Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fiiI6CN0FN6k7KIkEECYUzSPRkI.roa
File: fiiI6CN0FN6k7KIkEECYUzSPRkI.roa (raw, json)
Hash identifier: VAdH+kutczS59cPXW6DxBkdAb25c+BLF1LsD49bABeQ=
Subject key identifier: 7E:28:88:E8:23:74:14:DE:A4:EC:A2:24:10:40:98:53:34:8F:46:42
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D46
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fiiI6CN0FN6k7KIkEECYUzSPRkI.roa
Signing time: Wed 01 May 2024 14:53:37 +0000
ROA not before: Wed 01 May 2024 14:53:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19782 (0x4d46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 14:53:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7E2888E8237414DEA4ECA22410409853348F4642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:f9:19:8f:de:00:ae:62:6d:f0:9d:85:f2:56:
81:cb:8e:53:86:5f:12:7b:27:f4:b5:07:96:af:94:
d7:a8:f7:42:6a:db:0d:67:2a:17:30:b9:88:de:51:
7d:b4:45:7e:79:de:5e:4c:dc:21:74:ef:56:ea:b6:
96:63:74:dc:4a:6f:47:67:78:1b:b6:6c:0e:80:43:
7d:8d:b1:fa:ab:b9:0e:77:e6:7d:d7:28:9a:5d:6b:
1f:93:95:3b:ca:b2:57:96:d4:dd:e4:7c:95:01:81:
96:5f:8d:14:ce:49:be:24:b0:a5:d9:7a:19:58:28:
a1:3d:2b:5d:17:b3:8e:46:a4:3f:30:a1:0a:23:e2:
5b:98:b8:ad:19:6f:d3:f3:e8:01:29:f6:85:28:15:
9f:72:82:e9:f6:c0:7d:a1:10:4a:6f:9d:fd:b0:ab:
7d:e0:5f:17:1f:6c:b3:75:3a:9d:79:f6:36:c6:4a:
2e:cc:a4:b1:c3:37:de:46:3c:4a:5b:e0:d9:34:22:
84:a9:f4:c5:76:4b:89:1e:9f:a7:af:c0:fc:33:9e:
23:2b:aa:e8:39:18:80:65:fe:26:d0:00:1b:1f:f5:
41:9f:23:be:30:cc:71:8f:c0:8e:a0:11:28:7c:bf:
de:ab:4e:5c:d1:9d:37:5c:d8:f4:44:b3:ab:a8:9b:
ad:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:28:88:E8:23:74:14:DE:A4:EC:A2:24:10:40:98:53:34:8F:46:42
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fiiI6CN0FN6k7KIkEECYUzSPRkI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:d1:cf:53:e9:6a:e9:04:68:c5:9a:5b:2b:3d:4c:4e:82:52:
9e:2a:77:de:6a:06:6f:47:76:5e:3a:ff:0c:da:8e:5f:28:d4:
39:e6:51:3f:4d:f9:57:80:84:17:eb:19:6e:f1:cb:48:26:43:
37:a7:41:0c:0e:17:04:4f:fd:fb:6c:18:4b:80:31:58:24:11:
87:22:6f:2f:8a:b4:35:99:06:c2:20:24:89:47:91:fb:7d:3e:
fc:57:45:a4:94:eb:57:1f:22:97:b2:4e:4f:38:4e:92:11:1e:
02:30:bd:e6:cc:12:0d:f7:84:3e:ff:e4:b5:b5:d8:6c:21:14:
ec:98:51:3c:a8:b0:01:5a:b0:e5:fa:9a:67:b5:4b:25:84:10:
d9:b2:c0:61:a7:9b:fa:9a:8d:59:07:04:3b:a5:38:1f:cc:af:
38:70:78:a3:00:78:50:ac:1c:c3:a3:1b:15:17:83:7d:af:4b:
e3:03:43:db:7a:ad:59:fe:20:6e:06:40:90:30:17:a8:31:c7:
e7:42:56:34:aa:84:fb:6d:8e:bf:59:48:ef:f4:7a:ab:1b:25:
22:69:07:6b:b7:e2:74:c8:5f:2e:5a:2b:8e:66:83:9c:22:ae:
54:58:2e:50:5a:23:4a:88:6d:8f:94:5e:1a:86:9e:00:1d:d2:
99:80:ea:64
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTUYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEx
NDUzMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdFMjg4OEU4MjM3NDE0
REVBNEVDQTIyNDEwNDA5ODUzMzQ4RjQ2NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDz+RmP3gCuYm3wnYXyVoHLjlOGXxJ7J/S1B5avlNeo90Jq2w1n
KhcwuYjeUX20RX553l5M3CF071bqtpZjdNxKb0dneBu2bA6AQ32NsfqruQ535n3X
KJpdax+TlTvKsleW1N3kfJUBgZZfjRTOSb4ksKXZehlYKKE9K10Xs45GpD8woQoj
4luYuK0Zb9Pz6AEp9oUoFZ9ygun2wH2hEEpvnf2wq33gXxcfbLN1Op159jbGSi7M
pLHDN95GPEpb4Nk0IoSp9MV2S4ken6evwPwzniMrqug5GIBl/ibQABsf9UGfI74w
zHGPwI6gESh8v96rTlzRnTdc2PREs6uom627AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUfiiI6CN0FN6k7KIkEECYUzSPRkIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ZpaUk2Q04wRk42azdL
SWtFRUNZVXpTUFJrSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAn9HPU+lq6QRoxZpbKz1MToJSnip33moG
b0d2Xjr/DNqOXyjUOeZRP035V4CEF+sZbvHLSCZDN6dBDA4XBE/9+2wYS4AxWCQR
hyJvL4q0NZkGwiAkiUeR+30+/FdFpJTrVx8il7JOTzhOkhEeAjC95swSDfeEPv/k
tbXYbCEU7JhRPKiwAVqw5fqaZ7VLJYQQ2bLAYaeb+pqNWQcEO6U4H8yvOHB4owB4
UKwcw6MbFReDfa9L4wND23qtWf4gbgZAkDAXqDHH50JWNKqE+22Ov1lI7/R6qxsl
ImkHa7fidMhfLlorjmaDnCKuVFguUFojSohtj5ReGoaeAB3SmYDqZA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:25 2025 by rpki-client