Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GHqVKJ29cu5rEmWcQA2PyAmhNkM.roa
File: GHqVKJ29cu5rEmWcQA2PyAmhNkM.roa (raw, json)
Hash identifier: fEOI9Ti5rLMhVZKAY6DYoy7j9WyOWVnFN47CVfJHD/I=
Subject key identifier: 18:7A:95:28:9D:BD:72:EE:6B:12:65:9C:40:0D:8F:C8:09:A1:36:43
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B96
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GHqVKJ29cu5rEmWcQA2PyAmhNkM.roa
Signing time: Mon 08 Apr 2024 00:52:34 +0000
ROA not before: Mon 08 Apr 2024 00:52:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15254 (0x3b96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 00:52:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=187A95289DBD72EE6B12659C400D8FC809A13643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d2:0c:e4:b9:8d:5c:be:32:3b:47:53:b0:7d:
94:84:c6:00:bb:31:f3:f9:7d:dc:00:4c:31:35:bd:
45:d3:7a:6b:43:a7:2d:52:54:4f:75:38:46:49:e0:
8a:48:14:c1:1b:35:c5:c2:84:ea:ff:db:aa:4a:f7:
ea:07:ac:52:ec:24:e6:e3:7c:ff:ef:b8:71:ff:61:
15:25:58:8b:52:77:40:79:20:d4:3e:3c:50:90:7f:
87:88:d6:8b:03:6c:5c:71:f6:19:7a:7b:7c:7e:74:
2e:5e:7d:c0:ce:97:bd:f3:fe:2f:51:d2:b4:f2:74:
e9:d9:cd:6a:1d:15:05:0f:5d:d4:bf:78:ff:b0:49:
ec:23:c2:84:6c:e1:fe:48:d7:01:6d:f4:58:44:5c:
0f:52:c3:90:28:86:e4:35:5a:3e:21:4c:4f:e1:77:
19:86:5f:f3:bb:9c:44:0c:a5:73:cc:4c:aa:a1:5b:
0b:04:61:f6:24:8e:aa:8d:12:34:11:ad:2f:db:fe:
81:63:d8:2c:48:7a:eb:8c:74:9f:0e:40:b2:a4:ca:
a3:e4:e2:40:eb:27:d5:36:5a:65:c2:ab:b1:74:3f:
55:31:a4:68:24:0c:a2:7d:cf:b8:e8:73:30:12:a7:
9a:6e:49:47:28:9f:19:77:c7:eb:00:ea:d8:cf:27:
c0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:7A:95:28:9D:BD:72:EE:6B:12:65:9C:40:0D:8F:C8:09:A1:36:43
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GHqVKJ29cu5rEmWcQA2PyAmhNkM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:09:8a:56:c4:85:f1:52:0b:70:23:b5:ed:9c:b5:c0:f4:33:
68:aa:77:45:a3:09:e9:95:c0:3f:7a:4a:2a:8f:4e:40:0c:54:
a3:13:b6:4b:ab:13:12:44:c4:b8:bb:5f:a3:01:54:49:40:72:
f3:b7:a3:b7:eb:2c:00:f1:7b:0a:a7:2e:fb:7b:94:9c:f6:bb:
81:49:56:86:16:f4:82:aa:d3:25:9c:28:aa:3e:f3:a5:aa:f8:
e3:64:3f:b0:f7:e3:c1:23:22:9f:44:07:6a:0f:f7:36:5d:f6:
8d:7d:d0:1a:8b:e6:f0:6b:f6:9b:9d:17:8f:dc:59:5d:52:ee:
0a:a9:07:90:fd:7b:5e:bf:24:82:e4:33:a6:e7:6f:32:ce:93:
3c:ea:30:50:b1:df:16:bf:3a:1a:86:59:28:12:eb:50:3c:e5:
d6:87:4d:b0:a3:83:c9:30:19:26:de:c0:64:ed:03:35:cf:22:
5b:ce:41:7f:eb:a6:10:91:c2:64:02:f2:39:d6:d0:d6:52:03:
8c:c2:e1:71:96:53:1b:15:95:b8:03:b7:ec:0b:b5:65:2a:58:
40:ad:32:16:3d:83:c3:d2:a0:31:8b:59:20:8d:9c:0d:b6:f4:
af:58:3f:86:ba:4b:0e:bc:3a:2d:7d:e8:5d:60:bb:91:70:42:
86:5a:20:52
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICO5YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgw
MDUyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4N0E5NTI4OURCRDcy
RUU2QjEyNjU5QzQwMEQ4RkM4MDlBMTM2NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDO0gzkuY1cvjI7R1OwfZSExgC7MfP5fdwATDE1vUXTemtDpy1S
VE91OEZJ4IpIFMEbNcXChOr/26pK9+oHrFLsJObjfP/vuHH/YRUlWItSd0B5INQ+
PFCQf4eI1osDbFxx9hl6e3x+dC5efcDOl73z/i9R0rTydOnZzWodFQUPXdS/eP+w
SewjwoRs4f5I1wFt9FhEXA9Sw5AohuQ1Wj4hTE/hdxmGX/O7nEQMpXPMTKqhWwsE
YfYkjqqNEjQRrS/b/oFj2CxIeuuMdJ8OQLKkyqPk4kDrJ9U2WmXCq7F0P1UxpGgk
DKJ9z7joczASp5puSUconxl3x+sA6tjPJ8CVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGHqVKJ29cu5rEmWcQA2PyAmhNkMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dIcVZLSjI5Y3U1ckVt
V2NRQTJQeUFtaE5rTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAegmKVsSF8VILcCO17Zy1wPQzaKp3RaMJ
6ZXAP3pKKo9OQAxUoxO2S6sTEkTEuLtfowFUSUBy87ejt+ssAPF7Cqcu+3uUnPa7
gUlWhhb0gqrTJZwoqj7zpar442Q/sPfjwSMin0QHag/3Nl32jX3QGovm8Gv2m50X
j9xZXVLuCqkHkP17Xr8kguQzpudvMs6TPOowULHfFr86GoZZKBLrUDzl1odNsKOD
yTAZJt7AZO0DNc8iW85Bf+umEJHCZALyOdbQ1lIDjMLhcZZTGxWVuAO37Au1ZSpY
QK0yFj2Dw9KgMYtZII2cDbb0r1g/hrpLDrw6LX3oXWC7kXBChlogUg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:00:08 2025 by rpki-client