Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ertRx6F3muNsbsVIbYbdPfYtbno.roa
File: ertRx6F3muNsbsVIbYbdPfYtbno.roa (raw, json)
Hash identifier: 5fyJ57gLW64HuHiDV0K2lQPCnB2wSDp7IqZsOAQfw5o=
Subject key identifier: 7A:BB:51:C7:A1:77:9A:E3:6C:6E:C5:48:6D:86:DD:3D:F6:2D:6E:7A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DFE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ertRx6F3muNsbsVIbYbdPfYtbno.roa
Signing time: Thu 11 Apr 2024 05:52:47 +0000
ROA not before: Thu 11 Apr 2024 05:52:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15870 (0x3dfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 05:52:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7ABB51C7A1779AE36C6EC5486D86DD3DF62D6E7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:89:1f:d2:f5:cf:10:1c:dc:01:37:fa:4b:50:
fe:e3:f4:eb:86:7f:3a:fd:47:6a:7e:c2:e2:e8:0e:
51:c9:da:bb:ac:f2:69:5a:f6:b8:bc:4c:a1:14:52:
e4:97:63:04:86:49:d1:5f:9a:f5:12:26:68:9a:7e:
5b:49:69:0f:f6:0b:68:6a:c4:45:55:c4:d0:b0:61:
d5:a6:4a:1e:39:33:5c:90:c7:87:af:21:7b:35:9f:
6a:ba:c8:ce:ed:57:2b:cd:d8:02:9c:38:bb:fa:c1:
d4:0f:1c:d0:f7:0f:3b:60:4d:68:b6:ce:50:90:6d:
de:41:64:dd:8a:c3:06:62:3d:08:a7:23:87:eb:36:
07:f8:3b:a0:e7:0a:29:03:a0:47:c6:71:3b:4e:34:
40:30:3c:f3:ed:88:e9:99:5d:e3:b0:df:6a:c2:ee:
11:b7:f8:d5:4b:a3:3e:70:00:7a:5e:b8:ff:1e:fa:
77:c6:d2:8d:25:aa:e2:65:34:74:0d:27:d0:6a:25:
fb:57:7b:d0:51:9a:2d:e5:91:a7:6c:6c:ce:10:0a:
53:b2:e2:7a:23:1a:d1:10:c5:9c:11:58:cf:31:f6:
d6:80:43:6f:3e:9c:66:23:e6:ea:2f:11:20:2f:fe:
45:0b:a2:82:dc:62:21:66:4c:73:0c:85:d1:26:54:
7d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BB:51:C7:A1:77:9A:E3:6C:6E:C5:48:6D:86:DD:3D:F6:2D:6E:7A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ertRx6F3muNsbsVIbYbdPfYtbno.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:f3:a0:7d:39:b3:b8:4a:0e:09:78:52:31:a7:15:52:b5:f2:
f5:62:d3:9a:6f:c4:e6:65:d7:ab:cc:dc:44:1c:3f:3b:22:dc:
e7:5e:09:39:45:b8:28:0c:aa:b0:c5:3d:d3:45:11:12:43:02:
62:56:cf:e8:70:f1:b4:ea:3e:3c:9d:a7:ca:ae:58:79:5e:bb:
0e:9a:6b:3c:5a:99:be:6e:16:20:00:e9:d7:cb:2e:be:aa:a3:
99:63:e0:f8:d9:5a:e4:18:ae:e2:72:2b:88:1f:ea:d8:1a:e3:
20:2c:ee:3a:ae:57:be:b0:f9:a1:b2:5a:5e:e5:e8:e1:22:0e:
df:87:f3:70:2b:ab:63:20:bd:c7:f6:28:cd:5e:62:95:3a:4a:
19:42:6e:cb:04:ea:09:ea:0a:11:80:58:5d:43:6c:c3:87:e3:
a8:e5:21:2f:c7:55:46:4e:fd:b3:7e:44:cd:7a:3a:f5:fe:db:
6b:b4:ac:3c:62:08:ec:c5:87:59:ff:72:47:73:c6:c6:df:88:
fc:1a:36:f0:58:36:1a:83:0c:99:63:4e:51:69:ff:d0:09:b8:
72:9a:d6:b5:49:7e:e2:2f:41:25:81:be:6c:4d:46:9e:99:96:
20:ff:79:24:ca:03:e6:8c:40:a9:d5:a4:67:30:5d:e9:58:9e:
14:2e:3a:b5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPf4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
NTUyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdBQkI1MUM3QTE3NzlB
RTM2QzZFQzU0ODZEODZERDNERjYyRDZFN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOiR/S9c8QHNwBN/pLUP7j9OuGfzr9R2p+wuLoDlHJ2rus8mla
9ri8TKEUUuSXYwSGSdFfmvUSJmiafltJaQ/2C2hqxEVVxNCwYdWmSh45M1yQx4ev
IXs1n2q6yM7tVyvN2AKcOLv6wdQPHND3DztgTWi2zlCQbd5BZN2KwwZiPQinI4fr
Ngf4O6DnCikDoEfGcTtONEAwPPPtiOmZXeOw32rC7hG3+NVLoz5wAHpeuP8e+nfG
0o0lquJlNHQNJ9BqJftXe9BRmi3lkadsbM4QClOy4nojGtEQxZwRWM8x9taAQ28+
nGYj5uovESAv/kULooLcYiFmTHMMhdEmVH1JAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUertRx6F3muNsbsVIbYbdPfYtbnowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VydFJ4NkYzbXVOc2Jz
VkliWWJkUGZZdGJuby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEALvOgfTmzuEoOCXhSMacVUrXy9WLTmm/E
5mXXq8zcRBw/OyLc514JOUW4KAyqsMU900UREkMCYlbP6HDxtOo+PJ2nyq5YeV67
DpprPFqZvm4WIADp18suvqqjmWPg+Nla5Biu4nIriB/q2BrjICzuOq5XvrD5obJa
XuXo4SIO34fzcCurYyC9x/YozV5ilTpKGUJuywTqCeoKEYBYXUNsw4fjqOUhL8dV
Rk79s35EzXo69f7ba7SsPGII7MWHWf9yR3PGxt+I/Bo28Fg2GoMMmWNOUWn/0Am4
cprWtUl+4i9BJYG+bE1GnpmWIP95JMoD5oxAqdWkZzBd6VieFC46tQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:58 2025 by rpki-client