Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wu1Ld9RKrFhprZI3LwfdKbT0G90.roa
File: wu1Ld9RKrFhprZI3LwfdKbT0G90.roa (raw, json)
Hash identifier: 0IqNFDOb6w1TJubl+nMDozUxKm6cBcehhLcDgcGy6bE=
Subject key identifier: C2:ED:4B:77:D4:4A:AC:58:69:AD:92:37:2F:07:DD:29:B4:F4:1B:DD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41D6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wu1Ld9RKrFhprZI3LwfdKbT0G90.roa
Signing time: Tue 16 Apr 2024 08:52:56 +0000
ROA not before: Tue 16 Apr 2024 08:52:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16854 (0x41d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 08:52:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C2ED4B77D44AAC5869AD92372F07DD29B4F41BDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6f:a5:2f:46:19:5b:74:8e:89:c7:5b:e3:21:
d3:16:b6:74:c9:06:53:60:66:d1:20:b9:f6:2d:44:
95:9e:b8:32:2a:b1:26:fb:e1:6c:f2:33:55:68:76:
97:16:6e:1a:b6:c4:8b:f8:87:d7:04:66:5d:5b:1c:
63:be:c9:af:32:a2:4f:eb:e9:26:33:c8:23:4a:39:
d7:76:06:c6:00:19:9c:d2:8f:8c:0e:c3:aa:9f:2a:
59:aa:ca:d4:b6:91:7d:22:5c:7e:5b:63:9c:bf:4f:
84:4e:00:fe:14:f2:de:78:82:5f:9d:b2:6f:38:7e:
e4:3b:53:2f:7a:90:c9:d8:41:3b:fe:7b:b4:3a:cb:
d6:a2:b3:3d:e1:78:a6:3e:cd:89:ae:1d:6c:c3:29:
71:d4:dd:45:cd:c6:17:85:98:d1:4a:d6:ba:df:a0:
66:ec:57:a7:76:b1:90:a7:66:82:9f:6b:79:ea:35:
fb:5d:45:f3:37:2b:0e:9a:13:5b:06:33:c5:67:4a:
60:23:bb:4e:1d:42:9a:db:61:7a:d0:55:30:2c:dd:
43:d2:6a:aa:12:21:82:b4:0c:bb:3d:9b:b1:2f:bb:
cd:eb:3b:e3:e7:dd:0d:98:0f:98:ce:b1:77:1d:36:
d1:4b:92:6b:a3:9a:50:74:d3:79:82:a5:c9:73:8a:
dc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:ED:4B:77:D4:4A:AC:58:69:AD:92:37:2F:07:DD:29:B4:F4:1B:DD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wu1Ld9RKrFhprZI3LwfdKbT0G90.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
60:a5:7e:82:b2:f4:10:00:96:f0:ed:72:a8:34:d5:a9:0c:17:
80:9a:3a:c4:f5:c4:c3:bf:03:7a:16:d0:68:81:5c:4a:ce:0a:
23:62:ae:ae:b6:2f:3c:e5:cd:ab:fc:9c:4c:cc:71:af:51:4a:
ff:2d:e3:64:5d:ec:cb:a9:6e:88:48:0c:8f:1f:26:eb:0d:28:
c0:92:ea:10:58:9a:4a:c0:d8:98:f4:eb:d3:6f:90:c1:27:34:
05:b9:58:2c:64:4a:c9:1d:f1:d7:6d:f2:b8:88:60:0f:13:83:
6a:07:32:e5:23:69:5a:22:41:43:bc:0a:b2:be:9f:a0:f0:a7:
84:65:55:7f:b5:21:dd:08:e6:36:ff:57:4b:7c:2d:86:3b:ef:
4a:04:c2:f3:fd:09:74:21:ee:26:c6:41:51:6f:ea:6b:31:4b:
b0:cb:48:69:a5:62:6e:90:28:dc:85:9d:85:4d:82:8b:f8:a6:
fd:a3:cc:09:3d:3e:ad:20:d6:7b:15:6b:9f:8c:92:18:e0:52:
b6:33:b3:5b:44:a1:07:70:70:1d:8b:cf:95:8c:71:c9:59:4a:
7a:1c:e4:11:c4:65:6b:81:0c:2c:42:d0:f9:bd:05:97:e7:62:
91:f6:81:02:68:2e:3f:34:9d:74:dd:e8:57:c9:ba:16:77:0a:
a0:40:0e:a8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQdYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
ODUyNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMyRUQ0Qjc3RDQ0QUFD
NTg2OUFEOTIzNzJGMDdERDI5QjRGNDFCREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOb6UvRhlbdI6Jx1vjIdMWtnTJBlNgZtEgufYtRJWeuDIqsSb7
4WzyM1VodpcWbhq2xIv4h9cEZl1bHGO+ya8yok/r6SYzyCNKOdd2BsYAGZzSj4wO
w6qfKlmqytS2kX0iXH5bY5y/T4ROAP4U8t54gl+dsm84fuQ7Uy96kMnYQTv+e7Q6
y9aisz3heKY+zYmuHWzDKXHU3UXNxheFmNFK1rrfoGbsV6d2sZCnZoKfa3nqNftd
RfM3Kw6aE1sGM8VnSmAju04dQprbYXrQVTAs3UPSaqoSIYK0DLs9m7Evu83rO+Pn
3Q2YD5jOsXcdNtFLkmujmlB003mCpclzityDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUwu1Ld9RKrFhprZI3LwfdKbT0G90wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3d1MUxkOVJLckZocHJa
STNMd2ZkS2JUMEc5MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAYKV+grL0EACW8O1yqDTVqQwXgJo6xPXE
w78DehbQaIFcSs4KI2KurrYvPOXNq/ycTMxxr1FK/y3jZF3sy6luiEgMjx8m6w0o
wJLqEFiaSsDYmPTr02+QwSc0BblYLGRKyR3x123yuIhgDxODagcy5SNpWiJBQ7wK
sr6foPCnhGVVf7Uh3QjmNv9XS3wthjvvSgTC8/0JdCHuJsZBUW/qazFLsMtIaaVi
bpAo3IWdhU2Ci/im/aPMCT0+rSDWexVrn4ySGOBStjOzW0ShB3BwHYvPlYxxyVlK
ehzkEcRla4EMLELQ+b0Fl+dikfaBAmguPzSddN3oV8m6FncKoEAOqA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:13:07 2025 by rpki-client