Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UqpFwtPEHnuXckCVNslYSEAVDTc.roa
File: UqpFwtPEHnuXckCVNslYSEAVDTc.roa (raw, json)
Hash identifier: SUIxLE0hz+pF6eY4kGpOQ0WdiCi+88y7JhP+SqxHDjg=
Subject key identifier: 52:AA:45:C2:D3:C4:1E:7B:97:72:40:95:36:C9:58:48:40:15:0D:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5026
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UqpFwtPEHnuXckCVNslYSEAVDTc.roa
Signing time: Sun 05 May 2024 10:53:49 +0000
ROA not before: Sun 05 May 2024 10:53:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20518 (0x5026)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 10:53:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=52AA45C2D3C41E7B9772409536C9584840150D37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:4f:cf:ac:8d:13:13:ea:de:4b:6b:5f:ee:cf:
d3:88:5d:b3:d1:67:36:9e:2f:3e:12:46:a3:9d:31:
58:91:a3:93:b1:ea:bf:10:30:01:5c:3a:75:01:71:
a1:b4:9a:e1:da:7e:77:97:1d:1c:f7:d0:fb:f1:41:
f8:75:9e:b8:fe:9d:f1:d5:74:de:6c:28:88:42:ec:
2e:26:e3:98:52:f8:8e:9b:65:fe:b4:af:d8:e9:dc:
58:5c:60:12:4f:27:0f:ae:78:f0:a5:4c:d9:eb:40:
a6:40:bf:0a:6e:07:be:39:55:81:78:4f:ff:2b:45:
3c:a1:18:d9:b2:09:18:9f:a8:bb:e5:5d:0c:ae:59:
76:2f:32:c4:07:99:51:cd:95:75:40:74:8a:75:5d:
fe:1d:91:70:05:89:b4:63:83:c3:d9:03:be:47:6d:
7b:c0:ff:70:6a:bf:56:c5:23:a3:97:39:63:3b:64:
5c:22:94:73:dc:81:b3:de:42:66:24:7b:c7:a6:76:
30:c9:de:08:51:e6:67:4b:3f:eb:36:b3:ad:a0:6e:
82:a5:4f:45:ce:4e:85:b8:cb:e3:b3:39:80:6d:d3:
02:86:f1:2f:00:c2:f1:bd:cd:76:b6:66:00:e7:c7:
ba:c5:01:22:af:29:6d:9e:72:62:06:b0:42:87:e2:
0e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AA:45:C2:D3:C4:1E:7B:97:72:40:95:36:C9:58:48:40:15:0D:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UqpFwtPEHnuXckCVNslYSEAVDTc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:ad:da:a1:15:3a:1c:13:1f:13:04:33:20:c6:cf:cd:6b:7e:
65:8a:fc:23:a0:6d:a0:d0:c5:df:29:5e:b3:01:f0:34:b0:0d:
f6:e6:26:83:75:64:d5:82:73:b4:9d:9e:d3:2f:d7:cb:5e:09:
0d:70:85:c4:30:41:14:9e:b4:2a:85:b8:68:d3:00:fd:d6:6e:
b4:c1:07:66:41:18:82:06:80:d4:f9:26:c5:c4:ee:cc:26:21:
90:b4:06:b0:62:43:ba:86:60:07:67:eb:7d:a0:c1:19:29:c5:
df:5c:60:60:03:7d:5b:9f:1a:26:62:d7:2b:62:c9:9d:73:4d:
27:05:01:ac:27:9e:ac:1e:83:91:5b:28:82:97:ad:77:60:15:
3c:d2:ea:87:a8:d8:09:8f:b8:4a:a2:9a:e3:58:84:10:70:a1:
78:33:38:28:dd:50:02:29:0a:e6:0b:be:29:b1:a7:13:7f:c5:
99:de:91:a0:a2:03:2a:7d:0f:e1:31:43:df:a7:2e:a9:3c:74:
80:08:3f:b5:37:70:32:1a:54:30:54:cb:6c:65:0a:62:3a:62:
05:79:be:a1:63:55:e5:80:45:eb:e9:da:b6:0d:a9:57:fd:45:
64:aa:94:76:8e:de:78:fa:e8:96:88:ee:5e:28:b3:b9:c1:d2:
41:04:47:a6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUCYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUx
MDUzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUyQUE0NUMyRDNDNDFF
N0I5NzcyNDA5NTM2Qzk1ODQ4NDAxNTBEMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkT8+sjRMT6t5La1/uz9OIXbPRZzaeLz4SRqOdMViRo5Ox6r8Q
MAFcOnUBcaG0muHafneXHRz30PvxQfh1nrj+nfHVdN5sKIhC7C4m45hS+I6bZf60
r9jp3FhcYBJPJw+uePClTNnrQKZAvwpuB745VYF4T/8rRTyhGNmyCRifqLvlXQyu
WXYvMsQHmVHNlXVAdIp1Xf4dkXAFibRjg8PZA75HbXvA/3Bqv1bFI6OXOWM7ZFwi
lHPcgbPeQmYke8emdjDJ3ghR5mdLP+s2s62gboKlT0XOToW4y+OzOYBt0wKG8S8A
wvG9zXa2ZgDnx7rFASKvKW2ecmIGsEKH4g6xAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUUqpFwtPEHnuXckCVNslYSEAVDTcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VxcEZ3dFBFSG51WGNr
Q1ZOc2xZU0VBVkRUYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAjq3aoRU6HBMfEwQzIMbPzWt+ZYr8I6Bt
oNDF3yleswHwNLAN9uYmg3Vk1YJztJ2e0y/Xy14JDXCFxDBBFJ60KoW4aNMA/dZu
tMEHZkEYggaA1PkmxcTuzCYhkLQGsGJDuoZgB2frfaDBGSnF31xgYAN9W58aJmLX
K2LJnXNNJwUBrCeerB6DkVsogpetd2AVPNLqh6jYCY+4SqKa41iEEHCheDM4KN1Q
AikK5gu+KbGnE3/Fmd6RoKIDKn0P4TFD36cuqTx0gAg/tTdwMhpUMFTLbGUKYjpi
BXm+oWNV5YBF6+natg2pV/1FZKqUdo7eeProlojuXiizucHSQQRHpg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:09:49 2025 by rpki-client