Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tcPKrkBK5JC3TPpjjKSUbNdEaWI.roa
File: tcPKrkBK5JC3TPpjjKSUbNdEaWI.roa (raw, json)
Hash identifier: 673mBt8UGs1xoUjcHQ/uDZcsd1vidt8vlSV1NyvRY2E=
Subject key identifier: B5:C3:CA:AE:40:4A:E4:90:B7:4C:FA:63:8C:A4:94:6C:D7:44:69:62
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53AA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tcPKrkBK5JC3TPpjjKSUbNdEaWI.roa
Signing time: Fri 10 May 2024 03:24:00 +0000
ROA not before: Fri 10 May 2024 03:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21418 (0x53aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 03:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B5C3CAAE404AE490B74CFA638CA4946CD7446962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:78:68:90:32:3f:2c:6f:10:2d:cb:90:58:e9:
a7:77:eb:ad:2f:b4:89:c8:fc:eb:b4:1b:0b:a3:69:
9e:15:b2:06:43:8b:ea:47:43:6f:bb:ad:4b:2f:bf:
b4:08:c5:86:dd:22:b6:d5:47:1e:7f:9d:4b:c6:2b:
d1:0e:94:f6:89:be:2f:38:eb:dc:30:5b:5a:de:85:
02:7c:32:a2:f6:28:16:16:61:1d:84:e3:97:18:c6:
dc:d7:78:c7:87:b4:3e:c6:4e:87:76:e8:ef:37:78:
e2:2a:00:37:2d:d2:9a:ad:e3:8a:29:f4:e3:0a:b1:
ab:e6:8a:41:ca:69:55:06:42:ca:cf:83:35:6d:30:
59:5b:2d:50:3f:0a:e4:9b:d0:49:3a:ea:51:da:25:
73:b1:33:93:9a:7b:e0:be:0e:6e:4e:f7:1c:db:2d:
89:8a:cf:e5:1a:92:7d:f0:56:57:08:4b:c8:84:92:
70:64:0e:7f:35:19:4f:fe:66:e4:78:50:42:89:86:
1e:e2:f2:df:f4:32:cf:47:7c:7f:54:67:49:84:ef:
39:c2:b7:4e:bf:01:44:ee:89:f0:70:fd:a5:23:5f:
3c:6f:06:0f:65:4b:bc:03:9a:45:30:ef:3e:57:bb:
b1:1e:b1:c0:bc:ac:db:90:00:1f:ec:c6:a4:39:d2:
41:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C3:CA:AE:40:4A:E4:90:B7:4C:FA:63:8C:A4:94:6C:D7:44:69:62
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tcPKrkBK5JC3TPpjjKSUbNdEaWI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:50:33:41:4a:18:f1:a7:6f:8d:33:fb:8b:e5:0b:0b:5a:8b:
0e:4c:21:12:f2:a4:94:48:0e:3c:71:00:ff:89:cc:80:26:cd:
18:62:5e:01:48:13:83:24:bc:57:38:18:35:15:2f:df:1c:c6:
a4:1a:ba:5f:6f:8a:51:07:97:15:65:8d:57:1c:bc:27:5a:77:
73:15:72:04:ad:b0:94:9d:f2:49:e8:70:d2:d2:02:7c:54:32:
60:e7:0d:8f:b1:b8:ea:06:4d:ed:32:24:a7:7c:e4:96:c7:1a:
7e:be:09:93:9e:20:96:ab:80:92:13:76:9a:06:4c:b7:e5:e7:
98:09:0a:52:cf:fc:0b:fb:a7:5e:3c:51:3e:15:8f:55:7d:a5:
bd:ee:3f:86:2f:e3:3d:20:ef:53:d4:c0:04:7d:4e:10:a7:a7:
5c:f2:a2:cf:5d:75:c4:87:38:dd:28:f4:e6:ac:2c:b3:96:03:
9f:e8:9e:05:99:ac:a3:9a:91:cd:67:9c:2c:16:f9:1a:9f:b4:
70:f2:a3:69:d3:a8:95:e9:5b:34:74:4a:da:30:61:cd:c2:29:
66:b2:71:17:40:2f:2f:87:f7:77:e6:0a:fe:67:1f:4a:f0:ae:
80:91:e0:73:2a:13:8b:60:3e:59:09:d4:2b:23:c1:88:26:d6:
0f:75:ff:d0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU6owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
MzI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI1QzNDQUFFNDA0QUU0
OTBCNzRDRkE2MzhDQTQ5NDZDRDc0NDY5NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8eGiQMj8sbxAty5BY6ad3660vtInI/Ou0GwujaZ4VsgZDi+pH
Q2+7rUsvv7QIxYbdIrbVRx5/nUvGK9EOlPaJvi8469wwW1rehQJ8MqL2KBYWYR2E
45cYxtzXeMeHtD7GTod26O83eOIqADct0pqt44op9OMKsavmikHKaVUGQsrPgzVt
MFlbLVA/CuSb0Ek66lHaJXOxM5Oae+C+Dm5O9xzbLYmKz+Uakn3wVlcIS8iEknBk
Dn81GU/+ZuR4UEKJhh7i8t/0Ms9HfH9UZ0mE7znCt06/AUTuifBw/aUjXzxvBg9l
S7wDmkUw7z5Xu7EescC8rNuQAB/sxqQ50kGZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUtcPKrkBK5JC3TPpjjKSUbNdEaWIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RjUEtya0JLNUpDM1RQ
cGpqS1NVYk5kRWFXSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAnlAzQUoY8advjTP7i+ULC1qLDkwhEvKk
lEgOPHEA/4nMgCbNGGJeAUgTgyS8VzgYNRUv3xzGpBq6X2+KUQeXFWWNVxy8J1p3
cxVyBK2wlJ3ySehw0tICfFQyYOcNj7G46gZN7TIkp3zklscafr4Jk54glquAkhN2
mgZMt+XnmAkKUs/8C/unXjxRPhWPVX2lve4/hi/jPSDvU9TABH1OEKenXPKiz111
xIc43Sj05qwss5YDn+ieBZmso5qRzWecLBb5Gp+0cPKjadOolelbNHRK2jBhzcIp
ZrJxF0AvL4f3d+YK/mcfSvCugJHgcyoTi2A+WQnUKyPBiCbWD3X/0A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:12 2025 by rpki-client