Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hQnl9lV0XOQAch-vLj3qVhH8QLc.roa
File: hQnl9lV0XOQAch-vLj3qVhH8QLc.roa (raw, json)
Hash identifier: cwn5MqZiznylQR/kyMxFsojj1M5OZCfD7YjCeAEgPhk=
Subject key identifier: 85:09:E5:F6:55:74:5C:E4:00:72:1F:AF:2E:3D:EA:56:11:FC:40:B7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D1E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hQnl9lV0XOQAch-vLj3qVhH8QLc.roa
Signing time: Wed 10 Apr 2024 01:52:40 +0000
ROA not before: Wed 10 Apr 2024 01:52:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15646 (0x3d1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 01:52:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8509E5F655745CE400721FAF2E3DEA5611FC40B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:75:f4:ad:33:3a:6e:38:5d:42:63:45:08:75:
cb:c7:a2:38:e9:05:cb:99:4a:8a:c9:93:35:90:99:
fd:21:0c:16:20:62:82:91:4b:ee:3a:9a:a7:b6:39:
86:62:0b:dd:a9:ab:9f:e5:a7:4a:78:34:f2:c3:4b:
5e:5f:12:bc:37:1a:81:6f:df:b8:a2:f3:12:13:30:
21:49:c4:74:62:ed:69:23:9f:6b:6c:d8:56:7c:1d:
95:f8:67:61:d1:6a:20:30:a0:c0:d4:2c:63:b2:af:
7c:4b:14:d9:ab:ac:41:af:e7:ea:35:13:d6:cf:d1:
6a:57:3a:09:95:22:71:92:60:fc:ea:ec:39:62:44:
c3:9a:70:5c:a2:22:56:00:0a:76:10:74:b6:e1:35:
05:65:a5:cb:9a:44:90:9d:66:d9:30:01:df:c6:97:
21:b5:14:39:ec:12:15:35:fb:65:d1:62:6f:71:04:
a3:68:39:ba:7c:51:d3:d6:b5:62:aa:26:bb:d8:e4:
0b:2c:b1:13:f2:75:ee:2c:68:7a:70:3b:5c:f0:84:
59:77:fd:cb:eb:a7:b9:cb:e1:ee:21:1a:5e:2b:1a:
7d:d7:6c:16:32:95:a2:e4:b4:37:23:2b:eb:c1:eb:
5a:69:c8:84:2c:c2:65:a5:e1:8d:07:b6:1e:0a:76:
be:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:09:E5:F6:55:74:5C:E4:00:72:1F:AF:2E:3D:EA:56:11:FC:40:B7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hQnl9lV0XOQAch-vLj3qVhH8QLc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:8e:2c:5c:df:40:8a:01:7c:20:e3:00:2d:e9:a3:a1:d2:d3:
03:f6:5e:3a:e8:a8:a4:52:1f:61:69:a0:cf:89:d6:10:7a:00:
d4:a0:81:6c:a2:75:19:85:73:88:46:cb:15:8d:a2:0e:b3:04:
cb:7a:8c:d7:9b:d3:38:a8:ad:0b:06:01:1e:bb:2d:f2:b5:ec:
f3:1d:1a:f2:2f:4c:c8:1f:94:96:44:e6:9c:a3:56:d3:a6:62:
bb:15:08:21:01:49:6f:70:eb:6a:c2:29:70:e3:20:da:e9:2f:
ec:aa:aa:89:5e:78:bb:2a:b6:df:54:15:b3:cc:61:c5:49:16:
4a:36:2c:df:ce:c4:3a:a9:2a:4e:d9:0c:89:84:18:62:0e:9e:
f3:f8:a0:48:1b:07:15:2a:d8:0e:96:4a:b6:df:f2:44:25:dd:
8e:c0:1d:bd:d0:73:dc:45:4c:6b:7d:92:85:9e:82:8c:c3:76:
a9:6b:1e:c3:22:00:d2:73:33:06:7a:1b:aa:77:a7:12:18:75:
5d:2e:52:42:0f:9e:86:33:ed:d9:83:ff:22:31:18:18:05:dc:
d9:7d:d1:c9:3f:6b:db:9a:7b:3d:61:62:11:49:68:3a:e1:82:
ac:1d:17:b8:8a:df:49:00:3c:90:a7:a7:d4:dc:e3:17:3e:5c:
90:bc:5e:17
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPR4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
MTUyNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg1MDlFNUY2NTU3NDVD
RTQwMDcyMUZBRjJFM0RFQTU2MTFGQzQwQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCldfStMzpuOF1CY0UIdcvHojjpBcuZSorJkzWQmf0hDBYgYoKR
S+46mqe2OYZiC92pq5/lp0p4NPLDS15fErw3GoFv37ii8xITMCFJxHRi7Wkjn2ts
2FZ8HZX4Z2HRaiAwoMDULGOyr3xLFNmrrEGv5+o1E9bP0WpXOgmVInGSYPzq7Dli
RMOacFyiIlYACnYQdLbhNQVlpcuaRJCdZtkwAd/GlyG1FDnsEhU1+2XRYm9xBKNo
Obp8UdPWtWKqJrvY5AsssRPyde4saHpwO1zwhFl3/cvrp7nL4e4hGl4rGn3XbBYy
laLktDcjK+vB61ppyIQswmWl4Y0Hth4Kdr7zAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhQnl9lV0XOQAch+vLj3qVhH8QLcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hRbmw5bFYwWE9RQWNo
LXZMajNxVmhIOFFMYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAE44sXN9AigF8IOMALemjodLTA/ZeOuio
pFIfYWmgz4nWEHoA1KCBbKJ1GYVziEbLFY2iDrMEy3qM15vTOKitCwYBHrst8rXs
8x0a8i9MyB+UlkTmnKNW06ZiuxUIIQFJb3DrasIpcOMg2ukv7KqqiV54uyq231QV
s8xhxUkWSjYs387EOqkqTtkMiYQYYg6e8/igSBsHFSrYDpZKtt/yRCXdjsAdvdBz
3EVMa32ShZ6CjMN2qWsewyIA0nMzBnobqnenEhh1XS5SQg+ehjPt2YP/IjEYGAXc
2X3RyT9r25p7PWFiEUloOuGCrB0XuIrfSQA8kKen1NzjFz5ckLxeFw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:19 2025 by rpki-client