Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pITFu97vMXqQkowfPLZ-EeA0PG0.roa
File: pITFu97vMXqQkowfPLZ-EeA0PG0.roa (raw, json)
Hash identifier: lgBoPzcOPTc+L4wNSNbiBadmaF2Enaux+xfaZIgQdEQ=
Subject key identifier: A4:84:C5:BB:DE:EF:31:7A:90:92:8C:1F:3C:B6:7E:11:E0:34:3C:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 574A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pITFu97vMXqQkowfPLZ-EeA0PG0.roa
Signing time: Tue 14 May 2024 23:24:11 +0000
ROA not before: Tue 14 May 2024 23:24:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22346 (0x574a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 23:24:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A484C5BBDEEF317A90928C1F3CB67E11E0343C6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7b:5a:48:be:c5:9e:58:4d:11:43:aa:a2:1f:
b5:ac:91:91:7d:c8:ab:90:99:85:05:00:5f:58:04:
96:14:dc:17:a1:d6:d4:f3:13:80:dc:ed:ed:68:b2:
ba:d9:35:5a:58:7b:ef:08:59:02:ee:ed:8b:7b:ff:
e8:cb:b3:5d:9d:01:34:bc:a6:22:c0:4c:38:59:51:
a9:1b:7c:99:a9:43:4b:8b:89:43:4a:2d:be:05:c3:
18:cf:9b:bd:29:38:6b:59:24:1f:51:d3:33:f5:40:
7a:a3:67:40:1e:da:48:f2:ee:d0:55:34:69:bb:c4:
c8:8e:96:2a:34:91:c9:39:25:3d:ee:43:cb:90:66:
9e:84:c8:26:8b:3b:bf:fe:71:1d:44:ad:5b:ca:16:
59:96:94:f2:77:7f:cf:63:ab:e2:62:77:e1:d2:18:
18:0d:04:09:f2:94:1d:b9:24:d2:40:11:fc:f7:33:
0b:c3:76:50:e6:f9:7d:fa:24:ba:9a:d2:38:fd:17:
c7:4e:e5:cd:b5:7c:da:97:73:a4:5a:9e:d7:fb:e3:
f6:93:d2:bb:db:e4:c6:02:c7:84:9a:bc:e0:36:e2:
6a:19:9d:e1:0b:66:7b:18:36:eb:16:6a:71:88:74:
9b:46:96:47:c8:72:f3:43:f3:ac:ef:b7:10:0b:73:
36:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:84:C5:BB:DE:EF:31:7A:90:92:8C:1F:3C:B6:7E:11:E0:34:3C:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pITFu97vMXqQkowfPLZ-EeA0PG0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:49:36:4a:99:1f:f9:2d:f1:68:9c:35:7c:86:55:23:8a:b5:
ac:f4:16:da:cf:fd:29:94:11:ec:6d:41:e6:c7:60:96:74:27:
27:ec:39:5e:54:d1:ee:82:c4:0e:af:cc:84:89:87:96:ec:57:
c5:7c:dc:df:8d:2b:56:c5:fd:ce:7d:1a:79:02:c3:20:05:f8:
f0:c4:23:c1:a9:33:7e:3a:09:34:ff:22:65:ab:0c:2f:c2:9f:
ac:92:67:4a:99:c3:dc:97:fc:a8:68:03:4a:d9:1e:35:50:43:
6a:12:b2:63:34:a5:c4:68:87:36:22:76:de:9b:22:ab:1b:b3:
29:19:dd:25:46:6c:f2:3d:00:ce:7e:7e:47:ab:3b:17:43:32:
e6:c9:c1:8b:de:d6:2d:1b:b2:26:61:c3:74:91:3b:c4:e9:84:
17:75:cf:20:42:68:49:d4:52:20:fa:61:e4:8d:28:84:88:14:
af:8b:7f:d7:4d:a5:31:a3:95:1e:89:7d:67:6e:18:04:d3:cf:
83:48:5e:52:76:08:46:c3:f5:ce:67:28:33:94:c0:f3:40:da:
9d:c5:e3:bd:6d:ea:d5:be:f8:c9:a6:91:2b:e7:dd:27:02:a1:
71:33:d4:71:39:2e:4d:e2:12:22:cf:70:72:9d:1a:47:03:29:
47:bc:01:17
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICV0owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQy
MzI0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE0ODRDNUJCREVFRjMx
N0E5MDkyOEMxRjNDQjY3RTExRTAzNDNDNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwe1pIvsWeWE0RQ6qiH7WskZF9yKuQmYUFAF9YBJYU3Beh1tTz
E4Dc7e1osrrZNVpYe+8IWQLu7Yt7/+jLs12dATS8piLATDhZUakbfJmpQ0uLiUNK
Lb4FwxjPm70pOGtZJB9R0zP1QHqjZ0Ae2kjy7tBVNGm7xMiOlio0kck5JT3uQ8uQ
Zp6EyCaLO7/+cR1ErVvKFlmWlPJ3f89jq+Jid+HSGBgNBAnylB25JNJAEfz3MwvD
dlDm+X36JLqa0jj9F8dO5c21fNqXc6Rantf74/aT0rvb5MYCx4SavOA24moZneEL
ZnsYNusWanGIdJtGlkfIcvND86zvtxALczaxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUpITFu97vMXqQkowfPLZ+EeA0PG0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BJVEZ1OTd2TVhxUWtv
d2ZQTFotRWVBMFBHMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAJ0k2Spkf+S3xaJw1fIZVI4q1rPQW2s/9
KZQR7G1B5sdglnQnJ+w5XlTR7oLEDq/MhImHluxXxXzc340rVsX9zn0aeQLDIAX4
8MQjwakzfjoJNP8iZasML8KfrJJnSpnD3Jf8qGgDStkeNVBDahKyYzSlxGiHNiJ2
3psiqxuzKRndJUZs8j0Azn5+R6s7F0My5snBi97WLRuyJmHDdJE7xOmEF3XPIEJo
SdRSIPph5I0ohIgUr4t/102lMaOVHol9Z24YBNPPg0heUnYIRsP1zmcoM5TA80Da
ncXjvW3q1b74yaaRK+fdJwKhcTPUcTkuTeISIs9wcp0aRwMpR7wBFw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:27:06 2025 by rpki-client