Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/w2edyocLkHNgyqGVNBcNBSr0R9Y.roa
File: w2edyocLkHNgyqGVNBcNBSr0R9Y.roa (raw, json)
Hash identifier: DNDnH4nY814qeIc98kVExiV7HkGea9CDYSBosvKhrBo=
Subject key identifier: C3:67:9D:CA:87:0B:90:73:60:CA:A1:95:34:17:0D:05:2A:F4:47:D6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FDA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/w2edyocLkHNgyqGVNBcNBSr0R9Y.roa
Signing time: Sun 05 May 2024 01:23:49 +0000
ROA not before: Sun 05 May 2024 01:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20442 (0x4fda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 01:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C3679DCA870B907360CAA19534170D052AF447D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cc:94:d1:d3:12:4b:ba:bf:f6:d9:dd:55:9c:
e3:9d:7e:a0:00:41:17:3e:08:7e:9b:00:36:4d:79:
ac:5c:78:05:e6:1b:9b:2e:5a:87:65:77:6a:af:3f:
ae:1d:48:f4:f2:1f:2d:91:79:d0:1b:b1:da:31:0b:
9d:aa:ac:7e:5f:0e:79:71:d6:a9:ad:06:08:b0:52:
0f:b7:a5:ba:a5:5b:52:96:3c:00:ca:70:12:e2:00:
34:ae:42:07:32:31:5b:47:fb:0b:5a:52:36:31:65:
e2:b6:c4:d6:65:b2:83:ae:ed:44:51:72:96:d1:16:
c5:43:c0:a1:79:8d:6b:c0:6d:fd:db:fd:3e:8f:69:
da:7e:23:4f:7d:22:50:40:fa:87:5a:a3:d6:ed:02:
05:c4:3c:5d:89:ce:fb:7b:c3:03:c6:41:46:32:86:
8f:0f:85:31:f7:13:07:dd:80:bd:25:89:73:63:5d:
b6:df:91:d5:cc:a7:2b:d2:bb:c4:2b:36:4d:5f:03:
e9:56:54:b5:59:28:e7:d7:e7:3a:b3:f4:39:d8:8b:
72:4e:1a:4d:8c:ba:7e:43:b6:bf:26:21:e7:df:cc:
be:02:ac:ae:13:01:2c:50:7c:ca:7b:e0:cc:5f:a6:
94:fd:9d:cf:96:dc:65:38:b9:36:e7:4f:1e:f1:c7:
05:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:67:9D:CA:87:0B:90:73:60:CA:A1:95:34:17:0D:05:2A:F4:47:D6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/w2edyocLkHNgyqGVNBcNBSr0R9Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
14:e0:35:0a:75:80:e2:e1:e4:18:41:d6:c9:4d:92:2b:c7:d1:
56:67:74:3b:9e:9c:50:60:d1:f6:e4:85:ca:71:83:c9:cd:7c:
11:6f:c7:12:cc:87:26:32:65:e6:e3:6e:23:3f:4f:f9:9e:6e:
90:53:82:e6:c5:56:79:c7:c3:a4:e2:0f:fb:05:86:aa:6d:05:
29:30:95:9b:f2:fc:f8:7c:9d:54:82:70:30:dd:c6:94:5a:ae:
14:ba:aa:4b:33:94:77:bb:a6:13:f0:28:4a:05:8a:77:75:d4:
ea:08:ec:bd:53:56:f6:0f:e8:52:0d:9b:b6:ca:bb:ea:25:b0:
6a:99:b7:72:ba:39:c3:30:55:09:81:2f:93:be:dc:fd:e6:ce:
7d:32:db:bb:70:11:ca:c3:98:b5:d8:6c:c3:40:2d:49:3e:48:
09:ba:82:b3:b9:b1:75:62:55:b5:e3:5e:5a:7a:a1:e4:34:23:
9a:b5:0a:6d:82:10:a9:a0:2e:fd:08:18:2b:1b:fe:c1:2a:7d:
75:2d:63:be:fa:32:43:28:e9:d2:11:3d:66:df:29:e1:25:04:
17:e9:e9:be:7a:8c:87:49:71:db:82:f1:47:55:4a:32:bf:52:
a8:f0:1e:40:8b:4a:e0:6f:16:25:9c:ab:1d:0b:5c:8d:80:0d:
ae:33:1f:3f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICT9owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUw
MTIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMzNjc5RENBODcwQjkw
NzM2MENBQTE5NTM0MTcwRDA1MkFGNDQ3RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCzJTR0xJLur/22d1VnOOdfqAAQRc+CH6bADZNeaxceAXmG5su
Wodld2qvP64dSPTyHy2RedAbsdoxC52qrH5fDnlx1qmtBgiwUg+3pbqlW1KWPADK
cBLiADSuQgcyMVtH+wtaUjYxZeK2xNZlsoOu7URRcpbRFsVDwKF5jWvAbf3b/T6P
adp+I099IlBA+odao9btAgXEPF2Jzvt7wwPGQUYyho8PhTH3EwfdgL0liXNjXbbf
kdXMpyvSu8QrNk1fA+lWVLVZKOfX5zqz9DnYi3JOGk2Mun5Dtr8mIeffzL4CrK4T
ASxQfMp74MxfppT9nc+W3GU4uTbnTx7xxwVtAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUw2edyocLkHNgyqGVNBcNBSr0R9YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3cyZWR5b2NMa0hOZ3lx
R1ZOQmNOQlNyMFI5WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAFOA1CnWA4uHkGEHWyU2SK8fRVmd0O56c
UGDR9uSFynGDyc18EW/HEsyHJjJl5uNuIz9P+Z5ukFOC5sVWecfDpOIP+wWGqm0F
KTCVm/L8+HydVIJwMN3GlFquFLqqSzOUd7umE/AoSgWKd3XU6gjsvVNW9g/oUg2b
tsq76iWwapm3cro5wzBVCYEvk77c/ebOfTLbu3ARysOYtdhsw0AtST5ICbqCs7mx
dWJVteNeWnqh5DQjmrUKbYIQqaAu/QgYKxv+wSp9dS1jvvoyQyjp0hE9Zt8p4SUE
F+npvnqMh0lx24LxR1VKMr9SqPAeQItK4G8WJZyrHQtcjYANrjMfPw==
-----END CERTIFICATE-----
Generated at Sun May 18 06:06:26 2025 by rpki-client