Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Ayd8u5To_S9Ds4w31nyN2_kFf84.roa
File: Ayd8u5To_S9Ds4w31nyN2_kFf84.roa (raw, json)
Hash identifier: lCuKBJaUmEG+OvYDKr8FbXozeNcnAITKhL9z5uGVTrY=
Subject key identifier: 03:27:7C:BB:94:E8:FD:2F:43:B3:8C:37:D6:7C:8D:DB:F9:05:7F:CE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3CCA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ayd8u5To_S9Ds4w31nyN2_kFf84.roa
Signing time: Tue 09 Apr 2024 15:22:38 +0000
ROA not before: Tue 09 Apr 2024 15:22:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15562 (0x3cca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 15:22:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=03277CBB94E8FD2F43B38C37D67C8DDBF9057FCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:63:76:e7:83:77:d6:9e:8f:81:e9:a1:9e:31:
68:6a:92:1b:d5:a4:35:c8:8a:07:39:4e:3c:c5:39:
b3:87:cc:c7:e2:d4:9c:9f:da:31:95:89:38:06:e8:
5c:72:d5:0e:55:5f:aa:f1:de:7b:d9:02:ba:1e:00:
83:61:d7:98:5b:2f:a8:2b:07:8a:33:38:53:00:b9:
10:4c:16:2e:a5:a6:19:4d:92:72:d1:a9:55:ac:78:
91:e1:ff:e1:47:bd:fe:5c:68:06:c5:20:50:ec:ec:
0b:2c:59:ac:5f:86:37:a5:43:bc:7e:19:01:60:c9:
79:ad:26:8a:d6:d3:b2:9a:8c:54:f0:a8:a2:8d:13:
fa:ed:6d:e6:47:57:b7:df:27:72:44:84:85:21:a6:
59:09:94:dc:58:fb:98:17:2b:fa:63:24:12:96:d4:
6c:0e:e8:1a:12:0c:1f:c9:9c:6b:8d:f7:38:58:e4:
72:bc:f8:40:56:8c:d5:cb:9a:f0:14:6f:d5:c0:16:
69:16:6b:c1:b1:c8:e2:48:19:63:73:12:57:da:78:
9f:de:b5:f1:44:69:fc:2c:7a:c3:6f:fc:df:37:20:
a4:a0:32:4e:25:5f:1a:63:2d:b5:07:06:41:5b:16:
d5:cd:3b:94:f6:2b:b4:9d:66:13:2a:c0:ab:cd:e9:
c2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:27:7C:BB:94:E8:FD:2F:43:B3:8C:37:D6:7C:8D:DB:F9:05:7F:CE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ayd8u5To_S9Ds4w31nyN2_kFf84.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:72:e8:26:eb:a8:d2:d3:07:87:40:17:bb:1e:93:04:f5:a5:
fd:1b:ab:37:c1:71:c6:1a:05:05:04:a5:1c:36:df:6c:c8:e3:
3f:3b:b2:2e:12:cb:72:a2:8d:c7:dc:89:5f:98:0f:fb:00:70:
a6:1c:49:33:5e:47:aa:c9:88:90:a6:51:99:d4:22:2e:13:0c:
72:14:30:69:fa:98:8a:65:95:a0:24:72:ed:c4:71:be:bd:5c:
80:63:1c:3f:49:f2:f0:c1:45:c4:13:f4:f2:0a:07:2e:e6:15:
5e:37:e4:8b:02:61:b2:00:ba:92:60:6d:33:4c:53:11:1e:f2:
0d:2f:da:12:a2:b9:88:b7:fb:b4:2c:bc:f9:0b:9c:fd:78:1e:
52:db:3b:8f:74:e6:35:45:d1:99:ff:f5:b7:a7:ad:47:a9:ed:
15:6d:4b:90:09:d2:89:3e:cd:ae:00:74:8c:a8:02:7b:ca:69:
80:6d:d1:ac:d4:55:be:95:cb:99:ef:5c:9d:dc:ba:d2:4c:bd:
1a:70:7a:40:80:04:fd:c0:cc:fb:fd:64:ed:c3:50:10:2e:80:
53:bf:4b:75:06:89:45:14:74:15:ed:29:e9:20:c5:1d:38:a1:
5e:ef:06:2d:44:cc:76:99:83:41:93:3b:ad:7f:8e:3f:7a:ae:
3b:40:4f:be
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPMowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkx
NTIyMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAzMjc3Q0JCOTRFOEZE
MkY0M0IzOEMzN0Q2N0M4RERCRjkwNTdGQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGY3bng3fWno+B6aGeMWhqkhvVpDXIigc5TjzFObOHzMfi1Jyf
2jGViTgG6Fxy1Q5VX6rx3nvZAroeAINh15hbL6grB4ozOFMAuRBMFi6lphlNknLR
qVWseJHh/+FHvf5caAbFIFDs7AssWaxfhjelQ7x+GQFgyXmtJorW07KajFTwqKKN
E/rtbeZHV7ffJ3JEhIUhplkJlNxY+5gXK/pjJBKW1GwO6BoSDB/JnGuN9zhY5HK8
+EBWjNXLmvAUb9XAFmkWa8GxyOJIGWNzElfaeJ/etfFEafwsesNv/N83IKSgMk4l
XxpjLbUHBkFbFtXNO5T2K7SdZhMqwKvN6cKDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUAyd8u5To/S9Ds4w31nyN2/kFf84wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0F5ZDh1NVRvX1M5RHM0
dzMxbnlOMl9rRmY4NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAoXLoJuuo0tMHh0AXux6TBPWl/RurN8Fx
xhoFBQSlHDbfbMjjPzuyLhLLcqKNx9yJX5gP+wBwphxJM15HqsmIkKZRmdQiLhMM
chQwafqYimWVoCRy7cRxvr1cgGMcP0ny8MFFxBP08goHLuYVXjfkiwJhsgC6kmBt
M0xTER7yDS/aEqK5iLf7tCy8+Quc/XgeUts7j3TmNUXRmf/1t6etR6ntFW1LkAnS
iT7NrgB0jKgCe8ppgG3RrNRVvpXLme9cndy60ky9GnB6QIAE/cDM+/1k7cNQEC6A
U79LdQaJRRR0Fe0p6SDFHTihXu8GLUTMdpmDQZM7rX+OP3quO0BPvg==
-----END CERTIFICATE-----
Generated at Sun May 18 16:02:52 2025 by rpki-client