Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NUk6Si0F7-c-qlbpZu7rA4TqXys.roa
File: NUk6Si0F7-c-qlbpZu7rA4TqXys.roa (raw, json)
Hash identifier: pWNQPUxi/Pm0Eg3jQTitAa73BoSBM02yqq4ta/ujJ2Q=
Subject key identifier: 35:49:3A:4A:2D:05:EF:E7:3E:AA:56:E9:66:EE:EB:03:84:EA:5F:2B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C16
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NUk6Si0F7-c-qlbpZu7rA4TqXys.roa
Signing time: Mon 08 Apr 2024 16:52:34 +0000
ROA not before: Mon 08 Apr 2024 16:52:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15382 (0x3c16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 16:52:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=35493A4A2D05EFE73EAA56E966EEEB0384EA5F2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:45:30:f6:a9:9e:72:f5:da:a6:a3:38:7f:5c:
53:cb:33:5e:67:20:a2:0c:7b:f6:06:a3:41:95:e1:
e9:53:62:ec:f3:d8:cb:ce:db:85:b3:98:22:ae:54:
41:ef:cf:e9:1a:40:75:ad:83:db:1e:87:b4:27:13:
40:1c:a7:6f:f6:54:bd:3d:43:70:41:4e:3b:c2:58:
cb:24:38:0d:eb:60:9b:c5:73:85:a1:19:0e:ca:51:
8e:fc:d8:9b:b3:91:b9:1b:23:1d:b5:2c:78:63:e7:
d8:a8:11:30:2a:0d:4d:e2:fd:f0:8a:fd:80:92:b4:
92:94:c5:b8:5e:f8:27:59:e9:f6:92:ed:f3:65:57:
a1:84:27:f7:a6:ac:1c:b7:8a:ef:c7:b8:7c:1a:0a:
59:cb:1a:71:24:98:18:97:69:38:bc:4c:8d:8b:31:
2f:b7:c0:b4:4d:f4:d5:32:6f:b9:38:97:ec:b2:e0:
56:c7:7f:ef:43:30:cf:f2:ad:3d:e4:d5:a8:d4:ef:
10:03:72:42:5d:96:9b:63:fa:82:a4:89:c9:b1:68:
50:c1:a1:32:39:b3:6f:12:f1:4a:b1:74:77:43:f3:
75:06:d2:7b:80:c5:24:44:0f:68:10:d1:0d:65:fd:
e3:59:4f:05:52:aa:d1:75:b0:c6:18:db:38:ab:19:
b6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:49:3A:4A:2D:05:EF:E7:3E:AA:56:E9:66:EE:EB:03:84:EA:5F:2B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NUk6Si0F7-c-qlbpZu7rA4TqXys.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:6c:01:b1:e5:3d:ad:79:df:a8:37:15:c4:7f:cf:08:02:87:
91:de:00:cd:d3:e8:b6:47:ca:c9:f8:7d:e0:99:ae:f8:ad:83:
14:3d:fa:cc:cc:ea:5f:09:b7:62:66:96:96:36:79:a5:e9:7a:
b3:2d:b1:74:04:b7:b9:dd:d0:e4:b1:96:67:38:bd:0b:48:47:
0f:97:6e:31:c0:63:ad:2d:e6:e0:6a:bc:f0:11:bd:56:7a:1f:
bb:46:41:57:be:b6:1c:27:9b:69:cc:c9:60:bb:f3:42:fb:e7:
34:59:58:2c:77:f9:a7:9b:23:3a:73:83:15:60:fd:e4:b1:be:
4f:b4:53:7b:de:99:06:f8:18:bc:c5:05:7d:a1:3f:1a:94:05:
bf:1e:46:8c:71:93:37:32:b9:be:8d:e9:7c:c3:6a:c5:68:76:
30:10:f6:65:ac:34:4d:29:a9:1b:a6:3d:6c:a7:1f:11:a3:15:
b0:ac:d7:fb:4e:40:83:39:4b:4b:ab:32:e4:0b:ac:8f:69:1c:
f6:16:74:d1:5e:0d:dc:ef:ac:8b:8b:c9:d9:7a:4b:03:65:28:
08:9f:b8:36:9f:44:07:dc:f4:dc:c9:37:cb:6a:f2:95:dd:f6:
31:c4:3b:52:64:63:82:d1:00:96:bb:3a:b3:41:bf:ac:93:f7:
e1:db:29:e1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPBYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgx
NjUyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM1NDkzQTRBMkQwNUVG
RTczRUFBNTZFOTY2RUVFQjAzODRFQTVGMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiRTD2qZ5y9dqmozh/XFPLM15nIKIMe/YGo0GV4elTYuzz2MvO
24WzmCKuVEHvz+kaQHWtg9seh7QnE0Acp2/2VL09Q3BBTjvCWMskOA3rYJvFc4Wh
GQ7KUY782JuzkbkbIx21LHhj59ioETAqDU3i/fCK/YCStJKUxbhe+CdZ6faS7fNl
V6GEJ/emrBy3iu/HuHwaClnLGnEkmBiXaTi8TI2LMS+3wLRN9NUyb7k4l+yy4FbH
f+9DMM/yrT3k1ajU7xADckJdlptj+oKkicmxaFDBoTI5s28S8UqxdHdD83UG0nuA
xSRED2gQ0Q1l/eNZTwVSqtF1sMYY2zirGbaNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUNUk6Si0F7+c+qlbpZu7rA4TqXyswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05VazZTaTBGNy1jLXFs
YnBadTdyQTRUcVh5cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAA2wBseU9rXnfqDcVxH/PCAKHkd4AzdPo
tkfKyfh94Jmu+K2DFD36zMzqXwm3YmaWljZ5pel6sy2xdAS3ud3Q5LGWZzi9C0hH
D5duMcBjrS3m4Gq88BG9Vnofu0ZBV762HCebaczJYLvzQvvnNFlYLHf5p5sjOnOD
FWD95LG+T7RTe96ZBvgYvMUFfaE/GpQFvx5GjHGTNzK5vo3pfMNqxWh2MBD2Zaw0
TSmpG6Y9bKcfEaMVsKzX+05AgzlLS6sy5Ausj2kc9hZ00V4N3O+si4vJ2XpLA2Uo
CJ+4Np9EB9z03Mk3y2ryld32McQ7UmRjgtEAlrs6s0G/rJP34dsp4Q==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:15 2025 by rpki-client