Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Z6lztnRfywS6QMHwwM_0F1atDOE.roa
File: Z6lztnRfywS6QMHwwM_0F1atDOE.roa (raw, json)
Hash identifier: ANb+jhyiXh0eRSepUHF2fnEb82OqY1CNxdqT2qv5pvI=
Subject key identifier: 67:A9:73:B6:74:5F:CB:04:BA:40:C1:F0:C0:CF:F4:17:56:AD:0C:E1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5486
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Z6lztnRfywS6QMHwwM_0F1atDOE.roa
Signing time: Sat 11 May 2024 06:54:03 +0000
ROA not before: Sat 11 May 2024 06:54:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21638 (0x5486)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 06:54:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=67A973B6745FCB04BA40C1F0C0CFF41756AD0CE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:92:ab:bf:d6:9c:9e:35:fa:d1:a7:ed:72:5d:
2a:8b:a8:d7:69:fe:fd:00:ee:5d:25:99:8e:18:12:
b6:ba:bf:b5:8d:1a:c3:0c:db:de:5f:53:13:1c:3b:
bf:74:60:e2:c0:8e:bd:0f:88:b0:a5:2d:e8:b1:e3:
58:cd:d1:4b:d3:c2:0f:32:3b:c7:56:d1:2e:e3:fb:
f5:65:dc:0d:97:f8:ac:26:c2:66:14:b3:7f:23:aa:
0d:10:a9:7a:03:a9:a5:f3:c1:c5:01:e5:80:1c:20:
4b:7b:36:1b:76:85:75:1f:cc:39:cd:86:2a:60:9d:
83:41:90:38:29:2e:ba:f4:b3:30:e3:28:41:0b:6b:
bc:64:a5:9b:ce:33:34:dd:cc:28:4e:38:eb:c1:4b:
87:99:41:12:e4:05:18:f9:e9:25:2e:83:a0:68:f2:
84:9d:5a:44:09:74:af:15:be:71:79:8b:09:c7:c9:
6c:76:2c:cb:5f:54:3c:80:df:91:bf:9e:0d:f4:d6:
f0:d8:fa:03:f2:e3:db:73:3e:cc:f0:44:6c:e7:fe:
57:bd:ad:ca:75:7c:eb:32:28:fa:0d:cd:5b:4a:e1:
06:4e:09:42:1d:99:0f:c3:9c:5d:f6:64:d5:6c:62:
97:9e:7b:cb:72:d4:dd:4b:43:c6:8f:12:45:32:be:
40:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A9:73:B6:74:5F:CB:04:BA:40:C1:F0:C0:CF:F4:17:56:AD:0C:E1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Z6lztnRfywS6QMHwwM_0F1atDOE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:ee:1b:a1:23:5e:89:b8:b8:61:54:c3:eb:33:36:43:f6:97:
35:80:3e:b0:9f:3c:1b:ce:0b:16:61:25:f6:cf:2d:ee:f2:f2:
38:86:94:9a:ed:c6:65:98:1d:0e:9d:a0:87:ab:f5:3b:a3:32:
18:4d:28:f7:41:53:38:b9:67:ff:17:88:e0:73:1e:d1:c1:ef:
a6:83:bc:3b:d8:41:02:6c:33:44:a6:45:8f:e6:c3:09:63:c3:
44:d6:98:0a:a5:02:36:3a:b7:d0:4b:d9:3a:4e:13:c8:1f:41:
e2:99:18:2a:7f:76:9e:46:80:ba:d1:7b:34:a7:d9:6a:6f:a4:
7c:cc:28:93:62:bc:ce:45:fc:d5:39:2c:b0:1d:47:be:7d:f6:
98:ea:31:3f:bd:e6:11:f0:9e:62:bd:14:f8:e1:6a:6b:27:09:
22:5f:8c:0f:ec:e5:11:9d:d5:85:2b:2f:05:c2:a7:1a:55:12:
2f:dc:9d:ed:89:31:ce:a5:3f:48:cf:f2:14:ec:86:f2:79:db:
e3:cc:20:9d:09:e4:85:31:83:88:77:74:8c:bd:54:db:fe:a5:
53:f4:02:22:1a:d7:51:08:ff:e3:73:0b:e7:72:36:8f:2f:3d:
84:5e:06:84:d1:4a:fb:2d:58:57:f8:ea:cd:9c:e7:ef:5d:17:
f2:dd:b7:e5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVIYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEw
NjU0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY3QTk3M0I2NzQ1RkNC
MDRCQTQwQzFGMEMwQ0ZGNDE3NTZBRDBDRTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCykqu/1pyeNfrRp+1yXSqLqNdp/v0A7l0lmY4YEra6v7WNGsMM
295fUxMcO790YOLAjr0PiLClLeix41jN0UvTwg8yO8dW0S7j+/Vl3A2X+KwmwmYU
s38jqg0QqXoDqaXzwcUB5YAcIEt7Nht2hXUfzDnNhipgnYNBkDgpLrr0szDjKEEL
a7xkpZvOMzTdzChOOOvBS4eZQRLkBRj56SUug6Bo8oSdWkQJdK8VvnF5iwnHyWx2
LMtfVDyA35G/ng301vDY+gPy49tzPszwRGzn/le9rcp1fOsyKPoNzVtK4QZOCUId
mQ/DnF32ZNVsYpeee8ty1N1LQ8aPEkUyvkDfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUZ6lztnRfywS6QMHwwM/0F1atDOEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1o2bHp0blJmeXdTNlFN
SHd3TV8wRjFhdERPRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAVO4boSNeibi4YVTD6zM2Q/aXNYA+sJ88
G84LFmEl9s8t7vLyOIaUmu3GZZgdDp2gh6v1O6MyGE0o90FTOLln/xeI4HMe0cHv
poO8O9hBAmwzRKZFj+bDCWPDRNaYCqUCNjq30EvZOk4TyB9B4pkYKn92nkaAutF7
NKfZam+kfMwok2K8zkX81TkssB1Hvn32mOoxP73mEfCeYr0U+OFqaycJIl+MD+zl
EZ3VhSsvBcKnGlUSL9yd7YkxzqU/SM/yFOyG8nnb48wgnQnkhTGDiHd0jL1U2/6l
U/QCIhrXUQj/43ML53I2jy89hF4GhNFK+y1YV/jqzZzn710X8t235Q==
-----END CERTIFICATE-----
Generated at Sun May 18 01:10:53 2025 by rpki-client