Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rKmIBoiXzwZQ4-5z6WVGtsDcq68.roa
File: rKmIBoiXzwZQ4-5z6WVGtsDcq68.roa (raw, json)
Hash identifier: tfYErTTOS8JkI49ZK7ODqeGYcC9xNSh0KnhydE+yijI=
Subject key identifier: AC:A9:88:06:88:97:CF:06:50:E3:EE:73:E9:65:46:B6:C0:DC:AB:AF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DC2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rKmIBoiXzwZQ4-5z6WVGtsDcq68.roa
Signing time: Wed 10 Apr 2024 22:22:47 +0000
ROA not before: Wed 10 Apr 2024 22:22:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15810 (0x3dc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 22:22:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ACA988068897CF0650E3EE73E96546B6C0DCABAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c0:74:d3:70:b9:f8:36:69:b2:c7:ad:33:57:
ed:27:84:d3:25:4b:68:fc:ef:ac:f6:b1:83:8b:2c:
c7:60:f4:ed:ec:83:db:f8:c6:0b:3d:ac:47:f6:ab:
50:a1:a1:f7:cc:a3:08:5e:2e:f9:5f:12:06:5c:65:
4c:93:98:6b:3f:7a:77:68:90:e3:36:78:4c:7d:79:
de:62:b6:5a:c9:a6:8f:8f:b5:1a:aa:4d:0b:a4:e7:
f7:e4:19:bd:a2:aa:f5:f1:03:a1:f9:f7:49:88:74:
f4:ee:24:0e:29:5a:19:1d:34:f5:8e:f5:ac:70:e3:
64:5f:5e:3b:f9:86:71:93:f6:b1:3c:b0:7b:23:b0:
c6:47:b3:92:31:74:27:2f:e7:02:a3:a4:a6:63:0b:
29:a1:0d:27:b8:96:2c:45:dc:f5:d2:e0:c0:5e:79:
e7:fc:de:67:33:07:4d:ff:f0:44:17:02:2c:ad:c6:
21:00:77:f3:0b:d2:03:b6:60:ca:c7:88:aa:9a:d7:
2c:ae:a4:c7:bf:ef:8b:0f:7c:5a:6a:d4:3c:26:71:
52:45:d2:86:0f:ee:8f:b8:8e:d8:49:ce:ed:88:fc:
cd:24:84:5e:49:b7:ec:be:e3:85:ce:04:cd:28:40:
f6:44:e1:16:9c:7f:7a:4f:2f:ab:68:33:0a:11:ff:
f6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A9:88:06:88:97:CF:06:50:E3:EE:73:E9:65:46:B6:C0:DC:AB:AF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rKmIBoiXzwZQ4-5z6WVGtsDcq68.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:36:69:de:e0:69:88:c6:c7:58:46:54:0b:d8:3c:b1:c4:ac:
60:20:42:9d:87:ff:e4:15:15:cd:91:fe:b6:b4:74:a0:0f:cd:
20:a6:8f:ce:b2:4f:0f:16:1b:f1:ce:e1:1d:e4:cd:a3:22:12:
26:1d:dc:9a:97:1f:7d:0f:51:09:af:bb:bb:23:ce:de:b2:dc:
24:e7:af:b3:9c:9a:d5:8f:b2:33:fb:6e:99:ad:13:b8:36:c7:
3d:07:cb:16:43:60:0b:c1:67:88:4b:2c:f6:24:fb:44:3f:32:
36:ca:c4:ce:7d:4b:4f:53:d8:6d:94:80:57:3e:8b:40:fd:13:
e9:eb:4f:52:8d:34:02:1d:84:35:16:6a:8a:df:ac:00:16:07:
ef:00:07:60:aa:70:86:23:97:ee:53:ee:9d:49:57:81:86:e7:
30:8b:ab:9c:08:2e:41:9e:d5:98:a6:64:25:4d:2a:2b:bd:56:
ef:5a:2c:2a:fe:8d:49:03:a3:07:10:2c:da:39:95:29:48:db:
a4:14:5f:92:15:78:e7:62:66:0d:8b:d6:2d:96:a5:61:2a:53:
ca:09:5c:b2:cd:ea:11:24:61:b5:fa:24:31:44:ca:b7:e3:bc:
df:d8:4d:43:8f:7e:a5:f2:03:08:8a:b7:f0:ee:3f:e9:0c:df:
4f:6d:a1:8a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPcIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAy
MjIyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFDQTk4ODA2ODg5N0NG
MDY1MEUzRUU3M0U5NjU0NkI2QzBEQ0FCQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1wHTTcLn4Nmmyx60zV+0nhNMlS2j876z2sYOLLMdg9O3sg9v4
xgs9rEf2q1ChoffMowheLvlfEgZcZUyTmGs/endokOM2eEx9ed5itlrJpo+PtRqq
TQuk5/fkGb2iqvXxA6H590mIdPTuJA4pWhkdNPWO9axw42RfXjv5hnGT9rE8sHsj
sMZHs5IxdCcv5wKjpKZjCymhDSe4lixF3PXS4MBeeef83mczB03/8EQXAiytxiEA
d/ML0gO2YMrHiKqa1yyupMe/74sPfFpq1DwmcVJF0oYP7o+4jthJzu2I/M0khF5J
t+y+44XOBM0oQPZE4Racf3pPL6toMwoR//bxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrKmIBoiXzwZQ4+5z6WVGtsDcq68wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JLbUlCb2lYendaUTQt
NXo2V1ZHdHNEY3E2OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAUjZp3uBpiMbHWEZUC9g8scSsYCBCnYf/
5BUVzZH+trR0oA/NIKaPzrJPDxYb8c7hHeTNoyISJh3cmpcffQ9RCa+7uyPO3rLc
JOevs5ya1Y+yM/tuma0TuDbHPQfLFkNgC8FniEss9iT7RD8yNsrEzn1LT1PYbZSA
Vz6LQP0T6etPUo00Ah2ENRZqit+sABYH7wAHYKpwhiOX7lPunUlXgYbnMIurnAgu
QZ7VmKZkJU0qK71W71osKv6NSQOjBxAs2jmVKUjbpBRfkhV452JmDYvWLZalYSpT
yglcss3qESRhtfokMUTKt+O839hNQ49+pfIDCIq38O4/6QzfT22hig==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:43 2025 by rpki-client