Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rXZV4q3W4OQX6M3S2JZ09N09bbM.roa
File: rXZV4q3W4OQX6M3S2JZ09N09bbM.roa (raw, json)
Hash identifier: WtUEdonHy969hfKvuK7d1CIRzT/VhVGIyvwinlZVPfM=
Subject key identifier: AD:76:55:E2:AD:D6:E0:E4:17:E8:CD:D2:D8:96:74:F4:DD:3D:6D:B3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 344A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rXZV4q3W4OQX6M3S2JZ09N09bbM.roa
Signing time: Fri 29 Mar 2024 07:22:13 +0000
ROA not before: Fri 29 Mar 2024 07:22:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13386 (0x344a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 07:22:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AD7655E2ADD6E0E417E8CDD2D89674F4DD3D6DB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:ca:00:70:47:eb:6c:35:7d:cb:37:6c:09:4e:
76:89:4e:69:9c:88:12:ce:b2:88:c0:e0:ab:14:9e:
0d:45:bb:99:0e:17:e2:94:99:a7:dc:a1:de:b8:7b:
84:f6:a8:30:5a:ed:e6:ba:fa:a4:19:44:1c:af:0d:
6c:e4:82:82:26:67:1f:32:9a:8d:cb:3e:c1:62:1d:
51:72:97:33:d9:9c:69:cb:4f:e3:6a:b5:9d:5c:41:
a1:91:57:5c:40:a2:61:4d:61:d2:ec:1a:9a:e0:37:
33:23:93:34:66:dd:c4:25:a8:32:cc:5c:5d:39:93:
4b:fb:f8:04:bd:af:d8:0e:02:2a:90:57:ad:ea:1e:
da:6d:17:73:b9:78:d1:0b:1b:ba:31:92:a4:36:bf:
4e:28:bd:66:cc:41:10:d9:e5:c8:eb:b2:d8:97:b2:
6e:c3:44:7a:19:28:89:d7:d3:8b:55:75:db:ea:e4:
9e:ae:f9:2d:7a:8f:80:6b:43:99:d0:a7:bb:f5:c3:
fb:21:37:a1:6e:e7:0f:ca:ae:85:4a:3f:a9:9d:42:
37:1c:84:df:84:8e:32:06:dd:3b:af:e3:8d:71:af:
4b:19:e7:44:75:b9:fd:5d:f9:87:79:9d:b9:23:d5:
d5:2f:63:2b:fe:ec:24:19:42:52:44:d9:11:90:6b:
65:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:76:55:E2:AD:D6:E0:E4:17:E8:CD:D2:D8:96:74:F4:DD:3D:6D:B3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rXZV4q3W4OQX6M3S2JZ09N09bbM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:6c:37:e4:35:e5:8d:b2:18:75:d5:a6:ff:0e:ec:49:09:f8:
d5:cf:f5:43:94:e0:c0:dd:dc:3b:22:73:03:70:a7:9d:0a:26:
77:0d:93:33:dd:cb:cc:c4:0a:1a:f4:fa:02:37:c7:10:35:19:
be:6d:76:07:c0:8f:c9:c4:0d:f0:a2:a2:87:98:0a:18:1e:02:
be:e3:1b:42:b6:b2:08:27:e3:07:df:5d:5f:ca:36:fc:45:33:
0b:a5:dd:d5:21:b2:1f:46:a3:64:fc:47:ad:7b:c3:39:92:7f:
7e:63:5e:dd:dd:b2:d2:74:7a:a9:af:dc:cb:92:2d:72:f7:e8:
b7:de:6f:57:3a:7a:d6:da:16:3f:d4:5e:c1:c8:2f:c6:a6:df:
f6:df:e6:ca:c1:82:4b:e4:68:b3:86:3f:9e:c0:e9:4a:2c:d8:
14:98:04:a4:5a:1e:5e:f2:25:82:86:97:7f:4e:f1:79:73:38:
e8:91:d3:bd:58:2f:68:78:19:80:42:32:1f:52:c2:89:6e:7e:
43:a6:4d:41:a4:96:2c:cc:0c:2c:2c:9f:b8:c6:d3:60:67:1f:
43:7d:3c:01:d6:b1:e8:e7:3d:c7:88:a3:9b:4e:27:f5:a7:76:
bd:b1:ea:15:6f:ee:96:23:c7:c9:a5:9a:a5:8e:03:0a:ca:1c:
61:0f:32:19
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNEowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
NzIyMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFENzY1NUUyQURENkUw
RTQxN0U4Q0REMkQ4OTY3NEY0REQzRDZEQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD6ygBwR+tsNX3LN2wJTnaJTmmciBLOsojA4KsUng1Fu5kOF+KU
mafcod64e4T2qDBa7ea6+qQZRByvDWzkgoImZx8ymo3LPsFiHVFylzPZnGnLT+Nq
tZ1cQaGRV1xAomFNYdLsGprgNzMjkzRm3cQlqDLMXF05k0v7+AS9r9gOAiqQV63q
HtptF3O5eNELG7oxkqQ2v04ovWbMQRDZ5cjrstiXsm7DRHoZKInX04tVddvq5J6u
+S16j4BrQ5nQp7v1w/shN6Fu5w/KroVKP6mdQjcchN+EjjIG3Tuv441xr0sZ50R1
uf1d+Yd5nbkj1dUvYyv+7CQZQlJE2RGQa2UhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrXZV4q3W4OQX6M3S2JZ09N09bbMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JYWlY0cTNXNE9RWDZN
M1MySlowOU4wOWJiTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAlGw35DXljbIYddWm/w7sSQn41c/1Q5Tg
wN3cOyJzA3CnnQomdw2TM93LzMQKGvT6AjfHEDUZvm12B8CPycQN8KKih5gKGB4C
vuMbQrayCCfjB99dX8o2/EUzC6Xd1SGyH0ajZPxHrXvDOZJ/fmNe3d2y0nR6qa/c
y5Itcvfot95vVzp61toWP9Rewcgvxqbf9t/mysGCS+Ros4Y/nsDpSizYFJgEpFoe
XvIlgoaXf07xeXM46JHTvVgvaHgZgEIyH1LCiW5+Q6ZNQaSWLMwMLCyfuMbTYGcf
Q308Adax6Oc9x4ijm04n9ad2vbHqFW/uliPHyaWapY4DCsocYQ8yGQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:54 2025 by rpki-client