Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/imnt-k4xnUUW7MNdDwnx4n8MJgQ.roa
File: imnt-k4xnUUW7MNdDwnx4n8MJgQ.roa (raw, json)
Hash identifier: ilR2WYE/Kgfl5f+UCNPlS2vLm3BRhGMsIhxBItAOgjo=
Subject key identifier: 8A:69:ED:FA:4E:31:9D:45:16:EC:C3:5D:0F:09:F1:E2:7F:0C:26:04
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4806
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/imnt-k4xnUUW7MNdDwnx4n8MJgQ.roa
Signing time: Wed 24 Apr 2024 14:53:17 +0000
ROA not before: Wed 24 Apr 2024 14:53:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18438 (0x4806)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 14:53:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8A69EDFA4E319D4516ECC35D0F09F1E27F0C2604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:75:aa:d3:f4:88:e8:69:c5:85:9e:66:41:a8:
48:84:7e:42:51:87:23:fd:60:17:7b:09:1c:1d:36:
15:2d:f3:fe:8a:9c:46:98:5d:32:ab:e2:93:6b:a9:
61:72:75:97:a9:bf:3f:c4:7e:f8:0c:c7:90:56:33:
2f:10:43:71:89:fc:13:0a:40:29:eb:0a:78:48:02:
73:a1:60:a8:d9:45:6d:20:a6:8f:c4:ff:75:24:55:
f0:04:a2:71:4c:66:4b:16:97:02:d3:ad:6d:24:64:
12:f4:eb:bb:5d:52:11:e6:3f:f7:35:f8:c9:6a:79:
6d:17:ea:f2:aa:d7:d8:a5:bf:62:7e:76:01:3f:8e:
ca:c3:c3:7f:2e:5d:c4:6c:0f:4d:b2:36:66:9d:d7:
0f:87:b4:31:03:21:d6:98:9f:7e:76:36:9c:9f:aa:
b0:15:d8:a5:69:eb:1f:57:50:20:0a:60:81:8f:89:
27:68:b6:6f:14:d5:c7:10:9b:fb:64:c4:88:69:9a:
53:59:bc:2b:36:64:cd:41:08:32:aa:85:fc:9c:f9:
0e:0b:28:a9:4b:2f:c5:81:bb:5c:5a:10:74:93:be:
b5:9a:ff:e3:80:34:8a:a6:1c:57:a2:93:17:ea:3f:
19:fb:8c:d4:8e:6d:a5:3b:5b:b6:2b:6d:13:eb:fa:
ff:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:69:ED:FA:4E:31:9D:45:16:EC:C3:5D:0F:09:F1:E2:7F:0C:26:04
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/imnt-k4xnUUW7MNdDwnx4n8MJgQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:4b:92:d8:51:54:2d:6a:10:c4:0a:cb:4c:d1:48:99:32:d4:
35:ca:66:fc:36:cc:8f:e3:6e:96:92:d0:60:d2:d5:3b:14:96:
4b:43:04:c0:e2:01:1b:43:cd:28:aa:85:e6:c9:7a:07:ce:e0:
5c:da:46:c6:72:59:0c:54:71:a0:f3:99:78:f1:29:79:cc:dc:
8f:e5:1d:ff:62:db:cf:61:07:d1:59:b7:22:1f:af:c7:ff:c9:
c3:2f:0b:47:36:2a:f0:47:8b:ed:d7:0b:93:fd:00:79:aa:8c:
65:94:33:21:1e:15:98:7b:60:2a:a2:00:08:e0:70:3e:6a:73:
4b:c5:a7:f8:66:d5:5c:2f:18:3a:27:28:10:15:19:d9:ec:4b:
e5:e3:e3:37:d8:5e:5e:fa:83:c2:84:88:21:a4:2f:cd:9b:9d:
09:97:8a:4b:ce:13:3c:c5:17:20:fb:6c:fd:47:c9:b2:e9:0c:
2e:d0:bf:0a:3d:e0:5a:88:e4:25:72:97:aa:4b:a0:ef:3e:bb:
45:d8:4f:3b:3f:01:0f:bf:ed:91:08:62:00:e9:14:6d:ed:8e:
b5:f7:91:c1:94:ca:fa:33:24:81:e3:2c:59:d0:87:52:3f:34:
09:bd:51:b5:d7:3d:d4:01:41:cc:c3:f5:d3:b6:32:21:f6:ee:
9a:1f:ec:98
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSAYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQx
NDUzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhBNjlFREZBNEUzMTlE
NDUxNkVDQzM1RDBGMDlGMUUyN0YwQzI2MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjdarT9IjoacWFnmZBqEiEfkJRhyP9YBd7CRwdNhUt8/6KnEaY
XTKr4pNrqWFydZepvz/EfvgMx5BWMy8QQ3GJ/BMKQCnrCnhIAnOhYKjZRW0gpo/E
/3UkVfAEonFMZksWlwLTrW0kZBL067tdUhHmP/c1+MlqeW0X6vKq19ilv2J+dgE/
jsrDw38uXcRsD02yNmad1w+HtDEDIdaYn352NpyfqrAV2KVp6x9XUCAKYIGPiSdo
tm8U1ccQm/tkxIhpmlNZvCs2ZM1BCDKqhfyc+Q4LKKlLL8WBu1xaEHSTvrWa/+OA
NIqmHFeikxfqPxn7jNSObaU7W7YrbRPr+v8HAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUimnt+k4xnUUW7MNdDwnx4n8MJgQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ltbnQtazR4blVVVzdN
TmREd254NG44TUpnUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAaEuS2FFULWoQxArLTNFImTLUNcpm/DbM
j+NulpLQYNLVOxSWS0MEwOIBG0PNKKqF5sl6B87gXNpGxnJZDFRxoPOZePEpeczc
j+Ud/2Lbz2EH0Vm3Ih+vx//Jwy8LRzYq8EeL7dcLk/0AeaqMZZQzIR4VmHtgKqIA
COBwPmpzS8Wn+GbVXC8YOicoEBUZ2exL5ePjN9heXvqDwoSIIaQvzZudCZeKS84T
PMUXIPts/UfJsukMLtC/Cj3gWojkJXKXqkug7z67RdhPOz8BD7/tkQhiAOkUbe2O
tfeRwZTK+jMkgeMsWdCHUj80Cb1Rtdc91AFBzMP107YyIfbumh/smA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:48 2025 by rpki-client