Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lsBi_TZE6fXZwIc1n0-REVEgdvg.roa
File: lsBi_TZE6fXZwIc1n0-REVEgdvg.roa (raw, json)
Hash identifier: uXnh3xR7wXhgj2XMXzO74k99stj3xNJ7DgAXTJo8ytg=
Subject key identifier: 96:C0:62:FD:36:44:E9:F5:D9:C0:87:35:9F:4F:91:11:51:20:76:F8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4A7E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lsBi_TZE6fXZwIc1n0-REVEgdvg.roa
Signing time: Sat 27 Apr 2024 21:53:28 +0000
ROA not before: Sat 27 Apr 2024 21:53:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19070 (0x4a7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 27 21:53:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=96C062FD3644E9F5D9C087359F4F9111512076F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:48:86:4f:fb:e8:5e:c7:11:5a:94:ac:8d:b4:
50:02:6a:5a:f0:c3:0b:5b:fd:5c:24:af:b8:26:c8:
10:83:38:51:fe:7c:2d:77:b3:6a:d1:18:77:14:a5:
24:b3:18:63:cf:dd:16:9e:7c:96:ec:ae:10:5f:cd:
a5:48:46:51:f2:83:02:2f:e6:8b:73:cb:31:48:42:
96:63:b6:63:ea:1a:c1:28:3e:a0:d0:04:82:83:2f:
e8:f1:10:fd:2a:da:37:75:3f:fb:28:2a:24:59:3e:
ef:3e:05:d2:ce:66:29:18:0b:28:60:f5:6f:8d:72:
03:d7:bb:63:d5:8a:7e:89:81:ed:d8:a1:2a:d7:b5:
98:f2:d4:d8:c7:59:e9:7e:c5:fc:79:d9:13:6d:b1:
8b:b7:08:a1:74:c3:b0:9a:b0:e3:5a:9c:a5:90:35:
aa:d1:3d:f8:b8:fc:a2:cf:cf:a4:b4:a4:4e:a8:03:
c4:ab:72:d8:16:0a:47:15:7d:9e:17:ae:c3:0d:4f:
b1:6a:84:2d:bc:31:c2:93:d2:2b:9b:eb:22:f9:09:
22:5a:03:b6:97:8c:a3:0f:09:2a:59:01:de:83:0c:
f3:17:87:e9:9e:5c:14:6c:46:10:1e:c4:f2:0e:e8:
3d:9d:44:29:49:82:e4:d4:04:25:4b:9a:8d:15:61:
30:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:C0:62:FD:36:44:E9:F5:D9:C0:87:35:9F:4F:91:11:51:20:76:F8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lsBi_TZE6fXZwIc1n0-REVEgdvg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:da:58:7d:cd:6c:9f:db:46:15:77:95:1f:6c:9d:04:ac:d3:
c2:fe:7e:1d:c7:ec:b3:54:4f:0a:3e:3d:e7:ba:c4:af:89:fd:
00:bc:55:5d:f0:bf:ae:f6:7e:32:83:db:d9:5d:52:a8:06:08:
b1:43:2b:41:97:b7:45:cd:26:c9:a6:1d:dd:49:0b:d4:ad:e9:
33:72:c8:e5:9b:f5:78:a2:ce:13:ff:62:a4:c9:35:c3:99:94:
f9:d0:f1:35:35:a9:c8:57:fa:04:ef:c4:e8:4a:fd:c2:3f:cc:
83:66:93:02:5e:fc:52:af:69:f4:e7:de:87:14:ee:e4:ff:ff:
1b:bc:2c:f8:6f:45:da:87:d3:08:41:8e:1a:1d:29:ba:61:ef:
e2:e5:11:47:68:10:8d:7b:4e:52:02:43:4f:41:d6:38:41:d8:
8b:b8:73:b7:6c:9c:6b:af:ba:4d:0d:23:a4:d4:17:a6:a1:20:
e2:c9:8f:b9:9c:a0:6d:65:92:f4:2f:bc:f1:2f:92:0b:85:93:
44:8c:23:57:79:fc:a3:2b:7f:29:87:5d:08:be:bd:0c:24:14:
b4:1f:d8:09:3a:40:c6:dc:3a:69:8f:77:80:c6:dd:6d:be:e6:
77:3a:46:e7:6f:e2:70:08:b1:1a:66:e7:76:de:fa:e8:60:6f:
3c:38:b1:08
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSn4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjcy
MTUzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk2QzA2MkZEMzY0NEU5
RjVEOUMwODczNTlGNEY5MTExNTEyMDc2RjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvSIZP++hexxFalKyNtFACalrwwwtb/Vwkr7gmyBCDOFH+fC13
s2rRGHcUpSSzGGPP3RaefJbsrhBfzaVIRlHygwIv5otzyzFIQpZjtmPqGsEoPqDQ
BIKDL+jxEP0q2jd1P/soKiRZPu8+BdLOZikYCyhg9W+NcgPXu2PVin6Jge3YoSrX
tZjy1NjHWel+xfx52RNtsYu3CKF0w7CasONanKWQNarRPfi4/KLPz6S0pE6oA8Sr
ctgWCkcVfZ4XrsMNT7FqhC28McKT0iub6yL5CSJaA7aXjKMPCSpZAd6DDPMXh+me
XBRsRhAexPIO6D2dRClJguTUBCVLmo0VYTAJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUlsBi/TZE6fXZwIc1n0+REVEgdvgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xzQmlfVFpFNmZYWndJ
YzFuMC1SRVZFZ2R2Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAPdpYfc1sn9tGFXeVH2ydBKzTwv5+Hcfs
s1RPCj4957rEr4n9ALxVXfC/rvZ+MoPb2V1SqAYIsUMrQZe3Rc0myaYd3UkL1K3p
M3LI5Zv1eKLOE/9ipMk1w5mU+dDxNTWpyFf6BO/E6Er9wj/Mg2aTAl78Uq9p9Ofe
hxTu5P//G7ws+G9F2ofTCEGOGh0pumHv4uURR2gQjXtOUgJDT0HWOEHYi7hzt2yc
a6+6TQ0jpNQXpqEg4smPuZygbWWS9C+88S+SC4WTRIwjV3n8oyt/KYddCL69DCQU
tB/YCTpAxtw6aY93gMbdbb7mdzpG52/icAixGmbndt766GBvPDixCA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:29 2025 by rpki-client