Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dov2j5vUk3nNJdLvr7M1_wdfiv8.roa
File: dov2j5vUk3nNJdLvr7M1_wdfiv8.roa (raw, json)
Hash identifier: XsQbpKltq6HRYAvdSlWVmukfS72XzvIQ297wpm/mxuw=
Subject key identifier: 76:8B:F6:8F:9B:D4:93:79:CD:25:D2:EF:AF:B3:35:FF:07:5F:8A:FF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 580E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dov2j5vUk3nNJdLvr7M1_wdfiv8.roa
Signing time: Wed 15 May 2024 23:54:24 +0000
ROA not before: Wed 15 May 2024 23:54:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22542 (0x580e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 23:54:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=768BF68F9BD49379CD25D2EFAFB335FF075F8AFF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ef:ab:69:5b:75:77:12:eb:37:10:b5:29:4e:
c1:9e:34:d1:4b:3a:bb:d3:0c:65:76:8d:fe:ef:de:
0d:03:75:c5:19:c2:13:67:5b:ee:d7:31:69:36:09:
c5:f3:3c:dc:f7:24:95:66:d0:70:3b:42:bc:80:04:
9b:4c:71:c3:68:a3:27:d4:60:2b:18:16:7e:e1:48:
c9:ca:98:f3:7f:1e:b8:37:77:9a:de:20:af:77:f0:
82:e0:32:a8:59:bd:60:1a:6a:73:e1:c8:9e:81:2c:
a5:21:ca:96:c8:b5:b2:6c:4d:d9:ac:a6:8e:63:81:
30:4b:92:49:2b:97:4f:04:3f:10:ce:6d:c2:a4:24:
88:ab:b8:6d:6c:6f:db:93:32:0f:0e:7c:05:e5:fe:
15:9b:9b:80:af:f0:5e:2b:a2:d8:08:d5:c7:24:2c:
bb:ec:5d:b0:50:53:3b:a4:87:07:27:1e:2d:25:9e:
4c:ce:e4:98:8c:cb:ba:13:0c:ef:a6:8c:83:e7:54:
8a:13:84:32:34:58:66:c2:b9:52:51:ff:20:ee:81:
20:07:fb:90:e7:63:71:3e:1e:5a:25:47:81:46:00:
96:8f:f6:f5:c7:25:81:2b:9a:64:49:cc:bb:f6:f8:
d8:21:e8:ad:dc:75:68:5e:3e:70:25:e3:28:94:00:
b9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8B:F6:8F:9B:D4:93:79:CD:25:D2:EF:AF:B3:35:FF:07:5F:8A:FF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dov2j5vUk3nNJdLvr7M1_wdfiv8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
01:4f:87:17:1d:26:bf:37:0a:9b:dc:b5:57:71:bc:53:41:16:
04:06:40:dd:4c:6e:d7:87:d7:14:f8:d9:37:04:19:0c:fe:38:
61:ec:ad:a4:18:93:4e:33:5e:42:b7:df:b0:69:31:fa:ec:80:
be:28:19:8c:9c:56:94:27:26:ca:68:03:30:85:de:2e:39:c5:
90:2b:e9:83:a6:e1:12:bb:a1:d0:91:32:3f:96:62:94:8d:00:
aa:fb:8d:75:56:19:96:72:25:64:6a:74:a0:63:c4:f2:ac:b7:
d7:0f:7d:2f:08:4a:30:67:d0:5d:c7:a4:76:06:bc:3e:86:68:
2a:fb:8f:5d:bc:4d:b9:f1:77:a0:1f:fa:89:97:d9:4c:f8:9d:
69:c7:97:06:4e:82:84:40:ed:28:07:6b:a8:b9:ab:40:74:29:
9e:f7:f6:9f:dd:bf:7d:3a:e5:9f:a6:85:01:6e:c7:98:91:42:
49:ee:4f:2e:bb:7e:7c:10:59:b1:a7:f5:94:77:62:c2:1f:35:
4d:a2:2b:a6:d5:cd:de:a4:98:64:8c:7f:91:47:f4:9b:60:1d:
0c:1d:ae:db:43:2c:0b:d0:26:4e:5f:1c:11:57:7b:fb:01:00:
81:a6:cf:de:94:e5:8c:f0:f8:ca:13:99:f6:5a:bc:8c:00:24:
75:1e:77:c1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICWA4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUy
MzU0MjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc2OEJGNjhGOUJENDkz
NzlDRDI1RDJFRkFGQjMzNUZGMDc1RjhBRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDC76tpW3V3Eus3ELUpTsGeNNFLOrvTDGV2jf7v3g0DdcUZwhNn
W+7XMWk2CcXzPNz3JJVm0HA7QryABJtMccNooyfUYCsYFn7hSMnKmPN/Hrg3d5re
IK938ILgMqhZvWAaanPhyJ6BLKUhypbItbJsTdmspo5jgTBLkkkrl08EPxDObcKk
JIiruG1sb9uTMg8OfAXl/hWbm4Cv8F4rotgI1cckLLvsXbBQUzukhwcnHi0lnkzO
5JiMy7oTDO+mjIPnVIoThDI0WGbCuVJR/yDugSAH+5DnY3E+HlolR4FGAJaP9vXH
JYErmmRJzLv2+Ngh6K3cdWhePnAl4yiUALnTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdov2j5vUk3nNJdLvr7M1/wdfiv8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RvdjJqNXZVazNuTkpk
THZyN00xX3dkZml2OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAAU+HFx0mvzcKm9y1V3G8U0EWBAZA3Uxu
14fXFPjZNwQZDP44YeytpBiTTjNeQrffsGkx+uyAvigZjJxWlCcmymgDMIXeLjnF
kCvpg6bhEruh0JEyP5ZilI0AqvuNdVYZlnIlZGp0oGPE8qy31w99LwhKMGfQXcek
dga8PoZoKvuPXbxNufF3oB/6iZfZTPidaceXBk6ChEDtKAdrqLmrQHQpnvf2n92/
fTrln6aFAW7HmJFCSe5PLrt+fBBZsaf1lHdiwh81TaIrptXN3qSYZIx/kUf0m2Ad
DB2u20MsC9AmTl8cEVd7+wEAgabP3pTljPD4yhOZ9lq8jAAkdR53wQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:28:41 2025 by rpki-client