Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qiOuOSzXcZVFWankl_Ke9w-eh78.roa
File: qiOuOSzXcZVFWankl_Ke9w-eh78.roa (raw, json)
Hash identifier: 3Ur91zGiE4oViCW2C/6g3rPXESa3SghHhPBCbzo7WTM=
Subject key identifier: AA:23:AE:39:2C:D7:71:95:45:59:A9:E4:97:F2:9E:F7:0F:9E:87:BF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35A6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qiOuOSzXcZVFWankl_Ke9w-eh78.roa
Signing time: Sun 31 Mar 2024 02:52:10 +0000
ROA not before: Sun 31 Mar 2024 02:52:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13734 (0x35a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 02:52:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AA23AE392CD771954559A9E497F29EF70F9E87BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:13:23:ba:a2:ff:86:2b:e4:4b:fa:a8:b4:b5:
7f:a0:52:36:6d:ad:60:f1:f2:e6:4c:31:b8:4b:28:
24:bd:0e:34:f5:2d:22:97:13:fd:5d:4a:0c:3c:44:
76:2e:da:03:13:40:4e:24:02:f3:1d:0d:e8:f1:b3:
1a:55:95:68:35:5f:f4:44:0a:03:d4:3c:ad:50:7f:
02:94:64:6f:46:b7:48:4b:7e:f1:dc:c3:bd:27:2f:
67:4b:b7:e9:d9:cc:48:03:f6:3e:8c:6d:04:b3:d2:
1f:7e:78:ec:59:d6:d8:71:40:e0:9c:94:ed:e3:30:
aa:83:6a:0f:bd:81:67:fb:52:07:ed:86:20:28:19:
0d:a8:c3:bc:d0:14:65:09:f7:8d:c8:bb:24:06:a9:
7e:d0:6a:4f:e4:51:cf:bf:85:c2:9d:91:14:a7:af:
f1:de:25:bc:51:3f:b5:ee:e7:29:b6:22:3b:64:68:
53:7b:0d:be:eb:8e:39:d1:48:b6:62:65:30:07:ce:
52:76:18:55:ca:24:b8:8c:ae:6d:f8:f4:76:7b:85:
c5:f5:bc:83:56:43:67:e5:38:81:ea:1c:c0:e7:a7:
6b:9d:6a:70:9c:46:2f:21:34:dd:16:9b:b2:65:aa:
38:14:86:f5:00:b6:df:e5:11:07:a1:2e:0d:b7:8e:
37:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:23:AE:39:2C:D7:71:95:45:59:A9:E4:97:F2:9E:F7:0F:9E:87:BF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qiOuOSzXcZVFWankl_Ke9w-eh78.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9a:30:dd:6b:61:00:bb:9b:e8:49:42:b4:0e:63:bd:ad:84:ee:
2e:09:c5:12:70:3a:16:95:1e:d6:1f:04:a4:5b:63:d8:6e:d9:
dd:bd:8f:ec:7a:9b:ef:13:39:55:96:3b:94:8a:7f:c1:46:56:
2e:19:99:d7:3a:7c:df:07:33:87:a4:a4:ee:b0:70:5b:e5:6f:
80:34:4a:49:f6:94:97:f3:d5:68:92:25:2c:11:69:42:1a:81:
32:75:24:dd:31:eb:3a:3f:86:7e:98:6e:ab:dc:7b:f4:47:c9:
3d:6b:76:e8:ff:d0:1b:fc:63:04:aa:31:1d:aa:55:4a:c4:de:
ea:1b:8e:d1:e8:da:1f:70:d3:50:5f:4f:fb:43:7c:72:50:ff:
60:c2:fd:b6:f3:c5:53:c6:6b:e8:4b:66:a9:cd:8c:16:e1:7e:
1b:f3:5c:e5:07:e1:e6:6a:3b:88:38:28:01:2e:72:b2:c1:46:
1e:4a:08:cb:55:1d:22:ed:32:c4:99:06:40:22:0f:13:1f:79:
45:0f:9b:63:8e:ec:e4:81:b7:20:0b:a3:f4:5e:9d:3e:d8:84:
d6:9e:0d:8f:11:e1:a6:f0:09:80:97:4e:8f:a2:dc:02:9e:00:
b1:fb:61:eb:c6:58:e8:4c:a4:35:ca:0c:32:ce:e5:1a:0d:a8:
42:4d:74:19
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNaYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
MjUyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFBMjNBRTM5MkNENzcx
OTU0NTU5QTlFNDk3RjI5RUY3MEY5RTg3QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9EyO6ov+GK+RL+qi0tX+gUjZtrWDx8uZMMbhLKCS9DjT1LSKX
E/1dSgw8RHYu2gMTQE4kAvMdDejxsxpVlWg1X/RECgPUPK1QfwKUZG9Gt0hLfvHc
w70nL2dLt+nZzEgD9j6MbQSz0h9+eOxZ1thxQOCclO3jMKqDag+9gWf7UgfthiAo
GQ2ow7zQFGUJ943IuyQGqX7Qak/kUc+/hcKdkRSnr/HeJbxRP7Xu5ym2IjtkaFN7
Db7rjjnRSLZiZTAHzlJ2GFXKJLiMrm349HZ7hcX1vINWQ2flOIHqHMDnp2udanCc
Ri8hNN0Wm7JlqjgUhvUAtt/lEQehLg23jjdFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqiOuOSzXcZVFWankl/Ke9w+eh78wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3FpT3VPU3pYY1pWRldh
bmtsX0tlOXctZWg3OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAmjDda2EAu5voSUK0DmO9rYTuLgnFEnA6
FpUe1h8EpFtj2G7Z3b2P7Hqb7xM5VZY7lIp/wUZWLhmZ1zp83wczh6Sk7rBwW+Vv
gDRKSfaUl/PVaJIlLBFpQhqBMnUk3THrOj+Gfphuq9x79EfJPWt26P/QG/xjBKox
HapVSsTe6huO0ejaH3DTUF9P+0N8clD/YML9tvPFU8Zr6Etmqc2MFuF+G/Nc5Qfh
5mo7iDgoAS5yssFGHkoIy1UdIu0yxJkGQCIPEx95RQ+bY47s5IG3IAuj9F6dPtiE
1p4NjxHhpvAJgJdOj6LcAp4Asfth68ZY6EykNcoMMs7lGg2oQk10GQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:39 2025 by rpki-client