Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qypC_LrmsCx1H26tjO0PvykOUJo.roa
File: qypC_LrmsCx1H26tjO0PvykOUJo.roa (raw, json)
Hash identifier: esDNYioOF9N3v2Us8m+u4AJJsREBPd2SNvida4EpxMI=
Subject key identifier: AB:2A:42:FC:BA:E6:B0:2C:75:1F:6E:AD:8C:ED:0F:BF:29:0E:50:9A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E96
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qypC_LrmsCx1H26tjO0PvykOUJo.roa
Signing time: Fri 12 Apr 2024 00:52:48 +0000
ROA not before: Fri 12 Apr 2024 00:52:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16022 (0x3e96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 00:52:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AB2A42FCBAE6B02C751F6EAD8CED0FBF290E509A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a0:aa:19:6a:a5:b7:d6:f0:40:9d:c3:38:35:
1d:7b:f5:46:32:e4:e0:0e:8f:e3:39:b4:09:48:be:
fe:1c:56:70:9e:dd:d8:ce:9e:e2:28:41:3d:88:18:
f0:8a:b4:c1:14:70:dd:8d:b7:ac:93:27:e2:61:11:
94:50:ca:bd:0a:48:e8:69:99:fa:27:24:75:9f:54:
a8:e4:57:27:d6:d2:5c:b1:0a:5c:bd:af:c4:d3:20:
56:ec:8f:ed:e6:13:a8:17:ce:d9:a1:f1:fb:46:6d:
96:8b:86:5a:e3:32:b1:55:6e:76:54:67:8b:4a:15:
ef:fc:e8:12:85:e9:db:e8:1b:8b:8c:37:59:84:90:
06:74:b6:96:52:2f:d4:78:b6:90:f9:10:c1:85:4e:
2b:a1:66:22:2f:3b:c7:75:77:f6:25:ee:f7:b1:67:
ea:6a:2b:35:cb:f7:51:6a:d7:f9:31:c2:34:45:fe:
ba:09:ed:44:f6:95:1d:58:28:3d:e3:e8:60:e3:c1:
ce:35:dc:d7:69:5c:38:ad:60:59:70:9a:de:e4:38:
d6:d8:25:63:61:fd:a3:09:39:d8:32:5a:83:f9:25:
2b:35:9e:c4:ee:e1:4a:7e:5a:4e:91:a0:c2:21:20:
f9:bf:6f:64:02:d6:0b:e5:9b:83:ed:49:56:3d:f4:
12:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:2A:42:FC:BA:E6:B0:2C:75:1F:6E:AD:8C:ED:0F:BF:29:0E:50:9A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qypC_LrmsCx1H26tjO0PvykOUJo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:2a:28:04:35:7c:fb:0d:ad:4c:30:83:99:95:e2:e2:84:47:
bb:9c:11:1c:db:d5:78:ae:1d:c0:ae:dd:20:97:85:c6:e3:e8:
84:8a:41:58:c4:96:d4:ab:83:68:b9:28:66:ea:20:07:e7:a9:
32:d7:67:7e:9d:55:fd:fe:49:ff:6d:d8:d2:56:e2:6b:04:50:
c7:c8:be:54:79:32:ec:7e:d7:e1:ed:1b:4a:9c:ca:06:fe:b3:
22:bc:60:25:46:ab:1b:6e:d9:c4:7d:6e:65:6d:12:05:63:58:
30:d5:0a:01:4d:cd:f5:53:b6:b3:8b:08:43:34:de:cf:96:86:
23:cf:79:c0:75:1f:13:12:9a:2c:84:49:a0:17:45:99:17:e7:
32:2d:41:44:13:c9:33:3c:ee:65:fa:9d:24:f8:1c:fc:44:5a:
39:ef:00:ec:16:c7:a8:e1:fe:64:08:e2:a1:ad:e4:fc:30:61:
7a:dd:99:d9:eb:06:c4:bf:ba:90:50:ec:18:a4:96:6b:b9:27:
8b:0b:83:e7:21:9f:1c:ff:84:1f:4d:55:26:12:4f:7f:1f:1d:
14:26:25:ac:45:77:be:39:73:66:23:8b:10:ae:c6:aa:c1:51:
b7:96:8b:eb:f7:a5:74:ed:32:85:4d:d3:af:c9:43:0b:b1:d2:
84:e5:46:3a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPpYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIw
MDUyNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFCMkE0MkZDQkFFNkIw
MkM3NTFGNkVBRDhDRUQwRkJGMjkwRTUwOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWoKoZaqW31vBAncM4NR179UYy5OAOj+M5tAlIvv4cVnCe3djO
nuIoQT2IGPCKtMEUcN2Nt6yTJ+JhEZRQyr0KSOhpmfonJHWfVKjkVyfW0lyxCly9
r8TTIFbsj+3mE6gXztmh8ftGbZaLhlrjMrFVbnZUZ4tKFe/86BKF6dvoG4uMN1mE
kAZ0tpZSL9R4tpD5EMGFTiuhZiIvO8d1d/Yl7vexZ+pqKzXL91Fq1/kxwjRF/roJ
7UT2lR1YKD3j6GDjwc413NdpXDitYFlwmt7kONbYJWNh/aMJOdgyWoP5JSs1nsTu
4Up+Wk6RoMIhIPm/b2QC1gvlm4PtSVY99BJTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqypC/LrmsCx1H26tjO0PvykOUJowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3F5cENfTHJtc0N4MUgy
NnRqTzBQdnlrT1VKby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEARSooBDV8+w2tTDCDmZXi4oRHu5wRHNvV
eK4dwK7dIJeFxuPohIpBWMSW1KuDaLkoZuogB+epMtdnfp1V/f5J/23Y0lbiawRQ
x8i+VHky7H7X4e0bSpzKBv6zIrxgJUarG27ZxH1uZW0SBWNYMNUKAU3N9VO2s4sI
QzTez5aGI895wHUfExKaLIRJoBdFmRfnMi1BRBPJMzzuZfqdJPgc/ERaOe8A7BbH
qOH+ZAjioa3k/DBhet2Z2esGxL+6kFDsGKSWa7kniwuD5yGfHP+EH01VJhJPfx8d
FCYlrEV3vjlzZiOLEK7GqsFRt5aL6/eldO0yhU3Tr8lDC7HShOVGOg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:24 2025 by rpki-client