Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/q9budQy3JHyERoNYdgabqU_aXe0.roa
File: q9budQy3JHyERoNYdgabqU_aXe0.roa (raw, json)
Hash identifier: HJxgOr3UZIxRJyxv0gJrGJeuzNAAL1iw1iVUmYe/lp8=
Subject key identifier: AB:D6:EE:75:0C:B7:24:7C:84:46:83:58:76:06:9B:A9:4F:DA:5D:ED
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3802
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/q9budQy3JHyERoNYdgabqU_aXe0.roa
Signing time: Wed 03 Apr 2024 06:22:17 +0000
ROA not before: Wed 03 Apr 2024 06:22:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14338 (0x3802)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 06:22:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ABD6EE750CB7247C8446835876069BA94FDA5DED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:43:0c:a2:54:6e:94:1d:28:29:e0:8a:95:13:
2a:ee:d4:99:5c:71:b3:e2:8e:20:26:43:a1:16:03:
6b:6d:b9:f8:9d:d4:f8:85:e0:9d:1e:1b:73:28:31:
bf:c6:dc:f4:08:55:0a:d5:6c:eb:8c:42:4e:55:8c:
bf:20:d8:76:c6:f4:55:af:16:18:a3:88:fd:c7:de:
f1:1b:54:c7:48:2b:9e:1a:5b:f9:85:79:50:3a:bc:
3e:ed:9a:72:8f:f3:b5:e5:94:30:cf:4f:9a:14:49:
0d:79:da:8d:66:0d:d4:fd:41:77:b9:17:69:5e:d4:
6a:c3:66:73:17:32:0a:27:56:7b:5d:73:07:b1:0c:
0d:e3:7f:39:3f:99:c7:00:c5:2e:f6:97:0e:6e:a3:
f3:a6:f2:bf:d7:76:af:80:31:5c:0f:7a:ca:75:7e:
de:e7:0b:dc:d2:26:83:57:98:75:07:4e:31:f6:ac:
7c:ce:26:85:c2:7f:00:bd:5d:9e:7f:79:4d:2d:8d:
64:76:e8:3d:9c:23:b7:bd:a1:bc:99:52:0a:ab:c0:
00:05:08:42:9e:7b:77:d8:89:eb:64:32:ac:3c:26:
25:02:7a:87:74:63:60:2e:8e:a5:36:86:3c:98:d0:
36:05:5c:d2:a3:db:26:4b:15:50:2b:2b:c7:62:90:
ff:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D6:EE:75:0C:B7:24:7C:84:46:83:58:76:06:9B:A9:4F:DA:5D:ED
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/q9budQy3JHyERoNYdgabqU_aXe0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:58:3a:4e:aa:a1:c8:dc:23:14:d1:08:a5:c4:75:a4:6d:4d:
74:b5:f7:f9:47:f4:78:99:88:d0:e5:c7:58:8c:d4:7b:e2:98:
08:80:69:37:11:71:ae:c9:77:1d:8e:47:2b:e8:5a:7c:fe:a4:
25:88:f7:70:c6:b2:d1:3d:75:e7:46:b9:60:66:84:4f:fa:7c:
4d:39:48:a4:2d:84:33:3f:e7:fe:c4:da:5f:6c:8f:97:c5:43:
f4:bf:e6:6b:62:2d:de:9d:37:81:ea:46:53:0c:7a:89:e9:9a:
a0:cc:37:77:63:3e:da:1f:de:15:f0:8c:49:ac:c3:f5:52:73:
09:53:81:bb:04:93:bc:8c:60:d8:48:a7:1e:6c:94:3c:94:4b:
43:72:59:2f:02:de:ac:77:18:0b:9c:16:87:74:80:a1:c6:ea:
60:4f:1b:c6:ed:49:8b:67:eb:37:6f:7c:ae:13:b8:1b:d5:a8:
89:df:cd:52:fc:bf:7a:73:9b:47:92:d9:21:b7:8c:2e:b5:e1:
9e:d6:8e:1a:95:7c:1a:c7:f6:8b:6d:bc:50:03:7b:57:c0:97:
3f:ca:51:b8:f3:26:30:69:0c:f0:d8:e1:cb:fe:8b:bf:62:05:
89:ac:94:b9:d4:a0:cb:3c:c0:84:cd:6b:62:d8:f8:01:72:0e:
0a:ff:0f:27
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOAIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
NjIyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFCRDZFRTc1MENCNzI0
N0M4NDQ2ODM1ODc2MDY5QkE5NEZEQTVERUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOQwyiVG6UHSgp4IqVEyru1JlccbPijiAmQ6EWA2ttufid1PiF
4J0eG3MoMb/G3PQIVQrVbOuMQk5VjL8g2HbG9FWvFhijiP3H3vEbVMdIK54aW/mF
eVA6vD7tmnKP87XllDDPT5oUSQ152o1mDdT9QXe5F2le1GrDZnMXMgonVntdcwex
DA3jfzk/mccAxS72lw5uo/Om8r/Xdq+AMVwPesp1ft7nC9zSJoNXmHUHTjH2rHzO
JoXCfwC9XZ5/eU0tjWR26D2cI7e9obyZUgqrwAAFCEKee3fYietkMqw8JiUCeod0
Y2AujqU2hjyY0DYFXNKj2yZLFVArK8dikP/dAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUq9budQy3JHyERoNYdgabqU/aXe0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3E5YnVkUXkzSkh5RVJv
TllkZ2FicVVfYVhlMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAk1g6TqqhyNwjFNEIpcR1pG1NdLX3+Uf0
eJmI0OXHWIzUe+KYCIBpNxFxrsl3HY5HK+hafP6kJYj3cMay0T1150a5YGaET/p8
TTlIpC2EMz/n/sTaX2yPl8VD9L/ma2It3p03gepGUwx6iemaoMw3d2M+2h/eFfCM
SazD9VJzCVOBuwSTvIxg2EinHmyUPJRLQ3JZLwLerHcYC5wWh3SAocbqYE8bxu1J
i2frN298rhO4G9Woid/NUvy/enObR5LZIbeMLrXhntaOGpV8Gsf2i228UAN7V8CX
P8pRuPMmMGkM8Njhy/6Lv2IFiayUudSgyzzAhM1rYtj4AXIOCv8PJw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:57 2025 by rpki-client