Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/X0Q7mUKkRuEsNEnRM0sOS1SPaAg.roa
File: X0Q7mUKkRuEsNEnRM0sOS1SPaAg.roa (raw, json)
Hash identifier: 2dksOMi+SvooSysuxZ1d/cN/NEgc/Rjjh8qH4z9rhqw=
Subject key identifier: 5F:44:3B:99:42:A4:46:E1:2C:34:49:D1:33:4B:0E:4B:54:8F:68:08
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47BE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/X0Q7mUKkRuEsNEnRM0sOS1SPaAg.roa
Signing time: Wed 24 Apr 2024 05:53:13 +0000
ROA not before: Wed 24 Apr 2024 05:53:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18366 (0x47be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 05:53:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5F443B9942A446E12C3449D1334B0E4B548F6808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0a:93:72:b1:de:e0:37:51:43:26:3f:72:58:
bc:7b:70:86:b8:85:84:da:08:76:68:9e:91:49:1c:
d4:9c:8a:58:28:89:ee:13:14:00:ca:59:10:95:ee:
42:85:b4:65:36:48:16:da:09:97:98:f8:33:6b:3d:
0a:6e:05:d0:8f:70:d7:54:85:61:31:7c:93:a7:b5:
ac:8c:ff:11:50:87:3f:35:41:cf:fa:2a:2e:9d:74:
91:52:f3:04:81:ba:22:63:b2:41:72:26:fd:3e:c5:
d3:87:60:4c:b9:0c:83:b8:34:f5:32:8c:ba:84:b1:
b4:d3:a4:ab:ff:78:08:ac:1e:d5:be:80:5a:df:94:
b1:a4:00:b6:d5:23:16:b9:b7:36:af:ba:59:f8:02:
4c:50:55:3e:ca:9d:8b:6d:07:dd:6c:91:5a:0e:c6:
2f:cd:e4:50:55:66:a7:73:ce:e9:50:7a:c1:f0:0d:
c2:24:92:2b:30:2d:bd:14:60:fa:7e:d2:ff:f4:e6:
cf:40:10:c4:b3:d0:18:45:21:57:cd:a5:2c:7e:f3:
ec:b3:38:77:2d:20:2e:f2:46:73:aa:ce:69:1e:10:
c2:36:c4:8d:e9:52:21:78:c2:65:11:8b:31:39:53:
b2:70:99:9c:ba:14:68:24:06:79:69:17:3c:dc:86:
48:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:44:3B:99:42:A4:46:E1:2C:34:49:D1:33:4B:0E:4B:54:8F:68:08
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/X0Q7mUKkRuEsNEnRM0sOS1SPaAg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:16:ab:8a:5d:c4:74:9e:8c:a6:65:bc:1c:a0:2d:b7:67:db:
f4:79:1c:5e:8e:08:15:fe:c5:8f:48:f2:93:01:97:21:e7:b6:
57:71:32:9a:78:ce:1b:e1:51:3a:a2:22:75:87:a3:b0:7e:ad:
85:34:28:46:25:46:a8:28:a1:58:ed:1e:26:dd:bf:19:e5:87:
1c:5d:4c:9a:dc:f1:2c:64:9f:a6:14:7b:9d:55:aa:7a:7a:53:
1c:c3:a9:65:6c:72:5e:94:0b:cb:84:05:97:a8:78:e0:bb:3f:
6f:a7:71:40:7c:e4:3e:df:3a:9b:a8:8a:1f:23:2b:69:6c:06:
ac:44:64:82:18:30:86:0e:c0:09:f9:e6:aa:17:2b:cd:ce:4d:
90:95:af:07:e1:8c:91:1e:18:08:6e:12:c6:e3:16:7f:7c:b0:
eb:25:f9:6d:a4:79:6e:a9:50:7e:56:ac:da:3c:53:be:29:8f:
11:eb:b5:bb:98:20:38:e9:6a:67:9f:bd:39:d3:98:c8:0f:0b:
e8:23:77:50:45:d4:a9:ca:69:99:b1:30:07:34:cc:10:76:9d:
fa:9c:9f:9f:e2:56:d7:e3:23:d5:f1:84:38:1c:9b:7d:ad:5e:
22:2b:c0:31:a3:fd:e2:c2:a2:13:d8:56:2c:67:5e:4b:c1:c2:
a1:c3:5c:eb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR74wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
NTUzMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVGNDQzQjk5NDJBNDQ2
RTEyQzM0NDlEMTMzNEIwRTRCNTQ4RjY4MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9CpNysd7gN1FDJj9yWLx7cIa4hYTaCHZonpFJHNScilgoie4T
FADKWRCV7kKFtGU2SBbaCZeY+DNrPQpuBdCPcNdUhWExfJOntayM/xFQhz81Qc/6
Ki6ddJFS8wSBuiJjskFyJv0+xdOHYEy5DIO4NPUyjLqEsbTTpKv/eAisHtW+gFrf
lLGkALbVIxa5tzavuln4AkxQVT7KnYttB91skVoOxi/N5FBVZqdzzulQesHwDcIk
kiswLb0UYPp+0v/05s9AEMSz0BhFIVfNpSx+8+yzOHctIC7yRnOqzmkeEMI2xI3p
UiF4wmURizE5U7JwmZy6FGgkBnlpFzzchkiTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUX0Q7mUKkRuEsNEnRM0sOS1SPaAgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1gwUTdtVUtrUnVFc05F
blJNMHNPUzFTUGFBZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEACharil3EdJ6MpmW8HKAtt2fb9HkcXo4I
Ff7Fj0jykwGXIee2V3EymnjOG+FROqIidYejsH6thTQoRiVGqCihWO0eJt2/GeWH
HF1MmtzxLGSfphR7nVWqenpTHMOpZWxyXpQLy4QFl6h44Ls/b6dxQHzkPt86m6iK
HyMraWwGrERkghgwhg7ACfnmqhcrzc5NkJWvB+GMkR4YCG4SxuMWf3yw6yX5baR5
bqlQflas2jxTvimPEeu1u5ggOOlqZ5+9OdOYyA8L6CN3UEXUqcppmbEwBzTMEHad
+pyfn+JW1+Mj1fGEOBybfa1eIivAMaP94sKiE9hWLGdeS8HCocNc6w==
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:59:25 2025 by rpki-client