Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qN8Xa35zLElYLhdHfoxxleZeFbg.roa
File: qN8Xa35zLElYLhdHfoxxleZeFbg.roa (raw, json)
Hash identifier: KPDqzh9/MaZeH3JA5uK+fI5HcVSCADf0ly7+G6nAiE4=
Subject key identifier: A8:DF:17:6B:7E:73:2C:49:58:2E:17:47:7E:8C:71:95:E6:5E:15:B8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43D2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qN8Xa35zLElYLhdHfoxxleZeFbg.roa
Signing time: Fri 19 Apr 2024 00:23:01 +0000
ROA not before: Fri 19 Apr 2024 00:23:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17362 (0x43d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 00:23:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A8DF176B7E732C49582E17477E8C7195E65E15B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bf:5d:b4:db:4b:ad:2c:61:d7:65:99:04:4e:
98:f0:33:84:2b:32:72:89:d8:ef:fa:9c:9a:53:35:
16:6a:19:f1:a4:1e:28:7c:86:97:83:a3:a8:c7:11:
0f:9c:50:e9:5f:ac:c5:c7:fc:0c:2c:b7:bb:47:9d:
10:6c:56:ce:1d:87:65:ca:37:9b:dc:e5:bf:ab:06:
f5:23:eb:7c:e4:11:7e:68:ed:0d:94:86:6e:69:ed:
ea:5a:d1:8d:5e:b4:1c:2b:28:5b:43:7e:f4:78:68:
33:21:ba:62:6c:6c:61:fe:31:7e:b9:7f:9a:5c:56:
9a:0d:6c:09:c2:d1:9c:4c:8a:28:f7:a2:e4:9a:3b:
dc:9f:5c:b4:66:f8:f3:59:42:2e:d6:b4:87:93:70:
76:56:ee:bf:56:69:f5:45:f7:a9:cb:57:c5:6b:d3:
17:bb:3b:30:32:6c:c9:41:98:6a:ec:9c:a6:17:e1:
76:25:2e:81:73:5c:27:04:ef:b0:0c:6c:38:45:c6:
75:e8:6a:57:c9:e3:a5:64:b3:48:74:67:01:32:76:
c6:fc:04:02:55:8d:f5:ed:9a:2c:74:51:d0:da:16:
86:33:3c:5b:f9:5a:9e:26:a7:b9:84:3e:5c:68:df:
b1:f4:32:49:a0:44:a2:76:a8:4d:88:45:30:80:fd:
77:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DF:17:6B:7E:73:2C:49:58:2E:17:47:7E:8C:71:95:E6:5E:15:B8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qN8Xa35zLElYLhdHfoxxleZeFbg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:d0:b7:d8:a3:ed:70:71:9f:e1:79:b1:df:53:e2:00:16:da:
b7:9a:e5:4c:d1:53:f7:c6:03:93:5e:4d:68:8a:52:93:8c:26:
cf:54:05:dd:9a:82:84:0e:15:7f:6a:70:a1:0a:04:ac:99:0a:
71:67:34:99:d2:22:d9:9f:40:b7:a4:f9:ad:f6:18:f9:00:89:
06:44:f3:41:8c:9a:8e:42:bb:e7:2c:db:99:c8:78:38:6b:99:
f2:ee:a5:27:2f:48:69:3f:45:2e:5c:6f:d1:5d:d9:8c:64:cc:
fd:7c:ef:16:db:be:f3:01:ce:7e:bb:d7:3f:3d:46:0a:41:e5:
f4:2d:4c:ca:e7:51:ec:f9:a3:de:29:a4:d1:93:e6:46:0b:cc:
be:b5:cf:e6:46:03:bc:47:84:41:cc:38:6c:8f:a0:35:0b:4b:
72:60:b5:61:5a:96:ab:6c:73:27:4d:77:e7:e3:54:96:df:3a:
41:9b:25:69:b3:ad:3f:8e:79:9a:dc:20:db:1f:d4:9b:80:1f:
4d:2a:09:92:77:ea:f6:ce:bb:a3:7a:19:c4:b2:87:a2:91:e7:
ec:39:9a:18:22:01:35:d4:e6:0d:eb:82:74:53:85:ab:7d:dd:
05:15:38:ba:7d:b7:be:ea:1a:d0:f6:00:2f:b1:d7:2a:51:97:
58:e3:ba:a1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ9IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
MDIzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE4REYxNzZCN0U3MzJD
NDk1ODJFMTc0NzdFOEM3MTk1RTY1RTE1QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNv12020utLGHXZZkETpjwM4QrMnKJ2O/6nJpTNRZqGfGkHih8
hpeDo6jHEQ+cUOlfrMXH/Awst7tHnRBsVs4dh2XKN5vc5b+rBvUj63zkEX5o7Q2U
hm5p7epa0Y1etBwrKFtDfvR4aDMhumJsbGH+MX65f5pcVpoNbAnC0ZxMiij3ouSa
O9yfXLRm+PNZQi7WtIeTcHZW7r9WafVF96nLV8Vr0xe7OzAybMlBmGrsnKYX4XYl
LoFzXCcE77AMbDhFxnXoalfJ46Vks0h0ZwEydsb8BAJVjfXtmix0UdDaFoYzPFv5
Wp4mp7mEPlxo37H0MkmgRKJ2qE2IRTCA/XfnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqN8Xa35zLElYLhdHfoxxleZeFbgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3FOOFhhMzV6TEVsWUxo
ZEhmb3h4bGVaZUZiZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAcNC32KPtcHGf4Xmx31PiABbat5rlTNFT
98YDk15NaIpSk4wmz1QF3ZqChA4Vf2pwoQoErJkKcWc0mdIi2Z9At6T5rfYY+QCJ
BkTzQYyajkK75yzbmch4OGuZ8u6lJy9IaT9FLlxv0V3ZjGTM/XzvFtu+8wHOfrvX
Pz1GCkHl9C1MyudR7Pmj3imk0ZPmRgvMvrXP5kYDvEeEQcw4bI+gNQtLcmC1YVqW
q2xzJ0135+NUlt86QZslabOtP455mtwg2x/Um4AfTSoJknfq9s67o3oZxLKHopHn
7DmaGCIBNdTmDeuCdFOFq33dBRU4un23vuoa0PYAL7HXKlGXWOO6oQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:00 2025 by rpki-client