Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KY-Z6aFE98pdTpqQcV-gqMwe0Iw.roa
File: KY-Z6aFE98pdTpqQcV-gqMwe0Iw.roa (raw, json)
Hash identifier: EQcZhWNp8aJqnMSwJ9k1IsAeA35gteXonsg4hPodhFA=
Subject key identifier: 29:8F:99:E9:A1:44:F7:CA:5D:4E:9A:90:71:5F:A0:A8:CC:1E:D0:8C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F42
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KY-Z6aFE98pdTpqQcV-gqMwe0Iw.roa
Signing time: Fri 12 Apr 2024 22:22:50 +0000
ROA not before: Fri 12 Apr 2024 22:22:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16194 (0x3f42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 22:22:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=298F99E9A144F7CA5D4E9A90715FA0A8CC1ED08C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ba:40:3d:f0:a4:46:36:50:3d:25:d2:8f:7d:
69:e9:e9:b2:a1:06:ac:e2:0a:c9:f0:36:54:01:69:
90:80:35:3c:67:e4:13:89:0e:92:7f:3d:14:49:13:
88:42:13:ec:2f:b4:1c:4c:66:34:ff:30:89:ca:f7:
02:f7:47:06:e0:8e:35:d3:10:a3:82:2d:23:21:52:
f9:2b:51:19:c7:82:e3:73:59:a4:ed:72:7a:e9:8b:
41:19:3f:f1:b3:b3:34:c4:17:da:23:87:6c:ce:9a:
39:ab:de:43:eb:dd:21:a9:f0:45:95:8c:ec:66:9e:
d8:ec:79:41:4d:b5:14:29:cf:c3:1a:0b:5b:bc:f0:
6e:52:eb:5d:93:33:77:ba:a4:f4:fb:d7:dc:51:85:
0b:9a:d4:6a:f5:cb:f6:f4:05:13:2c:f2:4a:27:6b:
4e:ef:49:0d:21:b6:ca:83:30:01:56:47:28:41:58:
84:88:c1:7d:bc:b5:52:4a:49:57:46:03:69:90:e3:
04:a1:d8:55:84:99:14:10:94:72:73:46:b4:9d:79:
26:95:f1:5f:3d:db:1c:cd:56:40:2a:69:c6:9b:0e:
5e:9a:8a:ba:cd:a3:5c:d9:04:19:47:49:5a:9a:47:
91:c5:cd:4b:3d:e2:36:b3:66:1e:46:b9:29:d4:90:
4c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:8F:99:E9:A1:44:F7:CA:5D:4E:9A:90:71:5F:A0:A8:CC:1E:D0:8C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KY-Z6aFE98pdTpqQcV-gqMwe0Iw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b9:6a:e8:5e:ba:4e:49:17:f9:38:4e:57:3e:77:42:2b:ee:06:
8f:8f:e3:86:60:a2:cd:d2:f8:99:04:e0:77:46:bb:58:db:ee:
ae:b0:d3:f0:41:bc:78:bb:4e:ee:77:9b:08:39:be:03:cb:ae:
cc:67:c5:d2:2b:a6:87:2b:7d:59:b2:5a:a7:46:cf:5c:db:67:
dc:d7:2e:73:d7:71:de:e1:55:b8:34:81:a6:1c:7f:fa:d8:91:
1c:8e:0b:f7:c9:85:41:0d:07:40:d9:f7:33:be:e6:04:ea:b9:
aa:41:7a:7e:95:dd:69:e8:50:a4:fa:a7:46:1f:3a:65:92:f5:
94:2f:40:74:1b:82:db:b0:d3:29:a0:f5:1d:dc:dc:d1:e8:e2:
5f:ce:63:27:40:c3:c4:9c:e2:24:42:37:ff:59:9d:c6:a8:94:
4c:11:07:a2:2b:4b:39:18:26:c0:10:bb:85:f3:50:35:6a:e6:
a1:b4:31:d3:39:00:70:8a:2d:91:4e:e5:7d:20:d8:a4:bd:7b:
53:b0:d9:f6:4f:31:30:33:f0:d6:3d:95:3c:0a:7b:b5:ca:c3:
b7:31:21:b4:2f:13:35:49:09:d8:36:a3:e7:f0:33:d9:6d:b5:
c5:45:c1:12:4e:3a:a6:61:e0:5a:58:88:fd:32:27:f1:40:bc:
4c:37:f0:f9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP0IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIy
MjIyNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5OEY5OUU5QTE0NEY3
Q0E1RDRFOUE5MDcxNUZBMEE4Q0MxRUQwOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+ukA98KRGNlA9JdKPfWnp6bKhBqziCsnwNlQBaZCANTxn5BOJ
DpJ/PRRJE4hCE+wvtBxMZjT/MInK9wL3RwbgjjXTEKOCLSMhUvkrURnHguNzWaTt
cnrpi0EZP/GzszTEF9ojh2zOmjmr3kPr3SGp8EWVjOxmntjseUFNtRQpz8MaC1u8
8G5S612TM3e6pPT719xRhQua1Gr1y/b0BRMs8kona07vSQ0htsqDMAFWRyhBWISI
wX28tVJKSVdGA2mQ4wSh2FWEmRQQlHJzRrSdeSaV8V892xzNVkAqacabDl6airrN
o1zZBBlHSVqaR5HFzUs94jazZh5GuSnUkEyzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKY+Z6aFE98pdTpqQcV+gqMwe0IwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tZLVo2YUZFOThwZFRw
cVFjVi1ncU13ZTBJdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAuWroXrpOSRf5OE5XPndCK+4Gj4/jhmCi
zdL4mQTgd0a7WNvurrDT8EG8eLtO7nebCDm+A8uuzGfF0iumhyt9WbJap0bPXNtn
3Ncuc9dx3uFVuDSBphx/+tiRHI4L98mFQQ0HQNn3M77mBOq5qkF6fpXdaehQpPqn
Rh86ZZL1lC9AdBuC27DTKaD1Hdzc0ejiX85jJ0DDxJziJEI3/1mdxqiUTBEHoitL
ORgmwBC7hfNQNWrmobQx0zkAcIotkU7lfSDYpL17U7DZ9k8xMDPw1j2VPAp7tcrD
tzEhtC8TNUkJ2Daj5/Az2W21xUXBEk46pmHgWliI/TIn8UC8TDfw+Q==
-----END CERTIFICATE-----
Generated at Sat Jun 21 10:06:38 2025 by rpki-client