Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/i7UFhinE4F9LuYaNlKkmiTL2FrY.roa
File: i7UFhinE4F9LuYaNlKkmiTL2FrY.roa (raw, json)
Hash identifier: mTJNsKFAK1YFNkAPDhXEo89PAccmpcwImenbF4o35b4=
Subject key identifier: 8B:B5:05:86:29:C4:E0:5F:4B:B9:86:8D:94:A9:26:89:32:F6:16:B6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 537A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/i7UFhinE4F9LuYaNlKkmiTL2FrY.roa
Signing time: Thu 09 May 2024 21:23:59 +0000
ROA not before: Thu 09 May 2024 21:23:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21370 (0x537a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 21:23:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8BB5058629C4E05F4BB9868D94A9268932F616B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5d:43:97:86:45:c0:81:7c:fa:91:ba:f8:b9:
c3:83:2f:58:43:ae:6f:dc:42:e6:c2:ca:7e:e0:e5:
da:cf:0d:d2:ce:2e:84:e0:ea:4c:34:01:58:20:2c:
0e:ce:5f:e2:3c:34:74:00:ad:59:dc:cc:2b:99:52:
e8:b1:0f:5a:24:07:04:29:ed:cb:5d:54:85:db:1b:
23:2d:60:96:d8:16:7e:2e:2a:bf:6b:94:2e:44:64:
d6:f3:8c:18:10:8a:fa:df:5e:7c:71:ad:bb:55:65:
7a:4c:c3:59:2f:e8:7a:cf:29:fc:f6:91:f5:ef:07:
1d:d4:dd:2a:56:c9:6a:77:d9:48:e2:8c:18:0e:d2:
68:03:36:a9:8c:d9:b3:39:ae:a4:2c:b2:63:3d:09:
f9:26:b2:96:7d:59:42:1b:4e:83:9d:ca:59:61:b5:
ff:33:ee:e1:06:cf:c6:9f:52:23:0a:dc:1b:dc:3d:
58:54:c8:21:be:9b:f8:9c:be:c0:10:a4:7a:03:f9:
c3:d4:cb:6c:64:2f:73:fc:6d:7d:d2:95:63:ab:d6:
b6:ec:99:3e:37:e8:fd:b6:25:12:3c:ac:00:01:17:
0d:20:a7:70:ee:f8:12:c6:d5:35:78:ed:58:47:14:
06:6b:12:17:2d:51:ef:b8:44:bd:20:47:e5:a6:37:
8d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B5:05:86:29:C4:E0:5F:4B:B9:86:8D:94:A9:26:89:32:F6:16:B6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/i7UFhinE4F9LuYaNlKkmiTL2FrY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:b1:a2:7f:70:81:e1:2c:dc:39:b7:f7:a3:b5:48:fb:5d:ce:
49:cc:c6:6c:bd:c5:c1:b5:ad:c6:eb:ab:6c:c7:e6:4b:2d:5e:
cb:65:04:2f:2c:2d:ff:7d:ee:35:3f:d3:b9:ed:b1:9e:4a:b0:
5a:ba:aa:48:01:f9:3b:e0:b0:d3:39:cb:57:7a:df:b9:f6:1e:
22:6e:e3:93:48:ac:9d:65:19:6a:2f:37:22:ed:13:72:42:83:
48:c6:60:54:98:be:4f:56:98:09:1a:7f:ff:23:7e:b0:a6:cc:
73:13:a6:5a:cc:b1:f1:56:48:03:39:7d:31:88:ab:f2:6e:38:
bc:40:34:13:21:ba:06:8e:f5:68:00:a3:29:91:d5:b9:43:d7:
97:09:d5:6f:76:82:16:e5:67:71:a3:08:5f:79:aa:c1:ba:10:
a7:e5:73:c0:c4:b2:42:41:22:20:ab:4d:3e:43:71:ff:fc:6f:
4f:37:78:e0:3e:d0:05:c2:a4:d7:dd:84:6d:ec:9e:c0:08:01:
37:21:23:4f:fb:57:63:5d:2a:62:b7:85:0b:f1:61:d2:57:4c:
76:2f:d4:2c:d6:34:9a:17:0a:7d:ca:a0:1a:e0:32:56:b2:81:
af:11:1e:13:82:3e:eb:0f:63:53:e6:14:9a:20:c5:52:18:4c:
62:f5:ca:16
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU3owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDky
MTIzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhCQjUwNTg2MjlDNEUw
NUY0QkI5ODY4RDk0QTkyNjg5MzJGNjE2QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgXUOXhkXAgXz6kbr4ucODL1hDrm/cQubCyn7g5drPDdLOLoTg
6kw0AVggLA7OX+I8NHQArVnczCuZUuixD1okBwQp7ctdVIXbGyMtYJbYFn4uKr9r
lC5EZNbzjBgQivrfXnxxrbtVZXpMw1kv6HrPKfz2kfXvBx3U3SpWyWp32UjijBgO
0mgDNqmM2bM5rqQssmM9CfkmspZ9WUIbToOdyllhtf8z7uEGz8afUiMK3BvcPVhU
yCG+m/icvsAQpHoD+cPUy2xkL3P8bX3SlWOr1rbsmT436P22JRI8rAABFw0gp3Du
+BLG1TV47VhHFAZrEhctUe+4RL0gR+WmN40FAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUi7UFhinE4F9LuYaNlKkmiTL2FrYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2k3VUZoaW5FNEY5THVZ
YU5sS2ttaVRMMkZyWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAZrGif3CB4SzcObf3o7VI+13OSczGbL3F
wbWtxuurbMfmSy1ey2UELywt/33uNT/Tue2xnkqwWrqqSAH5O+Cw0znLV3rfufYe
Im7jk0isnWUZai83Iu0TckKDSMZgVJi+T1aYCRp//yN+sKbMcxOmWsyx8VZIAzl9
MYir8m44vEA0EyG6Bo71aACjKZHVuUPXlwnVb3aCFuVncaMIX3mqwboQp+VzwMSy
QkEiIKtNPkNx//xvTzd44D7QBcKk192EbeyewAgBNyEjT/tXY10qYreFC/Fh0ldM
di/ULNY0mhcKfcqgGuAyVrKBrxEeE4I+6w9jU+YUmiDFUhhMYvXKFg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:16 2025 by rpki-client