Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/S0IuYi90qmMfO3D7wsI3Ed7NxzA.roa
File: S0IuYi90qmMfO3D7wsI3Ed7NxzA.roa (raw, json)
Hash identifier: 6ILup+IY1Us5KwZUNTwX+nc0qv9VQUQHkAbhjZrG9I8=
Subject key identifier: 4B:42:2E:62:2F:74:AA:63:1F:3B:70:FB:C2:C2:37:11:DE:CD:C7:30
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F9A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/S0IuYi90qmMfO3D7wsI3Ed7NxzA.roa
Signing time: Sat 04 May 2024 17:23:50 +0000
ROA not before: Sat 04 May 2024 17:23:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20378 (0x4f9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 17:23:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4B422E622F74AA631F3B70FBC2C23711DECDC730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6f:32:b2:61:cf:3b:e5:da:96:8e:c7:09:f8:
20:c3:09:b8:6a:9b:c9:03:b2:1f:0f:c9:26:58:22:
46:f2:9f:b7:e3:77:14:0e:69:19:e2:3f:9b:83:ec:
f0:60:40:ae:a6:64:e6:35:f6:a3:1d:de:9a:d3:6f:
be:23:1c:95:b7:00:a6:36:cc:0c:db:f4:41:cc:fb:
03:22:0e:b5:4c:10:61:b6:7a:5a:9a:fe:93:27:67:
f4:f1:28:e9:7f:28:1f:57:96:e1:9c:cb:e7:c1:9c:
6d:15:8c:e5:26:74:0c:4b:e8:7c:a9:99:76:de:fc:
8c:eb:1d:86:b8:3b:5f:a5:c2:6a:69:4a:be:f2:e6:
00:b3:c2:c2:27:6f:1a:2e:c8:9c:29:8d:78:e4:21:
b7:92:8e:ec:f1:32:44:9d:fa:9b:46:b4:72:cb:79:
40:f5:ad:fa:12:b2:85:c8:70:55:3f:d0:e3:97:38:
04:f7:0f:47:fc:7d:f5:48:2b:d7:c8:7c:81:1a:88:
0b:b5:27:f5:b4:65:42:0b:35:9a:a9:9d:d8:c8:1a:
ff:02:43:c0:55:97:b8:4e:1e:9d:11:38:a3:f6:ad:
30:30:94:27:7e:c4:fc:67:52:dc:29:b8:3d:e1:92:
a2:7c:eb:b6:00:fe:9b:2a:a8:e6:ef:90:c5:ec:72:
70:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:42:2E:62:2F:74:AA:63:1F:3B:70:FB:C2:C2:37:11:DE:CD:C7:30
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/S0IuYi90qmMfO3D7wsI3Ed7NxzA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:ac:e3:60:52:d7:d8:9f:54:d9:79:a4:41:61:81:9b:3e:ce:
a5:ab:6c:b6:8e:b0:54:f3:68:68:14:79:04:fc:9d:20:9f:7f:
e9:4c:bc:a1:65:c8:4e:7b:48:eb:a1:cb:c9:63:5e:48:61:7d:
b3:99:d5:6a:1c:b7:0c:8d:a1:c0:8e:68:74:04:4a:df:d9:0d:
72:9d:2d:14:f2:26:d2:2e:59:73:d8:f0:2c:77:68:2d:02:2e:
d6:6f:94:53:d6:45:f9:af:ec:14:2c:66:17:83:71:43:d9:c9:
1d:ad:fd:c8:a1:ac:e2:71:e5:ff:41:eb:8c:cb:ef:c5:d6:6d:
2e:79:a8:68:e1:eb:07:30:57:7f:99:5c:47:01:8f:32:f1:2e:
f6:15:75:5f:e5:f3:33:1f:ab:7f:61:7c:3c:fa:2e:95:1b:2a:
72:95:ef:dd:7e:55:0a:e6:a7:c5:0a:27:3e:f0:04:e8:9f:a7:
0d:56:2c:dd:93:b5:a5:38:92:d4:46:aa:78:d2:ad:ca:da:74:
f0:86:0b:31:a7:17:50:16:bc:64:c7:6d:28:84:55:c3:86:c2:
81:8c:8c:dd:b7:2e:ac:77:33:65:bf:1d:61:eb:f4:ce:93:01:
fc:91:a9:d7:96:bb:d3:51:54:c1:d8:16:e4:8a:dd:73:05:a3:
75:da:7b:20
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICT5owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQx
NzIzNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRCNDIyRTYyMkY3NEFB
NjMxRjNCNzBGQkMyQzIzNzExREVDREM3MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8bzKyYc875dqWjscJ+CDDCbhqm8kDsh8PySZYIkbyn7fjdxQO
aRniP5uD7PBgQK6mZOY19qMd3prTb74jHJW3AKY2zAzb9EHM+wMiDrVMEGG2elqa
/pMnZ/TxKOl/KB9XluGcy+fBnG0VjOUmdAxL6HypmXbe/IzrHYa4O1+lwmppSr7y
5gCzwsInbxouyJwpjXjkIbeSjuzxMkSd+ptGtHLLeUD1rfoSsoXIcFU/0OOXOAT3
D0f8ffVIK9fIfIEaiAu1J/W0ZUILNZqpndjIGv8CQ8BVl7hOHp0ROKP2rTAwlCd+
xPxnUtwpuD3hkqJ867YA/psqqObvkMXscnBvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUS0IuYi90qmMfO3D7wsI3Ed7NxzAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1MwSXVZaTkwcW1NZk8z
RDd3c0kzRWQ3Tnh6QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEANazjYFLX2J9U2XmkQWGBmz7Opatsto6w
VPNoaBR5BPydIJ9/6Uy8oWXITntI66HLyWNeSGF9s5nVahy3DI2hwI5odARK39kN
cp0tFPIm0i5Zc9jwLHdoLQIu1m+UU9ZF+a/sFCxmF4NxQ9nJHa39yKGs4nHl/0Hr
jMvvxdZtLnmoaOHrBzBXf5lcRwGPMvEu9hV1X+XzMx+rf2F8PPoulRsqcpXv3X5V
CuanxQonPvAE6J+nDVYs3ZO1pTiS1EaqeNKtytp08IYLMacXUBa8ZMdtKIRVw4bC
gYyM3bcurHczZb8dYev0zpMB/JGp15a701FUwdgW5IrdcwWjddp7IA==
-----END CERTIFICATE-----
Generated at Sat Jun 21 05:36:56 2025 by rpki-client