Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pGIYHX9CijjhDpv4FpfdqQzqoGQ.roa
File: pGIYHX9CijjhDpv4FpfdqQzqoGQ.roa (raw, json)
Hash identifier: xN5GMu4CSmPIvYhPpSOWlhJdJ1umJbitK/hSH3C0B9s=
Subject key identifier: A4:62:18:1D:7F:42:8A:38:E1:0E:9B:F8:16:97:DD:A9:0C:EA:A0:64
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33B6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pGIYHX9CijjhDpv4FpfdqQzqoGQ.roa
Signing time: Thu 28 Mar 2024 12:52:04 +0000
ROA not before: Thu 28 Mar 2024 12:52:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13238 (0x33b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 12:52:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A462181D7F428A38E10E9BF81697DDA90CEAA064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ee:3d:3b:a2:d2:44:62:4c:7e:4d:ad:3e:5a:
aa:d3:d3:f2:89:0c:da:d6:db:05:10:12:0d:84:8e:
98:71:4b:d6:10:5c:ce:e4:80:ea:fb:19:e6:57:6b:
69:ad:9f:aa:fc:1a:9a:be:de:bf:cb:27:37:25:28:
d5:58:a1:66:e5:8d:00:2f:8a:48:6a:7d:15:06:6a:
9d:dd:70:23:8a:72:b7:c5:ee:a6:0c:61:d7:fd:00:
92:1c:85:a3:55:ef:43:67:1a:4e:5f:78:a2:00:c3:
a7:71:d4:eb:70:ff:78:93:0c:f6:12:95:06:f7:42:
a6:b9:1a:92:7a:8e:d5:38:00:e2:c0:08:22:b9:3d:
30:b5:95:9e:f7:88:88:2a:6b:4b:71:8f:98:91:b8:
36:cd:7f:36:69:4c:5c:c8:1c:63:3e:1e:bc:af:34:
05:2c:9f:bc:52:7a:54:79:21:79:1e:ee:b8:57:0d:
49:ff:bc:16:73:56:46:63:98:0d:d5:76:97:c1:45:
63:66:25:31:8b:1b:ea:a6:77:57:02:fc:f0:b9:a0:
22:7f:ae:61:ed:d3:9d:fd:9b:c1:03:66:af:4b:f0:
02:84:48:1d:ba:56:40:1a:c5:38:a0:77:5b:76:b5:
bb:09:71:5f:21:86:1c:eb:da:25:fe:f5:54:db:28:
cc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:62:18:1D:7F:42:8A:38:E1:0E:9B:F8:16:97:DD:A9:0C:EA:A0:64
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pGIYHX9CijjhDpv4FpfdqQzqoGQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:41:b6:34:2d:35:1f:6f:ba:7b:32:ad:a6:8c:da:32:28:84:
3f:f2:95:0d:75:11:03:d1:c6:9f:4d:7a:75:99:cb:67:aa:14:
99:b4:7d:23:e3:16:5e:6b:75:0f:cf:58:d1:6b:22:2e:20:d9:
27:16:c8:6a:43:88:af:e1:24:35:a5:29:8c:37:02:ac:a8:81:
f0:bb:9e:83:d3:37:6b:55:68:56:5b:2b:d7:8f:2a:92:7c:44:
61:0b:28:e3:be:52:f2:20:8d:ab:fd:a2:0c:37:43:ef:eb:3a:
7d:bb:ea:6a:62:a5:10:dc:fa:a8:b0:a5:88:f2:41:32:68:7d:
cf:1b:63:e7:41:4e:7e:69:02:c4:4c:45:17:96:e2:26:f5:07:
f4:e6:b8:e6:e8:19:d7:c8:a7:6a:b2:af:6c:0c:4b:bf:c0:67:
35:43:ff:3a:6e:a7:6e:bc:06:1d:d5:c0:25:41:12:45:65:f2:
ef:11:24:8b:9f:ef:f0:8a:53:14:95:41:91:43:c0:92:a7:0c:
12:eb:6d:55:30:1a:0d:18:25:45:ea:80:0b:41:85:11:d0:ce:
bb:42:90:20:3e:6e:eb:e1:1c:ab:87:27:b9:83:65:a6:9f:ee:
6d:ad:b3:a1:48:7d:6f:15:f5:a3:4f:47:8d:3c:7d:3b:28:25:
22:70:64:86
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICM7YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgx
MjUyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE0NjIxODFEN0Y0MjhB
MzhFMTBFOUJGODE2OTdEREE5MENFQUEwNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX7j07otJEYkx+Ta0+WqrT0/KJDNrW2wUQEg2EjphxS9YQXM7k
gOr7GeZXa2mtn6r8Gpq+3r/LJzclKNVYoWbljQAvikhqfRUGap3dcCOKcrfF7qYM
Ydf9AJIchaNV70NnGk5feKIAw6dx1Otw/3iTDPYSlQb3Qqa5GpJ6jtU4AOLACCK5
PTC1lZ73iIgqa0txj5iRuDbNfzZpTFzIHGM+HryvNAUsn7xSelR5IXke7rhXDUn/
vBZzVkZjmA3VdpfBRWNmJTGLG+qmd1cC/PC5oCJ/rmHt0539m8EDZq9L8AKESB26
VkAaxTigd1t2tbsJcV8hhhzr2iX+9VTbKMxhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUpGIYHX9CijjhDpv4FpfdqQzqoGQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BHSVlIWDlDaWpqaERw
djRGcGZkcVF6cW9HUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAOEG2NC01H2+6ezKtpozaMiiEP/KVDXUR
A9HGn016dZnLZ6oUmbR9I+MWXmt1D89Y0WsiLiDZJxbIakOIr+EkNaUpjDcCrKiB
8Lueg9M3a1VoVlsr148qknxEYQso475S8iCNq/2iDDdD7+s6fbvqamKlENz6qLCl
iPJBMmh9zxtj50FOfmkCxExFF5biJvUH9Oa45ugZ18inarKvbAxLv8BnNUP/Om6n
brwGHdXAJUESRWXy7xEki5/v8IpTFJVBkUPAkqcMEuttVTAaDRglReqAC0GFEdDO
u0KQID5u6+Ecq4cnuYNlpp/uba2zoUh9bxX1o09HjTx9OyglInBkhg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:34 2025 by rpki-client