Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nY5X3hjtqf16lbopHgNnc80G7Xs.roa
File: nY5X3hjtqf16lbopHgNnc80G7Xs.roa (raw, json)
Hash identifier: JIBweWR7m9b8xYmdj/DMHXGdVptm+/MfIW9gG5iaVnQ=
Subject key identifier: 9D:8E:57:DE:18:ED:A9:FD:7A:95:BA:29:1E:03:67:73:CD:06:ED:7B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3476
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nY5X3hjtqf16lbopHgNnc80G7Xs.roa
Signing time: Fri 29 Mar 2024 12:52:05 +0000
ROA not before: Fri 29 Mar 2024 12:52:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13430 (0x3476)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 12:52:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9D8E57DE18EDA9FD7A95BA291E036773CD06ED7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f4:a8:3e:07:38:92:1d:db:a3:60:aa:5a:f1:
4e:eb:b5:92:51:0f:14:5f:b3:48:3f:41:c6:c4:df:
3f:4f:55:8d:f4:ae:f8:17:6f:67:7a:90:aa:df:60:
41:38:e5:b9:ce:43:f5:54:03:de:ab:07:ad:24:8f:
c7:d0:6b:0e:8f:74:e3:03:27:b8:c1:8e:0c:10:79:
d2:77:73:7a:4e:06:01:ea:de:26:25:a9:fd:03:9a:
af:39:28:93:be:ad:0d:3e:b8:de:ab:1d:b4:e5:b6:
54:63:cc:d0:25:ab:61:1d:0c:0f:c7:55:00:02:09:
54:a8:04:9b:c2:b5:0d:01:97:98:24:79:c4:9a:4b:
95:2d:9d:ff:03:aa:68:3f:cd:3c:f2:03:67:e2:c7:
dd:98:5a:1b:2a:d3:17:66:69:f3:86:13:ed:17:14:
21:77:88:4e:a8:4f:f2:f4:95:b1:d5:44:b5:6a:37:
f7:ec:8a:7a:2a:e4:0d:7a:79:57:f1:e4:46:0d:08:
dc:7b:71:b9:8a:e8:04:8d:5b:e5:70:55:4d:03:6c:
c3:71:91:c6:64:14:8c:f2:31:0c:4b:e4:14:3c:c6:
b0:09:ff:1d:92:ee:f6:29:c0:64:f2:85:bd:5e:ea:
76:22:e7:f7:a9:39:09:bf:27:08:20:d8:99:4a:c6:
70:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:8E:57:DE:18:ED:A9:FD:7A:95:BA:29:1E:03:67:73:CD:06:ED:7B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nY5X3hjtqf16lbopHgNnc80G7Xs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:11:53:bc:1e:46:77:5f:65:13:69:7e:be:77:4c:14:87:ef:
67:45:e4:c4:a7:eb:5c:70:ea:1c:e2:f3:f4:2b:55:29:54:47:
be:c3:9d:b9:10:28:5a:7c:73:e6:dd:9d:68:bb:44:be:9c:a9:
48:60:87:c3:83:bd:9c:dd:0f:eb:63:12:43:50:70:c2:01:d2:
b2:92:bc:6b:83:31:4d:75:10:17:cf:f6:e2:0e:ce:b4:7b:37:
e2:bf:ff:1a:e1:88:56:e0:79:b1:b0:78:01:95:f0:2a:60:27:
0b:da:b0:d0:35:e8:aa:f7:25:37:4f:9a:29:16:6c:59:f3:a4:
3d:5d:79:48:58:e5:19:ee:58:33:02:dd:4f:9b:6a:60:ce:3e:
ae:34:34:96:52:cb:0f:56:cf:bf:43:e3:bd:9e:b1:91:a8:a1:
2e:9f:75:35:39:9a:6e:0d:a2:55:35:71:9d:b0:26:2b:59:14:
49:44:cc:c5:a2:cc:6a:8b:0e:9b:5e:3a:6a:e8:2e:ee:de:db:
18:e6:e8:4c:09:2a:6c:57:43:a4:2b:e2:00:a6:00:44:c8:1b:
6b:f0:de:1d:0b:9e:ea:bc:ea:c2:6d:e1:46:d2:56:06:6e:fd:
d4:b1:4a:5d:c6:67:a9:ca:96:c9:33:d5:34:91:87:67:9e:96:
69:24:aa:76
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNHYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkx
MjUyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlEOEU1N0RFMThFREE5
RkQ3QTk1QkEyOTFFMDM2NzczQ0QwNkVEN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDY9Kg+BziSHdujYKpa8U7rtZJRDxRfs0g/QcbE3z9PVY30rvgX
b2d6kKrfYEE45bnOQ/VUA96rB60kj8fQaw6PdOMDJ7jBjgwQedJ3c3pOBgHq3iYl
qf0Dmq85KJO+rQ0+uN6rHbTltlRjzNAlq2EdDA/HVQACCVSoBJvCtQ0Bl5gkecSa
S5Utnf8Dqmg/zTzyA2fix92YWhsq0xdmafOGE+0XFCF3iE6oT/L0lbHVRLVqN/fs
inoq5A16eVfx5EYNCNx7cbmK6ASNW+VwVU0DbMNxkcZkFIzyMQxL5BQ8xrAJ/x2S
7vYpwGTyhb1e6nYi5/epOQm/Jwgg2JlKxnAnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUnY5X3hjtqf16lbopHgNnc80G7XswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25ZNVgzaGp0cWYxNmxi
b3BIZ05uYzgwRzdYcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAERFTvB5Gd19lE2l+vndMFIfvZ0XkxKfr
XHDqHOLz9CtVKVRHvsOduRAoWnxz5t2daLtEvpypSGCHw4O9nN0P62MSQ1BwwgHS
spK8a4MxTXUQF8/24g7OtHs34r//GuGIVuB5sbB4AZXwKmAnC9qw0DXoqvclN0+a
KRZsWfOkPV15SFjlGe5YMwLdT5tqYM4+rjQ0llLLD1bPv0PjvZ6xkaihLp91NTma
bg2iVTVxnbAmK1kUSUTMxaLMaosOm146augu7t7bGOboTAkqbFdDpCviAKYARMgb
a/DeHQue6rzqwm3hRtJWBm791LFKXcZnqcqWyTPVNJGHZ56WaSSqdg==
-----END CERTIFICATE-----
Generated at Sun May 18 05:58:53 2025 by rpki-client