Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/FDdda2im8pmLj1riRENzYSW_2DM.roa
File: FDdda2im8pmLj1riRENzYSW_2DM.roa (raw, json)
Hash identifier: mTPGC20T8c/JykGqo/73u7gCKY0u2NeU/Gkljg7lKv4=
Subject key identifier: 14:37:5D:6B:68:A6:F2:99:8B:8F:5A:E2:44:43:73:61:25:BF:D8:33
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 39FA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FDdda2im8pmLj1riRENzYSW_2DM.roa
Signing time: Fri 05 Apr 2024 21:22:26 +0000
ROA not before: Fri 05 Apr 2024 21:22:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14842 (0x39fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 21:22:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=14375D6B68A6F2998B8F5AE24443736125BFD833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:96:d3:20:27:c9:8a:b3:6d:f3:78:d6:d1:f6:
a5:2a:70:c8:d3:63:10:b9:e0:0f:02:fd:ea:24:b1:
ee:bd:0b:dd:8f:a7:f0:2d:ff:5d:39:7f:d5:51:d2:
2f:5a:36:ea:6e:c7:c5:76:0a:6c:b4:51:86:cc:ca:
8f:d0:d7:76:e3:2a:0c:90:25:3b:3e:d4:09:e4:c5:
13:a5:4d:d0:19:2e:94:36:b4:ad:b0:fd:50:71:53:
64:38:52:be:ce:6e:5f:63:6b:82:0c:59:55:92:3d:
40:a3:6c:59:22:1f:4f:4f:fd:af:b3:62:2a:f5:88:
cf:9b:ad:38:cc:51:e4:48:fd:39:0f:7d:79:40:b8:
69:9e:eb:e8:9e:b0:0a:79:ae:51:7a:c5:36:0f:b5:
5c:a4:b4:4c:e7:e2:85:ef:6f:03:f4:28:24:d9:40:
fb:e4:79:b2:ca:a2:c2:35:d5:6d:b6:2b:7e:5b:c9:
30:3a:a8:cb:fe:f1:56:18:a3:0b:20:68:5e:bf:27:
7c:a1:94:24:cb:ae:03:a9:d3:01:46:4a:22:c4:ed:
30:c0:e0:83:55:1e:3c:be:51:a1:02:00:2a:d6:ed:
b0:56:af:4b:85:52:f1:8d:3a:bb:ad:39:26:08:f6:
81:0e:4f:15:c0:10:5b:31:b5:62:56:8c:1d:c1:5d:
f4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:37:5D:6B:68:A6:F2:99:8B:8F:5A:E2:44:43:73:61:25:BF:D8:33
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FDdda2im8pmLj1riRENzYSW_2DM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:a6:ec:39:1b:f3:92:de:00:6d:69:ec:48:0c:2a:8e:08:7e:
62:e1:63:7e:34:97:66:e5:76:33:15:b6:59:ae:f5:8c:72:e6:
a6:b7:16:4b:b0:02:68:2b:2f:a3:7c:b7:63:43:09:dd:eb:07:
5b:90:e1:6f:37:d3:18:e0:7f:9b:1f:ab:63:6c:73:e3:20:dd:
34:c6:a7:2b:23:09:13:62:82:af:f5:71:d3:26:e3:57:16:6e:
e4:e6:6d:eb:b7:c1:21:ab:a9:08:3c:e1:dc:4d:ba:42:ac:16:
4d:c2:fe:51:40:2c:59:f4:ac:35:43:e9:ae:fe:28:14:4a:e7:
62:7b:19:8f:bc:6e:06:06:85:b0:19:f2:54:26:a3:f5:36:e7:
43:21:a5:8c:b5:03:9b:83:a0:b2:86:f5:cf:61:67:f0:87:c9:
83:0c:80:11:68:c1:b8:15:02:c3:f4:c0:95:d5:62:56:d5:1e:
87:14:70:95:4c:4a:cb:36:59:40:14:94:dc:88:03:f3:0f:be:
7d:cb:60:b0:44:59:01:eb:e5:ad:2f:d5:4c:69:fc:83:20:5a:
f9:71:7f:62:a0:63:49:9c:ac:d5:b2:82:9b:75:88:b7:81:01:
9e:eb:00:f0:12:0f:df:82:e8:60:85:0c:20:c8:34:b3:62:04:
80:f8:a1:42
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUy
MTIyMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE0Mzc1RDZCNjhBNkYy
OTk4QjhGNUFFMjQ0NDM3MzYxMjVCRkQ4MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyltMgJ8mKs23zeNbR9qUqcMjTYxC54A8C/eokse69C92Pp/At
/105f9VR0i9aNupux8V2Cmy0UYbMyo/Q13bjKgyQJTs+1AnkxROlTdAZLpQ2tK2w
/VBxU2Q4Ur7Obl9ja4IMWVWSPUCjbFkiH09P/a+zYir1iM+brTjMUeRI/TkPfXlA
uGme6+iesAp5rlF6xTYPtVyktEzn4oXvbwP0KCTZQPvkebLKosI11W22K35byTA6
qMv+8VYYowsgaF6/J3yhlCTLrgOp0wFGSiLE7TDA4INVHjy+UaECACrW7bBWr0uF
UvGNOrutOSYI9oEOTxXAEFsxtWJWjB3BXfTrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUFDdda2im8pmLj1riRENzYSW/2DMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZEZGRhMmltOHBtTGox
cmlSRU56WVNXXzJETS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAAKbsORvzkt4AbWnsSAwqjgh+YuFjfjSX
ZuV2MxW2Wa71jHLmprcWS7ACaCsvo3y3Y0MJ3esHW5DhbzfTGOB/mx+rY2xz4yDd
NManKyMJE2KCr/Vx0ybjVxZu5OZt67fBIaupCDzh3E26QqwWTcL+UUAsWfSsNUPp
rv4oFErnYnsZj7xuBgaFsBnyVCaj9TbnQyGljLUDm4Ogsob1z2Fn8IfJgwyAEWjB
uBUCw/TAldViVtUehxRwlUxKyzZZQBSU3IgD8w++fctgsERZAevlrS/VTGn8gyBa
+XF/YqBjSZys1bKCm3WIt4EBnusA8BIP34LoYIUMIMg0s2IEgPihQg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:04:24 2025 by rpki-client