Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/iJGPIVzRZOnsf_iy8rjH9-ezhus.roa
File: iJGPIVzRZOnsf_iy8rjH9-ezhus.roa (raw, json)
Hash identifier: oFXwXJmd0cMTRD8rGo3C4B6zwTn2hBzKsmGE8GB9TXo=
Subject key identifier: 88:91:8F:21:5C:D1:64:E9:EC:7F:F8:B2:F2:B8:C7:F7:E7:B3:86:EB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F46
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iJGPIVzRZOnsf_iy8rjH9-ezhus.roa
Signing time: Fri 12 Apr 2024 22:52:52 +0000
ROA not before: Fri 12 Apr 2024 22:52:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16198 (0x3f46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 22:52:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=88918F215CD164E9EC7FF8B2F2B8C7F7E7B386EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:cd:3b:b9:36:5a:a4:a0:5a:a2:20:96:d6:12:
27:7e:ad:fb:0f:58:43:8c:8d:83:b6:28:aa:47:c4:
85:0e:8e:3e:68:4e:df:16:5c:1c:e6:f1:12:d7:9c:
30:59:4c:ec:c4:9b:77:a4:24:00:66:88:e8:09:f3:
43:e9:5e:44:2d:f8:fb:cd:f2:2b:72:66:f2:f0:08:
48:f2:e3:b3:22:00:72:93:a4:08:4f:26:08:15:90:
ce:40:e9:92:8e:5d:53:67:00:85:ca:99:a4:78:0b:
06:51:20:4b:ad:6f:29:87:9d:3f:4d:e4:c0:84:a8:
cd:65:eb:b9:6b:e1:ec:0b:56:12:7a:b2:ac:a9:d9:
67:8b:80:4d:8d:ab:81:ae:f6:a4:90:c1:c9:7f:29:
f3:45:f5:ed:a6:85:c0:13:f7:c5:5a:20:a5:f3:38:
ad:f6:74:f7:83:1d:63:81:c7:23:10:c1:05:65:d0:
cc:75:7c:8e:3b:5d:fa:f7:c1:a7:6c:40:64:02:49:
6e:a2:98:f4:21:07:6a:7d:57:c2:b9:9b:2a:3a:34:
2d:21:80:d5:c6:a2:31:b9:e7:46:e7:f5:87:9e:fc:
2c:2e:ee:3a:32:03:fc:65:8a:18:eb:6a:e4:3f:bf:
b9:39:df:9f:20:fd:15:07:28:e9:7d:62:10:ba:74:
6b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:91:8F:21:5C:D1:64:E9:EC:7F:F8:B2:F2:B8:C7:F7:E7:B3:86:EB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iJGPIVzRZOnsf_iy8rjH9-ezhus.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:e5:47:e6:4d:db:a6:42:fd:3e:b7:6b:75:4e:59:ff:a3:61:
67:d8:53:ba:0b:9e:c2:26:c9:1e:54:cc:c4:d3:ed:71:b0:98:
87:14:d8:b8:60:6a:7d:f6:40:97:c5:bc:58:51:da:d6:fa:90:
41:53:fc:2e:fb:91:2b:66:02:40:88:57:c0:c5:85:8d:0b:62:
7b:f6:c3:58:85:ec:ee:41:12:e9:09:b5:fd:0b:ae:33:78:97:
dd:0e:3e:69:0b:10:2f:57:22:e1:56:38:74:1d:12:85:90:ce:
a9:67:0e:bb:8f:af:fa:8d:13:3d:92:d0:bc:92:c3:1d:89:0d:
5b:0a:5e:c9:14:3e:08:47:b8:a4:db:d4:69:81:84:e5:8f:ad:
1a:00:8c:a4:1e:4b:cb:92:2b:6f:e9:a2:28:74:64:57:ba:28:
4e:c8:77:8c:ac:89:64:de:fd:44:51:f5:f2:07:ac:a5:ea:c6:
b3:c1:f8:f1:77:4e:95:56:36:98:a1:ca:28:e1:01:35:10:be:
80:a9:cc:00:04:7d:0a:fe:02:00:2d:f9:dc:b7:47:f0:8e:db:
3f:55:39:13:00:9d:b3:7f:50:36:9d:e4:75:48:a7:9c:b8:fc:
21:07:60:fd:5d:85:92:89:41:53:08:ef:ab:02:bd:0b:0f:3e:
b8:7f:f9:17
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIy
MjUyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg4OTE4RjIxNUNEMTY0
RTlFQzdGRjhCMkYyQjhDN0Y3RTdCMzg2RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEzTu5NlqkoFqiIJbWEid+rfsPWEOMjYO2KKpHxIUOjj5oTt8W
XBzm8RLXnDBZTOzEm3ekJABmiOgJ80PpXkQt+PvN8ityZvLwCEjy47MiAHKTpAhP
JggVkM5A6ZKOXVNnAIXKmaR4CwZRIEutbymHnT9N5MCEqM1l67lr4ewLVhJ6sqyp
2WeLgE2Nq4Gu9qSQwcl/KfNF9e2mhcAT98VaIKXzOK32dPeDHWOBxyMQwQVl0Mx1
fI47Xfr3wadsQGQCSW6imPQhB2p9V8K5myo6NC0hgNXGojG550bn9Yee/Cwu7joy
A/xlihjrauQ/v7k5358g/RUHKOl9YhC6dGuvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUiJGPIVzRZOnsf/iy8rjH9+ezhuswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lKR1BJVnpSWk9uc2Zf
aXk4cmpIOS1lemh1cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAOuVH5k3bpkL9PrdrdU5Z/6NhZ9hTugue
wibJHlTMxNPtcbCYhxTYuGBqffZAl8W8WFHa1vqQQVP8LvuRK2YCQIhXwMWFjQti
e/bDWIXs7kES6Qm1/QuuM3iX3Q4+aQsQL1ci4VY4dB0ShZDOqWcOu4+v+o0TPZLQ
vJLDHYkNWwpeyRQ+CEe4pNvUaYGE5Y+tGgCMpB5Ly5Irb+miKHRkV7ooTsh3jKyJ
ZN79RFH18gesperGs8H48XdOlVY2mKHKKOEBNRC+gKnMAAR9Cv4CAC353LdH8I7b
P1U5EwCds39QNp3kdUinnLj8IQdg/V2FkolBUwjvqwK9Cw8+uH/5Fw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:24 2025 by rpki-client