Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2PQu8eDQvwfnIYC4Ev5WOqJPafA.roa
File: 2PQu8eDQvwfnIYC4Ev5WOqJPafA.roa (raw, json)
Hash identifier: YKVJ6eEEMzgnprCfLq8g3pTy32ya9mu/tffezXqQD50=
Subject key identifier: D8:F4:2E:F1:E0:D0:BF:07:E7:21:80:B8:12:FE:56:3A:A2:4F:69:F0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4C72
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2PQu8eDQvwfnIYC4Ev5WOqJPafA.roa
Signing time: Tue 30 Apr 2024 12:23:34 +0000
ROA not before: Tue 30 Apr 2024 12:23:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19570 (0x4c72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 12:23:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D8F42EF1E0D0BF07E72180B812FE563AA24F69F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e6:e5:80:cf:c4:b0:59:3c:35:59:d6:75:8f:
9c:d9:31:5e:b2:4e:ce:56:ea:6b:fc:e6:ab:09:5d:
b1:80:c2:c8:83:d6:31:67:c8:19:a6:56:c1:d1:69:
c0:3a:c5:50:52:7c:9e:d7:99:7e:ec:64:13:d7:67:
43:a1:70:78:8d:61:e9:42:d1:13:a2:ae:41:1d:2c:
c0:d6:17:02:c9:f2:bc:bb:91:2c:f2:f3:3b:89:19:
ed:66:e0:6a:d1:d9:35:d4:d8:78:f8:a6:7f:43:d1:
79:c7:23:8d:df:bb:7f:0a:f7:4a:71:98:92:87:0c:
0e:0a:d4:7a:77:a0:95:63:fc:b0:1d:ea:e8:19:48:
25:d6:a7:8b:9e:d2:1f:66:c3:7c:91:43:ec:f1:08:
ff:d1:b1:10:bc:b0:ce:76:9c:32:69:de:0f:36:39:
1d:47:6e:2a:11:0f:36:61:e9:be:4c:06:1c:d2:d1:
49:17:a0:64:1a:3e:f0:f5:d8:b4:c4:d9:43:a2:d7:
36:9b:aa:fd:49:f0:f8:5e:61:a5:fd:3b:57:48:3c:
b6:01:3b:cb:20:c4:7b:ff:5a:7e:86:c4:42:16:35:
17:8f:b9:2d:64:3a:c1:ba:94:d0:48:a8:d3:d3:7d:
5d:db:42:f9:1a:29:41:96:66:fe:70:44:db:7d:5d:
08:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F4:2E:F1:E0:D0:BF:07:E7:21:80:B8:12:FE:56:3A:A2:4F:69:F0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2PQu8eDQvwfnIYC4Ev5WOqJPafA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:19:7f:9a:b6:f8:db:ff:31:0c:0e:e4:23:6f:e4:ae:68:ee:
82:21:de:64:6f:e8:a5:3d:35:9f:2d:cf:35:26:c3:27:c5:c1:
a8:f0:62:9d:06:38:fa:56:e1:84:f1:bb:50:18:2a:f5:94:f2:
91:5f:82:c3:21:28:6a:89:f4:b0:9f:f1:cf:89:ca:be:6e:c9:
a8:7a:16:63:23:86:b4:f1:53:3e:85:64:43:67:9d:de:22:b7:
26:02:0f:d3:ce:db:97:d3:fe:95:81:bf:d8:ee:f3:3a:9e:14:
62:9e:a6:5c:8f:96:58:0c:e7:20:35:ee:87:11:57:24:4b:a9:
05:ca:60:9b:bd:e4:cb:04:97:ec:00:e9:26:63:99:e9:c5:17:
d8:cd:00:2f:ae:14:d2:e5:d3:f2:54:cc:b2:aa:35:c6:41:93:
49:ad:ed:17:3e:7b:07:b3:d0:b1:6f:70:4d:ac:a5:1c:4e:f9:
b0:bb:3f:88:6c:a9:3a:da:a0:5d:a3:5c:dd:e2:b6:f5:a2:4d:
43:e3:a5:4a:f1:57:84:1d:36:ee:a4:41:8c:17:ed:a1:07:f5:
89:a3:d0:9f:b2:4f:d3:be:3f:fd:02:e7:94:ee:e3:0c:19:3d:
20:c7:3e:8c:df:b3:9b:00:48:36:ff:a5:f7:e3:30:70:aa:c7:
ed:32:b2:70
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTHIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAx
MjIzMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ4RjQyRUYxRTBEMEJG
MDdFNzIxODBCODEyRkU1NjNBQTI0RjY5RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDb5uWAz8SwWTw1WdZ1j5zZMV6yTs5W6mv85qsJXbGAwsiD1jFn
yBmmVsHRacA6xVBSfJ7XmX7sZBPXZ0OhcHiNYelC0ROirkEdLMDWFwLJ8ry7kSzy
8zuJGe1m4GrR2TXU2Hj4pn9D0XnHI43fu38K90pxmJKHDA4K1Hp3oJVj/LAd6ugZ
SCXWp4ue0h9mw3yRQ+zxCP/RsRC8sM52nDJp3g82OR1HbioRDzZh6b5MBhzS0UkX
oGQaPvD12LTE2UOi1zabqv1J8PheYaX9O1dIPLYBO8sgxHv/Wn6GxEIWNRePuS1k
OsG6lNBIqNPTfV3bQvkaKUGWZv5wRNt9XQh1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2PQu8eDQvwfnIYC4Ev5WOqJPafAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJQUXU4ZURRdndmbklZ
QzRFdjVXT3FKUGFmQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAMhl/mrb42/8xDA7kI2/krmjugiHeZG/o
pT01ny3PNSbDJ8XBqPBinQY4+lbhhPG7UBgq9ZTykV+CwyEoaon0sJ/xz4nKvm7J
qHoWYyOGtPFTPoVkQ2ed3iK3JgIP087bl9P+lYG/2O7zOp4UYp6mXI+WWAznIDXu
hxFXJEupBcpgm73kywSX7ADpJmOZ6cUX2M0AL64U0uXT8lTMsqo1xkGTSa3tFz57
B7PQsW9wTaylHE75sLs/iGypOtqgXaNc3eK29aJNQ+OlSvFXhB027qRBjBftoQf1
iaPQn7JP074//QLnlO7jDBk9IMc+jN+zmwBINv+l9+MwcKrH7TKycA==
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:04:55 2025 by rpki-client