Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tn0jsPbUaMJU3BjL6mgxOktmuSQ.roa
File: tn0jsPbUaMJU3BjL6mgxOktmuSQ.roa (raw, json)
Hash identifier: CHLeAp3Atbp0mPBzHWMpAeZpPS1bE3igMIFja/6Of7w=
Subject key identifier: B6:7D:23:B0:F6:D4:68:C2:54:DC:18:CB:EA:68:31:3A:4B:66:B9:24
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4076
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tn0jsPbUaMJU3BjL6mgxOktmuSQ.roa
Signing time: Sun 14 Apr 2024 12:52:53 +0000
ROA not before: Sun 14 Apr 2024 12:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16502 (0x4076)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 12:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B67D23B0F6D468C254DC18CBEA68313A4B66B924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a8:cb:5d:6d:86:d6:71:dd:b5:ee:c4:b9:b1:
fa:4e:62:b4:00:56:97:ea:a8:ab:d0:91:37:89:e5:
e2:89:3e:a9:b6:97:cc:6c:ea:fa:27:ac:8a:58:40:
16:84:41:d4:3b:73:e2:76:63:1d:fb:cc:46:d3:70:
3a:5b:70:d4:85:e0:ea:e1:88:90:cf:1b:4a:ce:15:
9b:85:a3:f1:88:de:85:fa:4f:f8:c5:70:42:d4:4b:
5f:d1:05:2e:7f:00:9e:f8:d7:97:62:ff:d9:cb:16:
d3:c1:3a:37:93:17:34:33:2a:42:fb:b6:07:36:b5:
52:a7:41:0d:d0:50:aa:d5:cd:ab:c3:ed:27:85:dd:
ee:2f:78:45:ab:db:e8:f4:43:6f:d5:50:11:a9:f6:
4c:b5:3c:6b:5c:ab:a3:af:cb:27:d0:ae:e8:7f:94:
90:e5:56:8c:d6:30:f7:49:aa:a4:c3:21:81:ce:03:
c9:86:2e:29:ba:eb:9b:2d:bc:5b:98:fa:dc:52:03:
ab:1a:66:e2:5d:3b:81:ea:4e:c9:0e:4b:0f:65:d5:
10:67:83:86:3d:eb:99:aa:6a:3e:c1:74:d6:2d:f7:
9c:0a:bf:3e:c4:ee:dc:96:cc:20:41:2b:ff:f2:28:
e6:8a:14:aa:17:68:b1:ed:fa:ec:68:ec:0f:2a:ba:
28:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:7D:23:B0:F6:D4:68:C2:54:DC:18:CB:EA:68:31:3A:4B:66:B9:24
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tn0jsPbUaMJU3BjL6mgxOktmuSQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9a:56:79:58:82:4b:f1:4f:99:f6:2d:83:ed:f1:9b:f7:34:fc:
76:f7:37:1d:cf:5d:6e:e8:0d:aa:67:90:1e:27:dc:4b:b3:69:
1c:21:67:18:4a:ec:37:5a:ba:87:b4:fd:87:7f:37:ad:e8:e8:
a1:77:e6:04:e8:03:70:10:1f:a4:51:ff:69:c3:0f:90:00:af:
5d:e0:54:80:62:00:98:73:cf:20:79:7d:be:df:a9:47:3a:ea:
0b:ae:f1:ae:57:cd:65:ba:28:8e:f1:6c:71:fc:c8:40:c4:07:
8f:89:a9:e0:74:11:3c:74:ac:bb:5e:7a:f3:1c:ef:7c:24:75:
39:80:cc:d5:fa:fa:58:1d:10:3e:a0:28:77:21:79:69:72:c9:
0c:a1:e4:23:ed:87:23:3a:1a:bb:d5:68:b9:34:40:27:4d:db:
be:3e:aa:38:d2:d2:02:52:ba:0e:1d:28:b6:fd:71:68:a3:c8:
83:6c:c9:3a:7a:f7:87:31:ad:bc:fa:d8:98:b9:34:3c:ea:7f:
ab:a1:b7:88:64:35:5b:45:21:94:00:3b:3b:ba:bd:70:48:62:
c3:38:50:28:ce:c2:3e:2c:7e:ee:25:04:6a:c5:f3:1e:2c:1a:
2b:24:3d:34:d5:c3:f1:6b:98:86:10:e9:7f:1c:e7:8e:2e:26:
c8:b0:2f:6d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQHYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
MjUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI2N0QyM0IwRjZENDY4
QzI1NERDMThDQkVBNjgzMTNBNEI2NkI5MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhqMtdbYbWcd217sS5sfpOYrQAVpfqqKvQkTeJ5eKJPqm2l8xs
6vonrIpYQBaEQdQ7c+J2Yx37zEbTcDpbcNSF4OrhiJDPG0rOFZuFo/GI3oX6T/jF
cELUS1/RBS5/AJ7415di/9nLFtPBOjeTFzQzKkL7tgc2tVKnQQ3QUKrVzavD7SeF
3e4veEWr2+j0Q2/VUBGp9ky1PGtcq6OvyyfQruh/lJDlVozWMPdJqqTDIYHOA8mG
Lim665stvFuY+txSA6saZuJdO4HqTskOSw9l1RBng4Y965mqaj7BdNYt95wKvz7E
7tyWzCBBK//yKOaKFKoXaLHt+uxo7A8quijRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUtn0jsPbUaMJU3BjL6mgxOktmuSQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RuMGpzUGJVYU1KVTNC
akw2bWd4T2t0bXVTUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAmlZ5WIJL8U+Z9i2D7fGb9zT8dvc3Hc9d
bugNqmeQHifcS7NpHCFnGErsN1q6h7T9h383rejooXfmBOgDcBAfpFH/acMPkACv
XeBUgGIAmHPPIHl9vt+pRzrqC67xrlfNZboojvFscfzIQMQHj4mp4HQRPHSsu156
8xzvfCR1OYDM1fr6WB0QPqAodyF5aXLJDKHkI+2HIzoau9VouTRAJ03bvj6qONLS
AlK6Dh0otv1xaKPIg2zJOnr3hzGtvPrYmLk0POp/q6G3iGQ1W0UhlAA7O7q9cEhi
wzhQKM7CPix+7iUEasXzHiwaKyQ9NNXD8WuYhhDpfxznji4myLAvbQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:49 2025 by rpki-client