Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/is7mvtSKQge3W8Z8Kk0EweM6Mr0.roa
File: is7mvtSKQge3W8Z8Kk0EweM6Mr0.roa (raw, json)
Hash identifier: 7c+bkaOf7faN+BakOD6tzhE030uay+Z+4Cid9x3CAw8=
Subject key identifier: 8A:CE:E6:BE:D4:8A:42:07:B7:5B:C6:7C:2A:4D:04:C1:E3:3A:32:BD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3BC2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/is7mvtSKQge3W8Z8Kk0EweM6Mr0.roa
Signing time: Mon 08 Apr 2024 06:22:37 +0000
ROA not before: Mon 08 Apr 2024 06:22:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15298 (0x3bc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 06:22:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8ACEE6BED48A4207B75BC67C2A4D04C1E33A32BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a7:80:7d:fc:2d:da:de:e4:27:9d:dc:b8:c1:
ca:d0:66:21:89:03:bb:99:ed:b2:2c:cd:4d:38:8a:
9e:a7:34:9f:04:2a:50:b9:9a:d5:a4:09:d6:21:1d:
93:91:6d:a3:76:1a:c9:b0:21:9b:17:3e:28:09:c1:
5e:62:bf:19:39:d9:08:c5:f9:e4:03:5e:ad:93:8e:
9e:a3:0a:66:e8:53:72:23:9e:dc:a5:33:83:8e:ba:
57:5f:31:19:80:76:70:12:9c:a5:ec:74:38:bd:9d:
b4:db:65:28:8a:d0:32:82:80:15:ab:06:99:8d:45:
4c:09:28:3f:07:c1:fd:5e:bd:ca:89:f0:ed:cb:0b:
08:ca:3b:55:1c:4b:dc:11:da:bd:95:b5:e2:7f:10:
8c:9b:60:72:5d:08:b3:21:30:6e:98:91:23:ad:f1:
fd:8c:11:4d:cf:d0:93:b8:b5:74:f3:7a:98:76:cb:
69:8d:34:b7:9c:ec:dc:08:21:3d:da:39:ad:94:eb:
d6:58:04:60:59:3a:5d:46:50:1a:ff:f4:fb:cc:03:
3b:88:8d:52:48:1c:8d:06:5b:9b:82:a6:25:3c:7a:
ec:38:73:66:9e:08:1d:38:b1:94:08:ab:34:0f:d3:
fc:ef:e1:98:77:11:04:28:23:c9:a8:22:23:fe:30:
13:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CE:E6:BE:D4:8A:42:07:B7:5B:C6:7C:2A:4D:04:C1:E3:3A:32:BD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/is7mvtSKQge3W8Z8Kk0EweM6Mr0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:59:37:db:97:79:af:8e:83:f6:23:f0:bf:61:d1:95:5d:49:
6c:bd:6c:6d:fc:45:08:bb:e4:4b:20:5e:9e:ae:ba:c6:ea:7a:
b2:7e:57:f2:30:b0:8b:a8:42:9b:a4:f0:bc:9f:7a:d5:c8:67:
2a:4f:78:3e:d5:d3:0f:db:5f:82:bc:9b:b3:4d:b0:80:79:67:
55:f7:58:e5:59:52:6f:44:d4:e9:78:ba:24:90:11:58:a8:bf:
da:15:d7:68:5a:c1:bf:a6:61:4a:c8:d8:9b:38:89:54:e9:1e:
c7:7f:db:b3:64:3b:41:a0:1b:e0:e4:4e:7f:da:7b:b3:6c:19:
d9:ad:18:d7:3d:6c:97:ea:f2:5a:b5:07:a8:80:87:f6:d8:44:
cf:c8:48:4d:fe:7e:11:99:4b:fe:07:e8:0b:7d:00:4c:ae:0c:
84:2c:2c:27:a3:7d:73:1d:ef:d3:4e:dd:d0:ac:b1:eb:01:c9:
07:35:0a:cd:9c:6a:e5:20:82:51:ae:74:b7:50:82:61:d3:44:
4e:a5:18:f7:24:af:a2:09:f9:a7:d9:5b:66:f7:5d:73:2d:2e:
c6:89:fa:0d:64:0f:d8:8d:0c:c6:f9:57:e4:d6:d7:b5:6f:9c:
57:0f:49:39:34:10:ce:c9:53:fe:ad:19:c2:74:2d:89:a7:6d:
c0:60:5a:a2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICO8IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgw
NjIyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhBQ0VFNkJFRDQ4QTQy
MDdCNzVCQzY3QzJBNEQwNEMxRTMzQTMyQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyp4B9/C3a3uQnndy4wcrQZiGJA7uZ7bIszU04ip6nNJ8EKlC5
mtWkCdYhHZORbaN2GsmwIZsXPigJwV5ivxk52QjF+eQDXq2Tjp6jCmboU3Ijntyl
M4OOuldfMRmAdnASnKXsdDi9nbTbZSiK0DKCgBWrBpmNRUwJKD8Hwf1evcqJ8O3L
CwjKO1UcS9wR2r2VteJ/EIybYHJdCLMhMG6YkSOt8f2MEU3P0JO4tXTzeph2y2mN
NLec7NwIIT3aOa2U69ZYBGBZOl1GUBr/9PvMAzuIjVJIHI0GW5uCpiU8euw4c2ae
CB04sZQIqzQP0/zv4Zh3EQQoI8moIiP+MBPDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUis7mvtSKQge3W8Z8Kk0EweM6Mr0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lzN212dFNLUWdlM1c4
WjhLazBFd2VNNk1yMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAY1k325d5r46D9iPwv2HRlV1JbL1sbfxF
CLvkSyBenq66xup6sn5X8jCwi6hCm6TwvJ961chnKk94PtXTD9tfgrybs02wgHln
VfdY5VlSb0TU6Xi6JJARWKi/2hXXaFrBv6ZhSsjYmziJVOkex3/bs2Q7QaAb4ORO
f9p7s2wZ2a0Y1z1sl+ryWrUHqICH9thEz8hITf5+EZlL/gfoC30ATK4MhCwsJ6N9
cx3v007d0Kyx6wHJBzUKzZxq5SCCUa50t1CCYdNETqUY9ySvogn5p9lbZvddcy0u
xon6DWQP2I0MxvlX5NbXtW+cVw9JOTQQzslT/q0ZwnQtiadtwGBaog==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:35:14 2025 by rpki-client