50:93:13:8A:CA:C5:E8:7D:99:E8:B0:F4:B5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A6A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eNzoAC0ZlFCTE4rKxeh9meiw9LU.roa
Signing time: Sat 06 Apr 2024 11:22:26 +0000
ROA not before: Sat 06 Apr 2024 11:22:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14954 (0x3a6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 11:22:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=78DCE8002D19945093138ACAC5E87D99E8B0F4B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:db:67:e9:8d:c7:2a:cf:31:5a:dd:63:2b:c3:
01:f6:1a:b6:ea:1e:26:54:fe:33:61:fa:1b:09:a0:
4d:0d:cf:c6:42:d3:d8:3e:cf:86:15:fe:54:20:a5:
3a:22:23:5a:56:c7:50:40:71:2b:43:a0:46:62:d8:
ca:4b:ae:cc:10:0b:7c:6b:d3:4e:89:3c:d4:00:cc:
74:45:6b:83:a1:ed:02:8a:3d:5c:2b:4c:c0:f8:52:
78:86:a5:6e:de:3f:ed:a8:2c:e1:73:51:3d:ac:61:
4b:21:71:f7:19:20:44:b4:d4:24:4a:e2:aa:df:8b:
2b:4f:b8:67:24:6d:0b:3e:63:35:d1:80:d6:de:dc:
b3:28:18:ea:0e:1b:2d:86:8f:9d:c8:42:4f:78:d9:
0b:8d:bc:5a:7a:75:1e:14:b5:b1:c8:ab:11:29:dc:
27:db:c1:35:cd:7a:b4:c7:12:c6:fb:87:47:67:12:
b3:41:d7:75:63:41:10:23:b7:d5:02:02:3e:87:03:
89:c6:bb:b7:4f:b7:03:9b:b1:81:48:bb:78:26:07:
ee:5a:4c:b6:43:3b:30:e4:60:6f:6f:fb:3b:be:b6:
76:75:4c:32:a4:58:94:71:5c:b1:cb:93:b1:7a:b4:
60:b9:4a:b3:1f:ba:ed:ab:84:06:a8:d8:a0:49:21:
b7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:DC:E8:00:2D:19:94:50:93:13:8A:CA:C5:E8:7D:99:E8:B0:F4:B5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eNzoAC0ZlFCTE4rKxeh9meiw9LU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b0:dd:2b:e2:f2:cb:8a:9d:6b:63:f4:81:b6:a6:14:f2:3e:a4:
57:a9:6f:b1:a8:1a:78:7b:d4:31:9e:69:33:b0:76:25:14:83:
22:ec:bc:14:b8:8b:cf:b6:d3:7e:2e:e8:e6:03:da:55:a8:7a:
31:be:5d:66:4b:4b:ff:e7:f5:02:a4:1f:d7:4f:cf:49:19:84:
ac:2c:a2:59:5d:fc:36:57:c9:d6:49:0a:79:e9:8f:12:28:46:
3a:e8:19:77:f6:5e:a7:e8:98:fa:65:90:d5:be:f4:e6:96:a0:
db:d3:a3:3a:35:63:82:f4:68:9b:5b:d7:ff:03:36:e1:91:76:
28:2e:03:54:5a:f8:4d:95:4c:a6:d1:0d:be:df:49:70:28:36:
79:31:85:cb:a1:fa:d5:87:69:3d:e7:19:99:05:37:a5:6f:f8:
e4:34:fe:da:43:c5:14:de:22:f4:2f:92:af:c6:4d:c8:54:0b:
53:6f:e9:a1:79:5e:be:f1:47:8d:fe:c9:34:7f:66:e1:66:0f:
08:f2:e2:16:76:0c:5a:1d:e8:5f:5f:f8:58:1b:49:75:5f:f4:
16:8c:b9:f8:44:5d:8e:36:a8:ed:c2:a6:68:4b:a0:d6:86:93:
1b:a5:ee:27:5e:9a:77:7b:c0:fb:01:c3:6b:77:73:2e:5c:a5:
4e:80:47:40
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOmowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYx
MTIyMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc4RENFODAwMkQxOTk0
NTA5MzEzOEFDQUM1RTg3RDk5RThCMEY0QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc22fpjccqzzFa3WMrwwH2GrbqHiZU/jNh+hsJoE0Nz8ZC09g+
z4YV/lQgpToiI1pWx1BAcStDoEZi2MpLrswQC3xr006JPNQAzHRFa4Oh7QKKPVwr
TMD4UniGpW7eP+2oLOFzUT2sYUshcfcZIES01CRK4qrfiytPuGckbQs+YzXRgNbe
3LMoGOoOGy2Gj53IQk942QuNvFp6dR4UtbHIqxEp3CfbwTXNerTHEsb7h0dnErNB
13VjQRAjt9UCAj6HA4nGu7dPtwObsYFIu3gmB+5aTLZDOzDkYG9v+zu+tnZ1TDKk
WJRxXLHLk7F6tGC5SrMfuu2rhAao2KBJIbc7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUeNzoAC0ZlFCTE4rKxeh9meiw9LUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VOem9BQzBabEZDVEU0
ckt4ZWg5bWVpdzlMVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAsN0r4vLLip1rY/SBtqYU8j6kV6lvsaga
eHvUMZ5pM7B2JRSDIuy8FLiLz7bTfi7o5gPaVah6Mb5dZktL/+f1AqQf10/PSRmE
rCyiWV38NlfJ1kkKeemPEihGOugZd/Zep+iY+mWQ1b705pag29OjOjVjgvRom1vX
/wM24ZF2KC4DVFr4TZVMptENvt9JcCg2eTGFy6H61YdpPecZmQU3pW/45DT+2kPF
FN4i9C+Sr8ZNyFQLU2/poXlevvFHjf7JNH9m4WYPCPLiFnYMWh3oX1/4WBtJdV/0
Foy5+ERdjjao7cKmaEug1oaTG6XuJ16ad3vA+wHDa3dzLlylToBHQA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:14 2025 by rpki-client