Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qnp43yvpTec_aTcwNBww-uWkwv8.roa
File: qnp43yvpTec_aTcwNBww-uWkwv8.roa (raw, json)
Hash identifier: lSEXILpJmzPqgp6Dp/JETYSqKDwDp3wMhB8okMbI37c=
Subject key identifier: AA:7A:78:DF:2B:E9:4D:E7:3F:69:37:30:34:1C:30:FA:E5:A4:C2:FF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4ABE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qnp43yvpTec_aTcwNBww-uWkwv8.roa
Signing time: Sun 28 Apr 2024 05:53:24 +0000
ROA not before: Sun 28 Apr 2024 05:53:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19134 (0x4abe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 05:53:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AA7A78DF2BE94DE73F693730341C30FAE5A4C2FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2b:5b:2f:4b:51:1d:7b:e9:a4:3d:0d:70:fc:
f1:fa:da:d5:5e:00:4a:31:cd:f4:32:76:4d:1b:9b:
f2:69:9d:d5:83:34:c0:b8:db:39:ef:81:2a:5a:7b:
21:cc:5c:9f:19:ce:94:9e:1a:4a:69:50:d6:78:24:
ce:4f:c2:7e:db:f2:2c:3e:0e:d6:d5:60:a7:7a:80:
fd:e4:8a:a1:c2:e4:97:27:8c:9c:96:48:ee:c3:a6:
0f:9c:8c:9c:e6:2c:32:98:a4:0e:c0:fa:cc:b6:ad:
62:3a:43:2d:56:69:10:69:a0:b2:90:53:a1:17:75:
6d:b9:05:f8:8f:40:5d:31:65:f6:6a:fc:d1:50:03:
79:d8:5f:9a:a4:12:8c:9c:74:73:60:bc:45:2a:05:
fe:72:f6:67:6b:fc:1f:76:5a:2c:c3:4b:f0:0e:8c:
84:f7:d8:fb:27:fd:58:80:11:6c:a6:a3:1e:03:2f:
c2:5f:b0:f2:24:6e:92:3a:b7:3e:4d:9a:dc:e0:71:
b3:c4:e6:89:cc:92:4f:c4:7a:4c:d9:70:69:c3:6f:
91:57:c8:89:d0:34:59:fc:65:13:97:34:23:be:ac:
80:71:67:8e:25:3f:38:d7:36:18:f7:da:c9:cf:95:
6a:62:7d:69:3f:ce:ed:a2:5f:ba:a0:a6:57:ad:aa:
fe:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:7A:78:DF:2B:E9:4D:E7:3F:69:37:30:34:1C:30:FA:E5:A4:C2:FF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qnp43yvpTec_aTcwNBww-uWkwv8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4e:11:0e:3b:21:d3:50:9a:4e:34:62:86:d2:5f:15:8e:dc:41:
57:c0:01:51:3a:a3:3a:22:86:f4:ca:cd:14:fa:6f:40:1b:db:
b0:b6:3a:4d:f8:65:52:5d:41:6c:b5:62:ed:0b:e3:13:4e:d2:
19:0b:b5:71:84:78:8c:4c:04:c7:7e:07:ce:45:81:a5:da:54:
5f:33:92:a7:fa:43:f3:5e:2e:77:61:65:a0:0b:0d:cd:2b:61:
43:7f:42:cb:9d:3e:49:15:ad:7f:a0:05:c1:cf:c1:f1:a2:e6:
1d:c7:be:c3:16:20:3f:e0:29:0b:2b:30:c6:db:28:c2:34:0f:
c4:ed:9c:14:1e:f6:6b:cd:79:4c:26:4c:88:74:24:e4:24:cc:
47:e4:8d:bb:62:b9:c1:60:5b:b9:fd:07:55:61:b8:3d:61:f6:
17:b4:ea:5c:80:95:2b:db:b6:c2:08:ab:21:82:83:0c:2d:ad:
13:34:d0:62:56:4a:73:25:d0:05:bc:3c:b2:c9:c0:8a:94:f6:
c4:87:90:aa:98:f1:5d:2c:4d:dd:c3:1f:06:db:8a:94:54:1d:
55:b7:b6:7f:de:35:24:1c:ef:e2:eb:75:e3:c1:88:75:10:f7:
43:73:2d:74:68:ee:99:0d:26:91:74:03:19:81:98:f9:e0:6a:
92:63:f6:1e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSr4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgw
NTUzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFBN0E3OERGMkJFOTRE
RTczRjY5MzczMDM0MUMzMEZBRTVBNEMyRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAK1svS1Ede+mkPQ1w/PH62tVeAEoxzfQydk0bm/JpndWDNMC4
2znvgSpaeyHMXJ8ZzpSeGkppUNZ4JM5Pwn7b8iw+DtbVYKd6gP3kiqHC5JcnjJyW
SO7Dpg+cjJzmLDKYpA7A+sy2rWI6Qy1WaRBpoLKQU6EXdW25BfiPQF0xZfZq/NFQ
A3nYX5qkEoycdHNgvEUqBf5y9mdr/B92WizDS/AOjIT32Psn/ViAEWymox4DL8Jf
sPIkbpI6tz5NmtzgcbPE5onMkk/EekzZcGnDb5FXyInQNFn8ZROXNCO+rIBxZ44l
PzjXNhj32snPlWpifWk/zu2iX7qgpletqv7lAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqnp43yvpTec/aTcwNBww+uWkwv8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3FucDQzeXZwVGVjX2FU
Y3dOQnd3LXVXa3d2OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAThEOOyHTUJpONGKG0l8VjtxBV8ABUTqj
OiKG9MrNFPpvQBvbsLY6TfhlUl1BbLVi7QvjE07SGQu1cYR4jEwEx34HzkWBpdpU
XzOSp/pD814ud2FloAsNzSthQ39Cy50+SRWtf6AFwc/B8aLmHce+wxYgP+ApCysw
xtsowjQPxO2cFB72a815TCZMiHQk5CTMR+SNu2K5wWBbuf0HVWG4PWH2F7TqXICV
K9u2wgirIYKDDC2tEzTQYlZKcyXQBbw8ssnAipT2xIeQqpjxXSxN3cMfBtuKlFQd
Vbe2f941JBzv4ut148GIdRD3Q3MtdGjumQ0mkXQDGYGY+eBqkmP2Hg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:49 2025 by rpki-client