Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NHMnQ9I1oFxZs92KLQgHykjvwrU.roa
File: NHMnQ9I1oFxZs92KLQgHykjvwrU.roa (raw, json)
Hash identifier: 2ixzMBtrNjDv8CwL6UUfjRn+hMf6b9bs8YSdJNnnT8Y=
Subject key identifier: 34:73:27:43:D2:35:A0:5C:59:B3:DD:8A:2D:08:07:CA:48:EF:C2:B5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DCA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NHMnQ9I1oFxZs92KLQgHykjvwrU.roa
Signing time: Thu 02 May 2024 07:23:42 +0000
ROA not before: Thu 02 May 2024 07:23:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19914 (0x4dca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 07:23:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=34732743D235A05C59B3DD8A2D0807CA48EFC2B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9d:fc:b4:48:8f:b7:54:d1:6c:fa:6e:04:37:
89:86:e7:02:db:cd:3e:38:2c:1b:09:96:80:2f:aa:
31:e9:50:8a:a7:ba:f7:6c:1e:78:ff:ee:ed:4f:ff:
20:5a:56:f3:c3:46:7d:83:3d:e9:52:a8:39:35:63:
c9:17:a1:0a:6e:13:d0:88:79:ff:a5:f5:ec:e5:77:
e0:43:4e:0f:6c:24:27:1f:8b:87:fc:9f:69:74:cc:
96:d9:ca:24:69:7d:02:51:f9:ef:72:b2:08:29:7a:
f8:2d:d1:ca:68:74:b3:46:45:c1:98:73:17:af:24:
64:0c:55:1d:3b:43:e8:ba:d3:35:a9:cc:1d:a7:89:
fe:1a:4b:d8:eb:07:61:5c:ca:08:df:a7:77:ef:9a:
38:54:67:2d:34:0d:43:b7:f2:44:7b:b3:51:d2:5b:
84:52:08:1a:c9:19:b8:42:03:1c:e2:28:c3:d5:c4:
cc:e0:55:14:c5:d3:af:20:7e:b0:aa:c2:b6:80:65:
26:4a:61:24:13:13:88:29:4b:06:3b:79:55:c0:fc:
92:90:b1:3e:9a:de:10:a1:6c:2b:2c:1b:4b:e7:66:
83:87:14:d9:30:77:87:f6:9b:1a:9a:25:dd:4c:bc:
95:ff:50:a1:63:46:5c:4e:dc:c8:47:de:5f:5c:37:
fb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:73:27:43:D2:35:A0:5C:59:B3:DD:8A:2D:08:07:CA:48:EF:C2:B5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NHMnQ9I1oFxZs92KLQgHykjvwrU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:7c:62:e7:44:52:44:d1:14:aa:82:54:8f:c2:d3:e4:fd:1e:
37:f0:e0:22:8e:d9:fb:f5:07:0d:dc:f8:c2:13:09:49:2f:24:
e7:a2:75:1b:9d:56:b2:71:d2:72:16:36:0b:39:ac:69:f5:fb:
a8:57:f0:c1:10:e3:6f:1b:3b:80:82:bd:b8:36:c5:5e:7d:0f:
c3:e7:76:c6:72:9a:fe:72:5e:48:01:f9:a1:49:11:58:c1:af:
b6:09:15:82:95:b5:e6:85:ab:19:98:aa:1b:18:94:02:00:1b:
d9:18:fc:c6:8f:e4:3a:49:54:b3:cd:30:c4:03:23:e8:fd:cf:
c7:c9:ad:5a:6f:02:dc:7d:5a:b6:7d:33:73:f3:f4:61:a8:9e:
ae:07:90:bf:52:a2:c5:05:be:28:4c:28:3e:ff:fb:8c:15:26:
43:e4:78:93:f8:08:a5:f8:36:c3:b2:58:91:8a:31:87:ea:27:
da:d4:d5:9e:72:b2:42:53:9d:0d:5b:65:4c:13:64:40:26:d4:
bf:11:1b:b1:88:1f:75:1b:95:27:62:17:61:43:6e:df:f8:f9:
c9:19:26:75:02:09:88:c2:15:dc:28:09:f8:39:41:4f:3f:14:
1a:11:5c:a9:d2:4a:61:e9:4f:f1:ea:4c:05:1e:96:ee:04:dd:
c8:ed:1b:be
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTcowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIw
NzIzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM0NzMyNzQzRDIzNUEw
NUM1OUIzREQ4QTJEMDgwN0NBNDhFRkMyQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMnfy0SI+3VNFs+m4EN4mG5wLbzT44LBsJloAvqjHpUIqnuvds
Hnj/7u1P/yBaVvPDRn2DPelSqDk1Y8kXoQpuE9CIef+l9ezld+BDTg9sJCcfi4f8
n2l0zJbZyiRpfQJR+e9ysggpevgt0cpodLNGRcGYcxevJGQMVR07Q+i60zWpzB2n
if4aS9jrB2Fcygjfp3fvmjhUZy00DUO38kR7s1HSW4RSCBrJGbhCAxziKMPVxMzg
VRTF068gfrCqwraAZSZKYSQTE4gpSwY7eVXA/JKQsT6a3hChbCssG0vnZoOHFNkw
d4f2mxqaJd1MvJX/UKFjRlxO3MhH3l9cN/uHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUNHMnQ9I1oFxZs92KLQgHykjvwrUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05ITW5ROUkxb0Z4WnM5
MktMUWdIeWtqdndyVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAEXxi50RSRNEUqoJUj8LT5P0eN/DgIo7Z
+/UHDdz4whMJSS8k56J1G51WsnHSchY2CzmsafX7qFfwwRDjbxs7gIK9uDbFXn0P
w+d2xnKa/nJeSAH5oUkRWMGvtgkVgpW15oWrGZiqGxiUAgAb2Rj8xo/kOklUs80w
xAMj6P3Px8mtWm8C3H1atn0zc/P0YaiergeQv1KixQW+KEwoPv/7jBUmQ+R4k/gI
pfg2w7JYkYoxh+on2tTVnnKyQlOdDVtlTBNkQCbUvxEbsYgfdRuVJ2IXYUNu3/j5
yRkmdQIJiMIV3CgJ+DlBTz8UGhFcqdJKYelP8epMBR6W7gTdyO0bvg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:15 2025 by rpki-client