Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/n5FabbovMniY-NmcmxrfuPs8DiM.roa
File: n5FabbovMniY-NmcmxrfuPs8DiM.roa (raw, json)
Hash identifier: Q6srjx9VICieMQ5atLa6HUS9vxgOIEbYYH9evpkHQOw=
Subject key identifier: 9F:91:5A:6D:BA:2F:32:78:98:F8:D9:9C:9B:1A:DF:B8:FB:3C:0E:23
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D5A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n5FabbovMniY-NmcmxrfuPs8DiM.roa
Signing time: Wed 01 May 2024 17:23:38 +0000
ROA not before: Wed 01 May 2024 17:23:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19802 (0x4d5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 17:23:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9F915A6DBA2F327898F8D99C9B1ADFB8FB3C0E23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:15:c6:df:ea:42:67:e8:25:6e:df:cb:b3:53:
e1:fc:5c:4f:cb:f4:c7:bf:87:fd:37:fe:30:f4:2d:
56:a3:17:4f:33:35:62:e1:db:e1:02:ae:86:83:6e:
70:ab:10:ea:b5:55:05:2d:a4:c3:a1:88:47:b1:fb:
40:92:5c:7d:75:10:0e:45:85:d2:e3:df:d3:d6:84:
f5:37:81:6f:d7:49:39:c7:d3:8f:e5:7c:a3:81:ef:
08:e0:6a:d7:68:fe:00:32:62:d1:99:b2:fb:3b:01:
c2:8e:8d:23:97:78:67:fa:a5:5c:57:35:41:3f:6f:
df:d2:ad:95:0f:f6:98:0c:63:4b:98:46:bc:5d:ef:
ca:2b:a9:9a:52:33:3b:1c:0f:32:29:b2:a9:54:36:
30:9a:b1:43:ed:f4:cc:3b:30:70:7e:ce:8a:04:ae:
d2:62:75:b4:f4:48:36:5a:7b:d1:32:ed:4b:97:bc:
2e:79:6d:6c:fc:5d:93:5c:79:20:47:b9:a4:4c:8c:
40:d5:0e:2e:62:75:d3:c4:35:b7:e6:73:a0:8c:c2:
80:eb:e4:25:71:1e:f7:f4:cd:ee:13:b2:2e:fd:22:
f2:f6:68:2b:91:1a:b3:1a:81:7b:14:fd:eb:5c:5a:
29:73:91:97:de:af:ae:4c:e6:62:42:b6:75:e5:2c:
b5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:91:5A:6D:BA:2F:32:78:98:F8:D9:9C:9B:1A:DF:B8:FB:3C:0E:23
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n5FabbovMniY-NmcmxrfuPs8DiM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9c:5a:34:41:fc:0d:78:cd:9a:f8:14:63:33:7b:e9:eb:79:84:
38:c6:a0:a9:a0:49:07:5c:52:26:d1:64:61:31:e0:c1:6a:a2:
8c:e1:51:2b:dc:d6:de:f5:1d:45:10:78:f6:b8:a1:1b:4d:6d:
5f:00:7c:f5:2a:d6:12:47:93:60:bb:a8:64:c3:15:1d:a5:5b:
b2:cd:10:ab:03:af:9a:98:4c:6a:af:82:2f:90:64:56:2e:51:
2f:ab:80:17:94:c2:93:63:fc:32:ef:9c:e1:95:63:57:aa:fc:
ee:f1:4d:07:76:ea:de:09:d5:6d:56:3a:12:a4:79:07:8e:61:
f2:c9:df:c2:93:d5:a2:ef:10:13:da:9a:9c:de:63:07:a3:4a:
1a:7d:4c:84:16:d6:f0:29:0a:7d:f6:51:94:25:d3:e2:77:5f:
94:7c:4b:75:cc:5c:5f:02:18:7e:bd:a8:8b:93:15:30:30:28:
73:f1:90:f4:46:95:eb:28:f7:a8:e3:22:57:c3:77:6b:cb:32:
35:71:c5:0a:87:fd:e0:db:f0:35:7d:10:5c:1d:d6:bf:01:2d:
32:68:d8:23:b3:9c:e1:81:43:e3:4f:02:af:64:11:f1:bd:2d:
ce:f4:cb:85:8d:5a:91:d9:1c:39:4d:79:a3:30:46:f9:89:6e:
71:02:8a:41
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEx
NzIzMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlGOTE1QTZEQkEyRjMy
Nzg5OEY4RDk5QzlCMUFERkI4RkIzQzBFMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIFcbf6kJn6CVu38uzU+H8XE/L9Me/h/03/jD0LVajF08zNWLh
2+ECroaDbnCrEOq1VQUtpMOhiEex+0CSXH11EA5FhdLj39PWhPU3gW/XSTnH04/l
fKOB7wjgatdo/gAyYtGZsvs7AcKOjSOXeGf6pVxXNUE/b9/SrZUP9pgMY0uYRrxd
78orqZpSMzscDzIpsqlUNjCasUPt9Mw7MHB+zooErtJidbT0SDZae9Ey7UuXvC55
bWz8XZNceSBHuaRMjEDVDi5iddPENbfmc6CMwoDr5CVxHvf0ze4Tsi79IvL2aCuR
GrMagXsU/etcWilzkZfer65M5mJCtnXlLLUbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUn5FabbovMniY+NmcmxrfuPs8DiMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L241RmFiYm92TW5pWS1O
bWNteHJmdVBzOERpTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAnFo0QfwNeM2a+BRjM3vp63mEOMagqaBJ
B1xSJtFkYTHgwWqijOFRK9zW3vUdRRB49rihG01tXwB89SrWEkeTYLuoZMMVHaVb
ss0QqwOvmphMaq+CL5BkVi5RL6uAF5TCk2P8Mu+c4ZVjV6r87vFNB3bq3gnVbVY6
EqR5B45h8snfwpPVou8QE9qanN5jB6NKGn1MhBbW8CkKffZRlCXT4ndflHxLdcxc
XwIYfr2oi5MVMDAoc/GQ9EaV6yj3qOMiV8N3a8syNXHFCof94NvwNX0QXB3WvwEt
MmjYI7Oc4YFD408Cr2QR8b0tzvTLhY1akdkcOU15ozBG+YlucQKKQQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:24 2025 by rpki-client