Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/S85XjGOHavYtoCaOIS066udAtvc.roa
File: S85XjGOHavYtoCaOIS066udAtvc.roa (raw, json)
Hash identifier: ekfpRA7tTZUrfDWbtLdLxBz+oyhZ6k2yemhnKYu/ulE=
Subject key identifier: 4B:CE:57:8C:63:87:6A:F6:2D:A0:26:8E:21:2D:3A:EA:E7:40:B6:F7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 48AE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/S85XjGOHavYtoCaOIS066udAtvc.roa
Signing time: Thu 25 Apr 2024 11:53:40 +0000
ROA not before: Thu 25 Apr 2024 11:53:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18606 (0x48ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 11:53:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4BCE578C63876AF62DA0268E212D3AEAE740B6F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f4:3e:63:ac:74:77:9d:ff:7f:2b:a1:b3:bf:
7f:65:1c:fe:3b:ec:b5:45:a6:f2:b9:32:04:df:a5:
4a:89:89:14:e3:4d:bc:5d:5d:e8:02:2d:12:b9:b5:
d0:0a:cc:f2:9a:04:4b:12:f6:dc:0f:df:f6:84:8a:
c6:da:67:db:71:c0:51:cc:b7:9a:7c:2f:a3:44:58:
29:13:0c:81:28:ee:93:8f:73:e1:96:ea:d7:b9:af:
fb:e6:ce:cc:a9:07:7b:ee:34:aa:31:94:67:c9:68:
fd:a3:b7:61:d9:60:1d:cc:19:38:16:aa:81:69:74:
cb:36:91:1c:cf:b8:26:80:07:35:c0:c5:85:b6:b9:
d2:f7:f0:60:1e:cf:74:71:50:7b:9b:40:a1:b3:f2:
d7:1e:6c:ce:61:43:d6:36:82:d2:b6:03:ea:f3:2d:
67:82:b1:1b:7a:7b:ee:f4:15:b7:75:79:d7:3e:64:
a6:9c:1a:db:3f:30:01:d2:c9:1a:dc:e8:a0:38:35:
7f:c1:3b:a3:50:ee:47:c1:0c:4b:6b:73:39:f1:dd:
6d:b5:55:7c:3c:76:34:b1:8e:31:98:ad:4f:af:92:
1d:22:8f:22:9e:8a:b2:8e:8f:f8:df:35:06:e1:5f:
c3:9d:5b:dc:15:fd:85:91:80:0b:ee:55:d3:e8:ed:
b0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CE:57:8C:63:87:6A:F6:2D:A0:26:8E:21:2D:3A:EA:E7:40:B6:F7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/S85XjGOHavYtoCaOIS066udAtvc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:67:0a:e2:29:9e:55:98:2d:97:df:10:74:96:6c:a5:4a:f2:
a5:a2:c9:d9:df:2a:ca:b2:be:39:fe:f9:a9:36:69:4f:40:85:
75:9d:50:b6:4e:dc:53:ec:f7:bc:59:cd:9b:62:55:6a:39:f9:
3d:d2:c0:32:00:b3:dd:d9:cf:85:4d:81:30:3a:d2:58:fb:4d:
f0:da:6c:4d:c2:48:b2:a9:d1:2e:ea:5e:09:95:2c:11:87:0a:
aa:a4:38:28:3d:dd:a8:32:80:c2:c4:ae:b8:5f:0c:d7:13:de:
16:83:88:07:24:76:d2:d3:55:63:d4:63:5a:a2:27:54:61:ec:
23:92:fa:67:fa:0d:ee:04:92:dd:00:7a:21:c8:7b:6c:e1:e9:
ea:05:fe:54:9d:b9:ce:b7:bc:5d:30:e1:80:65:2d:33:ca:f2:
c7:a9:bb:e4:99:d1:e1:2c:07:b0:06:7f:ab:b6:82:b8:32:71:
91:cc:2e:2a:7a:30:a1:2b:c0:82:a8:23:46:f3:47:b4:31:e2:
7e:47:2d:8a:22:fb:82:e9:e9:a3:c9:b8:f9:2c:1d:0c:df:43:
a3:22:a7:c6:e7:47:6d:ed:e3:ed:73:87:02:e5:74:51:a0:06:
8a:e6:cb:46:d2:c5:7b:ce:c4:7f:d4:f1:58:17:b4:51:f8:62:
96:73:d6:9e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSK4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUx
MTUzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRCQ0U1NzhDNjM4NzZB
RjYyREEwMjY4RTIxMkQzQUVBRTc0MEI2RjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDS9D5jrHR3nf9/K6Gzv39lHP477LVFpvK5MgTfpUqJiRTjTbxd
XegCLRK5tdAKzPKaBEsS9twP3/aEisbaZ9txwFHMt5p8L6NEWCkTDIEo7pOPc+GW
6te5r/vmzsypB3vuNKoxlGfJaP2jt2HZYB3MGTgWqoFpdMs2kRzPuCaABzXAxYW2
udL38GAez3RxUHubQKGz8tcebM5hQ9Y2gtK2A+rzLWeCsRt6e+70Fbd1edc+ZKac
Gts/MAHSyRrc6KA4NX/BO6NQ7kfBDEtrcznx3W21VXw8djSxjjGYrU+vkh0ijyKe
irKOj/jfNQbhX8OdW9wV/YWRgAvuVdPo7bDvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUS85XjGOHavYtoCaOIS066udAtvcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1M4NVhqR09IYXZZdG9D
YU9JUzA2NnVkQXR2Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAO2cK4imeVZgtl98QdJZspUrypaLJ2d8q
yrK+Of75qTZpT0CFdZ1Qtk7cU+z3vFnNm2JVajn5PdLAMgCz3dnPhU2BMDrSWPtN
8NpsTcJIsqnRLupeCZUsEYcKqqQ4KD3dqDKAwsSuuF8M1xPeFoOIByR20tNVY9Rj
WqInVGHsI5L6Z/oN7gSS3QB6Ich7bOHp6gX+VJ25zre8XTDhgGUtM8ryx6m75JnR
4SwHsAZ/q7aCuDJxkcwuKnowoSvAgqgjRvNHtDHifkctiiL7gunpo8m4+SwdDN9D
oyKnxudHbe3j7XOHAuV0UaAGiubLRtLFe87Ef9TxWBe0UfhilnPWng==
-----END CERTIFICATE-----
Generated at Sat Jun 21 09:53:48 2025 by rpki-client