Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jydrSHNyqdbvRbKVZff-5peJIbA.roa
File: jydrSHNyqdbvRbKVZff-5peJIbA.roa (raw, json)
Hash identifier: /J0v+Y4kt64e3rS5z2KD/4Ll0j9tw/dVp9kFM7ELmEg=
Subject key identifier: 8F:27:6B:48:73:72:A9:D6:EF:45:B2:95:65:F7:FE:E6:97:89:21:B0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4062
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jydrSHNyqdbvRbKVZff-5peJIbA.roa
Signing time: Sun 14 Apr 2024 10:22:57 +0000
ROA not before: Sun 14 Apr 2024 10:22:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16482 (0x4062)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 10:22:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8F276B487372A9D6EF45B29565F7FEE6978921B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e6:e7:d2:d1:23:a0:f3:0a:72:3c:f6:78:1d:
7a:10:ab:a6:82:29:44:0a:c7:52:ef:a2:67:57:43:
2a:61:ae:3b:7d:91:7a:08:f9:2e:08:9a:3d:3d:6e:
47:80:ad:46:f5:cf:0a:3c:e7:e1:b5:96:ba:a6:eb:
5a:70:02:de:f5:25:df:de:40:6b:b5:9c:e9:30:87:
d9:f2:8f:56:21:f7:9f:30:a3:a4:66:3d:2d:ea:dd:
f9:9d:2b:f8:cc:5f:37:5e:9c:71:9b:a0:0b:6f:6a:
14:16:36:67:c1:8e:2a:2c:55:3d:92:06:9c:8e:6d:
4f:6c:30:f3:de:e4:5b:10:bd:78:de:53:ff:50:63:
0a:41:18:58:25:4d:21:8f:3f:31:76:f3:da:61:92:
b2:5c:2f:fd:d6:65:67:77:1c:b5:22:c2:ae:af:d5:
36:76:e2:7e:f3:3d:c8:c5:2e:9f:8b:d6:ed:3e:7a:
88:78:9d:7b:0a:fb:a9:39:c1:de:e6:10:78:64:60:
e1:47:70:6e:1e:7e:91:8e:b3:43:bd:c8:88:7d:e7:
8c:b2:57:af:9d:52:70:33:d2:4c:74:f4:87:80:d1:
55:86:24:7c:08:c2:dd:bd:88:75:73:99:3d:18:52:
ea:ce:f8:fe:6f:b9:79:67:70:e3:d5:ae:d0:cf:0f:
8a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:27:6B:48:73:72:A9:D6:EF:45:B2:95:65:F7:FE:E6:97:89:21:B0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jydrSHNyqdbvRbKVZff-5peJIbA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
10:40:36:e1:9c:85:5e:8c:27:db:42:db:8b:6e:e5:29:53:a4:
3a:ac:e4:cc:e2:27:27:1a:0c:94:a8:d3:22:b7:2a:69:13:fe:
25:73:f9:d5:af:2b:83:8a:29:0a:84:0a:69:2c:87:c6:72:9d:
d6:29:e2:82:40:88:49:ee:6a:2f:a6:d4:a4:96:59:e7:e4:da:
c9:78:19:da:f2:38:8e:3c:bc:b7:6c:ea:5f:16:40:9c:30:ac:
1a:45:84:4d:03:c6:09:72:0a:37:f2:68:79:d7:bf:34:03:8b:
c5:88:b9:95:2f:ce:d6:8d:07:b0:60:03:48:f8:db:3a:51:db:
8e:5b:b7:7e:92:56:64:06:3d:10:5b:c4:ed:cb:36:74:6e:a7:
92:43:79:1f:a4:64:fe:9e:fc:6a:87:c8:c5:c3:de:60:a6:78:
19:24:26:80:15:d9:e4:58:46:b6:e9:d2:41:50:7d:20:3d:2c:
20:b7:ea:89:c5:25:fb:6c:a8:06:6e:1f:98:19:7b:3f:80:e8:
c3:f0:69:03:a6:b4:e2:ac:a2:bd:b7:12:68:19:de:77:a6:50:
66:03:e9:af:07:74:a2:5b:f2:1c:f7:3f:2b:20:f7:59:30:e4:
a7:9a:25:9e:79:46:0d:f1:d6:77:ba:4a:98:3c:c9:d8:ef:59:
1c:8c:68:12
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQGIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
MDIyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhGMjc2QjQ4NzM3MkE5
RDZFRjQ1QjI5NTY1RjdGRUU2OTc4OTIxQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC15ufS0SOg8wpyPPZ4HXoQq6aCKUQKx1LvomdXQyphrjt9kXoI
+S4Imj09bkeArUb1zwo85+G1lrqm61pwAt71Jd/eQGu1nOkwh9nyj1Yh958wo6Rm
PS3q3fmdK/jMXzdenHGboAtvahQWNmfBjiosVT2SBpyObU9sMPPe5FsQvXjeU/9Q
YwpBGFglTSGPPzF289phkrJcL/3WZWd3HLUiwq6v1TZ24n7zPcjFLp+L1u0+eoh4
nXsK+6k5wd7mEHhkYOFHcG4efpGOs0O9yIh954yyV6+dUnAz0kx09IeA0VWGJHwI
wt29iHVzmT0YUurO+P5vuXlncOPVrtDPD4r1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUjydrSHNyqdbvRbKVZff+5peJIbAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2p5ZHJTSE55cWRidlJi
S1ZaZmYtNXBlSkliQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAEEA24ZyFXown20Lbi27lKVOkOqzkzOIn
JxoMlKjTIrcqaRP+JXP51a8rg4opCoQKaSyHxnKd1inigkCISe5qL6bUpJZZ5+Ta
yXgZ2vI4jjy8t2zqXxZAnDCsGkWETQPGCXIKN/Joede/NAOLxYi5lS/O1o0HsGAD
SPjbOlHbjlu3fpJWZAY9EFvE7cs2dG6nkkN5H6Rk/p78aofIxcPeYKZ4GSQmgBXZ
5FhGtunSQVB9ID0sILfqicUl+2yoBm4fmBl7P4Dow/BpA6a04qyivbcSaBned6ZQ
ZgPprwd0olvyHPc/KyD3WTDkp5olnnlGDfHWd7pKmDzJ2O9ZHIxoEg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:35 2025 by rpki-client