Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/f-kbhyThFnINh1urRFfR4SoT9Og.roa
File: f-kbhyThFnINh1urRFfR4SoT9Og.roa (raw, json)
Hash identifier: G0C7lCvgdbWQE7fvXk5nd46Z8yRyVVf3JhPg4nm7bCc=
Subject key identifier: 7F:E9:1B:87:24:E1:16:72:0D:87:5B:AB:44:57:D1:E1:2A:13:F4:E8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 449E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/f-kbhyThFnINh1urRFfR4SoT9Og.roa
Signing time: Sat 20 Apr 2024 01:53:09 +0000
ROA not before: Sat 20 Apr 2024 01:53:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17566 (0x449e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 01:53:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7FE91B8724E116720D875BAB4457D1E12A13F4E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:27:95:7d:29:50:49:cc:f6:95:54:07:90:ac:
0a:99:43:97:21:3a:b9:69:dd:2d:d7:9e:e4:7b:03:
30:b5:12:68:17:59:fa:e9:ed:52:f8:43:be:e3:a5:
51:70:eb:5c:0e:f3:98:56:e2:dd:de:28:34:96:f5:
99:4f:bb:37:2c:fc:d6:5b:55:fc:b9:3d:14:61:77:
ea:8d:a1:93:f2:6e:a8:f9:02:0b:5a:c3:c2:f8:e3:
79:02:35:37:f5:6e:d0:cf:87:fd:51:0f:61:2f:4d:
43:a6:60:1a:0a:b4:51:b4:55:c0:91:4e:67:f2:01:
5c:d6:5d:ae:15:1f:a2:27:ea:d2:e0:1d:97:80:76:
83:2a:cc:86:55:1c:7e:66:76:8c:65:22:43:01:22:
ef:54:2e:80:ca:ee:7a:1f:04:6f:74:f3:03:9d:47:
61:58:e4:ed:8d:79:5d:dc:97:46:90:d1:d9:6a:20:
d1:bd:bd:85:50:8c:e6:55:e5:d4:20:fb:4a:63:e0:
1a:d3:89:04:14:e7:e2:5c:49:b9:20:ca:4a:30:9f:
5a:64:c6:09:bc:3e:8a:ac:68:ed:0d:e1:bf:69:15:
fd:37:ac:5e:d8:92:84:a1:b4:e6:88:6c:af:9d:85:
78:ff:da:62:af:f9:38:c4:b8:6e:38:16:01:36:64:
5c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E9:1B:87:24:E1:16:72:0D:87:5B:AB:44:57:D1:E1:2A:13:F4:E8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/f-kbhyThFnINh1urRFfR4SoT9Og.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
07:87:c4:e1:ea:51:da:56:57:43:f3:e4:79:8c:54:5c:71:d2:
bf:a7:f3:a5:2e:c2:7d:8a:c8:b3:72:7d:5a:d7:93:ff:19:dc:
bc:eb:57:34:70:90:cd:84:27:61:f2:0d:12:db:8f:45:d3:b2:
eb:f4:44:d0:10:7d:ca:6d:5b:21:07:e6:aa:2c:5b:c9:78:68:
dd:4c:6b:67:bf:fb:ec:7e:28:68:8a:f5:63:67:85:39:0e:7b:
22:1e:fb:72:75:51:e3:3a:0d:db:f2:a5:b7:33:b4:cb:a6:70:
22:c8:7b:df:1c:0b:69:3b:f5:fb:46:72:4f:c5:47:72:9b:4f:
6a:76:d5:51:45:dd:c6:5c:0c:71:aa:bd:00:e3:2e:6b:36:ce:
25:a7:b2:80:50:71:6a:84:12:e3:03:1e:a5:ec:06:42:72:1c:
f7:a2:7d:3f:7c:2f:6d:32:d9:00:70:fd:63:95:f9:3c:a3:f8:
3a:ae:ac:a1:33:74:51:ef:b3:b3:db:e4:ff:88:44:a5:b9:8d:
fc:09:0e:d4:9c:80:56:e2:20:20:e9:53:2f:c9:07:d0:ec:ad:
1c:60:3c:ce:44:96:2c:43:f8:0c:bf:3f:3e:bc:e3:6d:34:90:
1f:5f:8a:cd:c7:44:49:80:5d:91:e3:37:e4:b9:56:1d:4b:09:
37:09:7c:d3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
MTUzMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdGRTkxQjg3MjRFMTE2
NzIwRDg3NUJBQjQ0NTdEMUUxMkExM0Y0RTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlJ5V9KVBJzPaVVAeQrAqZQ5chOrlp3S3XnuR7AzC1EmgXWfrp
7VL4Q77jpVFw61wO85hW4t3eKDSW9ZlPuzcs/NZbVfy5PRRhd+qNoZPybqj5Agta
w8L443kCNTf1btDPh/1RD2EvTUOmYBoKtFG0VcCRTmfyAVzWXa4VH6In6tLgHZeA
doMqzIZVHH5mdoxlIkMBIu9ULoDK7nofBG908wOdR2FY5O2NeV3cl0aQ0dlqING9
vYVQjOZV5dQg+0pj4BrTiQQU5+JcSbkgykown1pkxgm8PoqsaO0N4b9pFf03rF7Y
koShtOaIbK+dhXj/2mKv+TjEuG44FgE2ZFzTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUf+kbhyThFnINh1urRFfR4SoT9OgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Yta2JoeVRoRm5JTmgx
dXJSRmZSNFNvVDlPZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAB4fE4epR2lZXQ/PkeYxUXHHSv6fzpS7C
fYrIs3J9WteT/xncvOtXNHCQzYQnYfINEtuPRdOy6/RE0BB9ym1bIQfmqixbyXho
3UxrZ7/77H4oaIr1Y2eFOQ57Ih77cnVR4zoN2/KltzO0y6ZwIsh73xwLaTv1+0Zy
T8VHcptPanbVUUXdxlwMcaq9AOMuazbOJaeygFBxaoQS4wMepewGQnIc96J9P3wv
bTLZAHD9Y5X5PKP4Oq6soTN0Ue+zs9vk/4hEpbmN/AkO1JyAVuIgIOlTL8kH0Oyt
HGA8zkSWLEP4DL8/PrzjbTSQH1+KzcdESYBdkeM35LlWHUsJNwl80w==
-----END CERTIFICATE-----
Generated at Sat May 17 20:41:54 2025 by rpki-client