Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yzTqEWqy-mWLbG3FD2ucVB4m2jc.roa
File: yzTqEWqy-mWLbG3FD2ucVB4m2jc.roa (raw, json)
Hash identifier: kCPZoGBTi6yf1yAckNS8T7w20yME55/lmMjLTipNWLY=
Subject key identifier: CB:34:EA:11:6A:B2:FA:65:8B:6C:6D:C5:0F:6B:9C:54:1E:26:DA:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4AEA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yzTqEWqy-mWLbG3FD2ucVB4m2jc.roa
Signing time: Sun 28 Apr 2024 11:23:30 +0000
ROA not before: Sun 28 Apr 2024 11:23:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19178 (0x4aea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 11:23:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CB34EA116AB2FA658B6C6DC50F6B9C541E26DA37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8a:b6:6a:d8:48:5a:f9:f8:d8:f6:af:48:a8:
08:ae:e7:b5:b0:98:01:6f:d2:d5:62:ea:9f:23:96:
b3:6a:6f:14:e4:7b:65:fe:9d:02:b5:a3:28:b2:7a:
00:dd:26:25:64:83:6c:4c:de:bf:c3:e7:5b:63:15:
14:cb:ae:22:2d:85:a0:88:65:7c:31:00:11:cb:5a:
c0:b8:82:d0:29:22:77:89:d4:01:ac:c5:37:93:0a:
c1:92:6e:74:75:26:a7:4e:e6:54:b8:4c:39:15:29:
6c:06:80:57:a0:0f:6b:6f:61:de:85:3f:90:dd:65:
0b:ed:24:15:b3:f5:5a:8f:38:83:1a:36:48:20:8b:
e5:51:3f:2f:8a:35:7c:13:66:f5:b0:bc:32:fd:a0:
13:74:f5:3d:53:b5:0c:4e:7c:10:9b:85:a1:1d:bb:
d9:c7:12:c3:fd:e0:5f:17:3d:84:87:31:57:b1:c1:
f5:c6:e1:07:39:43:8d:22:79:4d:7d:84:f9:e8:1d:
a0:d6:70:f8:f4:f5:93:dd:83:8e:e6:cf:c5:71:0d:
59:31:c7:cc:27:39:92:48:b7:9f:7f:bb:73:40:43:
9f:b3:32:a2:94:e0:2d:e0:d0:25:e7:be:93:73:3c:
0e:dd:95:b1:c0:09:e5:31:b6:7b:0d:3a:5c:a5:a6:
1a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:34:EA:11:6A:B2:FA:65:8B:6C:6D:C5:0F:6B:9C:54:1E:26:DA:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yzTqEWqy-mWLbG3FD2ucVB4m2jc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:f7:8b:1c:6e:fc:14:cb:c0:1b:5f:93:6f:4c:3a:ef:da:9c:
ad:8c:63:1e:02:a6:52:ba:e6:b1:96:9d:b6:6b:9b:3a:cb:53:
56:a1:37:70:62:ac:57:06:e3:ef:3a:90:39:e6:34:13:21:f6:
9b:bb:a1:50:45:db:63:e0:cd:77:18:7c:bd:5d:f8:37:b3:2a:
5e:9a:95:4a:53:eb:5b:e1:c9:18:8a:33:1c:48:53:f9:98:3f:
f1:a0:8c:bd:d3:ec:ee:81:28:65:3f:21:81:9c:3c:75:f5:37:
93:fe:cb:4f:0e:27:d5:bf:8e:15:08:a6:c2:4d:89:19:d8:1b:
aa:05:5d:64:50:09:2f:9f:1b:ba:f1:05:92:f9:bc:07:a9:d8:
d7:04:97:59:c1:b1:cd:17:26:82:17:c3:88:70:78:25:6b:19:
eb:73:9e:69:68:e1:51:6d:75:5f:ea:5e:ca:20:73:df:43:3c:
b7:10:c9:37:36:b3:b5:31:e9:b1:1b:e0:dd:29:51:f8:20:23:
19:28:16:ab:7f:82:3a:2a:48:35:c2:fa:81:04:20:6d:21:0b:
33:cc:6f:03:b6:21:3d:43:ee:32:af:bc:eb:42:f2:9e:b5:27:
63:4c:11:8a:14:5c:4f:43:80:26:e7:4d:7e:6b:53:11:46:6d:
77:a8:cf:0c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSuowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
MTIzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENCMzRFQTExNkFCMkZB
NjU4QjZDNkRDNTBGNkI5QzU0MUUyNkRBMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKirZq2Eha+fjY9q9IqAiu57WwmAFv0tVi6p8jlrNqbxTke2X+
nQK1oyiyegDdJiVkg2xM3r/D51tjFRTLriIthaCIZXwxABHLWsC4gtApIneJ1AGs
xTeTCsGSbnR1JqdO5lS4TDkVKWwGgFegD2tvYd6FP5DdZQvtJBWz9VqPOIMaNkgg
i+VRPy+KNXwTZvWwvDL9oBN09T1TtQxOfBCbhaEdu9nHEsP94F8XPYSHMVexwfXG
4Qc5Q40ieU19hPnoHaDWcPj09ZPdg47mz8VxDVkxx8wnOZJIt59/u3NAQ5+zMqKU
4C3g0CXnvpNzPA7dlbHACeUxtnsNOlylphpXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUyzTqEWqy+mWLbG3FD2ucVB4m2jcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3l6VHFFV3F5LW1XTGJH
M0ZEMnVjVkI0bTJqYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEABveLHG78FMvAG1+Tb0w679qcrYxjHgKm
UrrmsZadtmubOstTVqE3cGKsVwbj7zqQOeY0EyH2m7uhUEXbY+DNdxh8vV34N7Mq
XpqVSlPrW+HJGIozHEhT+Zg/8aCMvdPs7oEoZT8hgZw8dfU3k/7LTw4n1b+OFQim
wk2JGdgbqgVdZFAJL58buvEFkvm8B6nY1wSXWcGxzRcmghfDiHB4JWsZ63OeaWjh
UW11X+peyiBz30M8txDJNzaztTHpsRvg3SlR+CAjGSgWq3+COipINcL6gQQgbSEL
M8xvA7YhPUPuMq+860LynrUnY0wRihRcT0OAJudNfmtTEUZtd6jPDA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:24:36 2025 by rpki-client