Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/m5em7JxkwbOvT4xxs3xyv5RVg4k.roa
File: m5em7JxkwbOvT4xxs3xyv5RVg4k.roa (raw, json)
Hash identifier: nsWVQtQCXhSOdniI9CagJ5GGyNVW/yO+sjkFdNbWJ00=
Subject key identifier: 9B:97:A6:EC:9C:64:C1:B3:AF:4F:8C:71:B3:7C:72:BF:94:55:83:89
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DF2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/m5em7JxkwbOvT4xxs3xyv5RVg4k.roa
Signing time: Thu 11 Apr 2024 04:22:46 +0000
ROA not before: Thu 11 Apr 2024 04:22:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15858 (0x3df2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 04:22:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9B97A6EC9C64C1B3AF4F8C71B37C72BF94558389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a3:d4:e0:fb:a6:d8:10:44:dd:06:f4:4c:58:
7a:d7:e4:f1:2b:19:a4:7e:8c:3c:dd:e7:4d:d0:d3:
8a:60:f8:6b:6c:2a:5e:a4:30:04:7b:d7:1d:5c:94:
6d:4e:6c:b9:d7:e4:a1:c3:67:7a:e6:2e:f7:06:c9:
67:79:c2:93:2e:07:7d:1e:12:f5:17:e2:e2:bc:a2:
46:14:dc:8e:48:1b:66:5a:6f:9f:10:da:d9:82:48:
e8:d5:cb:4c:61:e1:96:a6:a2:04:96:13:27:e9:ce:
ef:8d:0d:b5:4c:9c:f3:4e:93:63:e5:8f:21:8c:d6:
92:17:78:96:e0:8c:29:37:e6:75:11:b9:89:de:65:
7a:9c:38:ef:ca:80:9b:71:ff:06:9f:9d:4b:cd:d7:
9c:85:7b:62:25:85:a6:62:c6:c4:8c:51:3d:7a:93:
80:be:f3:0a:fd:5d:b8:24:53:67:ac:35:63:3a:f9:
08:00:aa:0d:dd:a1:b0:ed:63:ce:19:24:f6:a3:c7:
62:a5:0e:69:6c:69:92:e6:14:b4:cd:2d:57:58:79:
d3:36:e8:10:7c:18:32:e0:80:8a:58:b3:b7:5b:a1:
de:db:14:d1:45:2c:0f:c9:d9:b1:d0:6d:92:24:07:
03:2f:14:31:09:9b:7e:c6:12:7f:d7:db:83:08:61:
c3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:97:A6:EC:9C:64:C1:B3:AF:4F:8C:71:B3:7C:72:BF:94:55:83:89
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/m5em7JxkwbOvT4xxs3xyv5RVg4k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:aa:ff:8e:60:75:a7:4c:11:27:df:f4:28:fe:e5:0f:75:38:
18:9b:5e:90:f8:45:03:d9:20:58:49:6d:ba:3d:59:bf:18:30:
0c:d2:88:78:16:9d:49:7a:60:b0:d2:c9:d2:b6:22:0d:f0:dc:
0d:57:e6:59:84:35:a3:6f:c2:2e:64:09:e9:77:e1:aa:b9:24:
53:e2:a8:3f:61:dd:e7:1a:e7:71:e4:81:9e:19:80:24:74:23:
15:f2:8a:0d:00:05:46:e8:10:a9:dd:3c:12:00:c8:3f:e9:ee:
34:04:e6:cc:94:9f:09:69:68:f2:dd:73:d0:2c:60:02:30:5b:
ae:7b:45:19:b8:26:65:b7:80:5b:3f:86:cd:bb:d2:30:56:ec:
f9:7f:00:a5:c9:87:ad:3d:e5:eb:45:6d:1d:90:81:f5:31:e0:
93:18:4a:63:f5:1c:1c:ba:21:33:52:4c:1b:db:3c:19:c6:a1:
82:02:21:35:89:d4:76:d6:45:e1:54:44:71:00:00:5f:23:b0:
85:fe:af:34:9a:e2:92:5b:b5:ac:26:5a:0b:1b:ef:1f:f3:10:
9f:6d:40:15:48:03:80:aa:57:2a:d3:2b:7f:1b:a4:ed:00:72:
24:0f:14:24:04:41:34:b0:67:ba:87:8e:6b:87:3f:01:cd:0b:
1e:93:8b:f4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPfIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
NDIyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlCOTdBNkVDOUM2NEMx
QjNBRjRGOEM3MUIzN0M3MkJGOTQ1NTgzODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFo9Tg+6bYEETdBvRMWHrX5PErGaR+jDzd503Q04pg+GtsKl6k
MAR71x1clG1ObLnX5KHDZ3rmLvcGyWd5wpMuB30eEvUX4uK8okYU3I5IG2Zab58Q
2tmCSOjVy0xh4ZamogSWEyfpzu+NDbVMnPNOk2PljyGM1pIXeJbgjCk35nURuYne
ZXqcOO/KgJtx/wafnUvN15yFe2IlhaZixsSMUT16k4C+8wr9XbgkU2esNWM6+QgA
qg3dobDtY84ZJPajx2KlDmlsaZLmFLTNLVdYedM26BB8GDLggIpYs7dbod7bFNFF
LA/J2bHQbZIkBwMvFDEJm37GEn/X24MIYcOZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUm5em7JxkwbOvT4xxs3xyv5RVg4kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L201ZW03Snhrd2JPdlQ0
eHhzM3h5djVSVmc0ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEABar/jmB1p0wRJ9/0KP7lD3U4GJtekPhF
A9kgWEltuj1ZvxgwDNKIeBadSXpgsNLJ0rYiDfDcDVfmWYQ1o2/CLmQJ6Xfhqrkk
U+KoP2Hd5xrnceSBnhmAJHQjFfKKDQAFRugQqd08EgDIP+nuNATmzJSfCWlo8t1z
0CxgAjBbrntFGbgmZbeAWz+GzbvSMFbs+X8ApcmHrT3l60VtHZCB9THgkxhKY/Uc
HLohM1JMG9s8GcahggIhNYnUdtZF4VREcQAAXyOwhf6vNJriklu1rCZaCxvvH/MQ
n21AFUgDgKpXKtMrfxuk7QByJA8UJARBNLBnuoeOa4c/Ac0LHpOL9A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:14 2025 by rpki-client