Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zuXDfiXo3aITm_w8feQRvFiG_M8.roa
File: zuXDfiXo3aITm_w8feQRvFiG_M8.roa (raw, json)
Hash identifier: R56BfsS1GiyDwyg2BXSR98KH2pGZm3FoKe0XswSIbfw=
Subject key identifier: CE:E5:C3:7E:25:E8:DD:A2:13:9B:FC:3C:7D:E4:11:BC:58:86:FC:CF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 391A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zuXDfiXo3aITm_w8feQRvFiG_M8.roa
Signing time: Thu 04 Apr 2024 17:22:21 +0000
ROA not before: Thu 04 Apr 2024 17:22:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14618 (0x391a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 17:22:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CEE5C37E25E8DDA2139BFC3C7DE411BC5886FCCF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:22:3a:e2:1f:7c:7f:48:c4:20:ac:0c:3b:dd:
66:c6:25:f7:25:03:d6:9a:81:fb:e2:1c:6c:f1:46:
9e:6a:6f:71:27:f4:c5:9e:f5:fc:98:67:6c:d5:d2:
47:38:c7:31:d8:63:59:dc:11:92:87:6d:9d:fa:1f:
6f:af:19:3f:47:2e:c4:20:5e:3a:25:42:ab:e8:c3:
c8:9b:6f:9b:05:87:3d:0f:8f:29:f6:7a:95:2a:c3:
b2:e2:b0:3c:0c:1c:f3:d7:67:cf:7c:de:4e:86:a9:
44:b5:1d:1d:dc:6a:16:5f:30:9d:b8:b9:5e:d4:be:
15:88:8a:3f:c1:e5:59:85:93:89:ac:8f:4d:33:16:
d5:9f:f1:f7:c9:ec:d8:69:ad:aa:f4:e0:29:2d:36:
49:aa:c8:5c:5a:53:af:66:b6:9f:09:65:17:9a:a3:
9a:b6:36:fc:32:e9:51:cf:33:4b:ad:c4:5a:dc:4d:
4e:51:da:9d:7b:f5:57:fe:11:ba:76:88:c9:7d:22:
f0:f1:a5:75:2d:38:25:8e:e3:55:70:0d:c5:27:5b:
da:80:30:1a:64:01:3b:08:6c:f1:bb:c6:4f:a0:00:
62:ae:2e:3b:4f:4a:c6:dd:cf:6f:60:27:47:25:72:
47:ea:df:a5:48:77:08:de:5d:86:13:67:03:4d:01:
c1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E5:C3:7E:25:E8:DD:A2:13:9B:FC:3C:7D:E4:11:BC:58:86:FC:CF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zuXDfiXo3aITm_w8feQRvFiG_M8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8f:fa:ae:2f:c2:54:88:c6:91:4a:d8:b1:42:96:6b:7d:5e:20:
32:15:01:25:f3:cd:f8:99:34:57:8a:a6:6f:fa:57:2c:84:d9:
15:da:f6:92:77:06:6f:86:ab:f2:55:63:e2:88:0c:4a:ec:62:
d1:b6:a2:eb:07:44:3d:20:10:4c:fd:dd:b1:dc:87:b7:cf:e5:
20:94:2b:53:57:12:18:b7:00:65:28:ac:35:b2:02:f9:2b:25:
3d:14:41:14:0e:07:ce:e6:fb:5d:57:fa:0a:69:94:73:27:7f:
65:05:10:c2:37:b0:bc:10:70:58:60:12:ed:26:51:c6:96:fb:
59:37:77:f1:21:4b:35:23:74:e9:d0:cb:8d:7f:ce:d3:2d:2b:
c9:b5:19:dd:5f:17:d4:1d:0f:3e:7f:49:4f:7e:c4:83:5d:49:
d9:7f:2b:ac:b6:82:a5:6f:92:01:b0:97:f0:d7:cd:62:ae:9e:
6b:c7:0b:49:2f:9e:06:77:2d:00:0c:33:70:3a:bc:28:a2:98:
f5:e2:c4:fc:9c:63:a7:57:d9:71:78:4a:70:72:6b:96:f6:0e:
9f:ab:29:c6:6a:a5:b4:1e:f7:c3:9a:73:b7:4a:94:b6:76:f9:
48:6f:c9:c6:f4:90:ef:b2:08:f2:f7:6e:7e:3f:a8:a4:75:b3:
31:f3:8f:7a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICORowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQx
NzIyMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENFRTVDMzdFMjVFOERE
QTIxMzlCRkMzQzdERTQxMUJDNTg4NkZDQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtIjriH3x/SMQgrAw73WbGJfclA9aagfviHGzxRp5qb3En9MWe
9fyYZ2zV0kc4xzHYY1ncEZKHbZ36H2+vGT9HLsQgXjolQqvow8ibb5sFhz0Pjyn2
epUqw7LisDwMHPPXZ8983k6GqUS1HR3cahZfMJ24uV7UvhWIij/B5VmFk4msj00z
FtWf8ffJ7Nhprar04CktNkmqyFxaU69mtp8JZReao5q2Nvwy6VHPM0utxFrcTU5R
2p179Vf+Ebp2iMl9IvDxpXUtOCWO41VwDcUnW9qAMBpkATsIbPG7xk+gAGKuLjtP
Ssbdz29gJ0clckfq36VIdwjeXYYTZwNNAcG7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUzuXDfiXo3aITm/w8feQRvFiG/M8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3p1WERmaVhvM2FJVG1f
dzhmZVFSdkZpR19NOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAj/quL8JUiMaRStixQpZrfV4gMhUBJfPN
+Jk0V4qmb/pXLITZFdr2kncGb4ar8lVj4ogMSuxi0bai6wdEPSAQTP3dsdyHt8/l
IJQrU1cSGLcAZSisNbIC+SslPRRBFA4Hzub7XVf6CmmUcyd/ZQUQwjewvBBwWGAS
7SZRxpb7WTd38SFLNSN06dDLjX/O0y0rybUZ3V8X1B0PPn9JT37Eg11J2X8rrLaC
pW+SAbCX8NfNYq6ea8cLSS+eBnctAAwzcDq8KKKY9eLE/Jxjp1fZcXhKcHJrlvYO
n6spxmqltB73w5pzt0qUtnb5SG/JxvSQ77II8vdufj+opHWzMfOPeg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:39 2025 by rpki-client