Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/npATtSFoGn1uQr2GAhCXhmC0XMg.roa
File: npATtSFoGn1uQr2GAhCXhmC0XMg.roa (raw, json)
Hash identifier: helBDJ3v+mSSJHjYClQnKpov6uMJ4p8cTP8sxTKtc24=
Subject key identifier: 9E:90:13:B5:21:68:1A:7D:6E:42:BD:86:02:10:97:86:60:B4:5C:C8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4172
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/npATtSFoGn1uQr2GAhCXhmC0XMg.roa
Signing time: Mon 15 Apr 2024 20:23:02 +0000
ROA not before: Mon 15 Apr 2024 20:23:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16754 (0x4172)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 20:23:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9E9013B521681A7D6E42BD860210978660B45CC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7f:00:24:e1:30:19:cd:89:a5:7b:34:21:a2:
10:1f:13:93:24:e1:b1:99:24:4c:31:34:d6:d4:04:
97:9a:74:70:70:27:23:f5:0b:9b:af:e8:02:e7:8a:
ec:74:5e:43:9b:a3:ea:71:21:49:60:64:fe:c5:e5:
27:20:6c:e5:ad:ac:21:4d:bd:e8:8f:1e:2b:3b:50:
fb:cc:19:eb:d3:88:f2:b1:51:58:49:ff:1a:27:49:
9f:4f:f1:5b:b5:c2:d5:7c:ff:69:a1:e0:79:b9:35:
50:e7:b6:95:92:49:e1:a1:8a:e2:06:d8:ee:ad:07:
f1:c4:69:fc:c4:c3:7b:f3:f4:16:55:bf:02:0e:53:
75:e8:a0:83:df:af:8a:07:80:fa:3a:27:10:fa:80:
98:36:98:ed:76:5a:db:1b:a7:8c:b6:a2:61:7e:bf:
8b:27:f4:18:86:e6:10:3f:71:14:a2:6b:97:d3:2f:
cd:c0:cc:8c:33:2f:79:37:f3:eb:11:bc:83:e6:ff:
6b:da:16:e6:e3:e7:ae:6c:d9:37:26:64:68:9e:53:
b9:0b:68:33:86:2e:f2:01:8f:ad:87:d9:8c:f4:77:
a9:f4:52:53:75:40:89:db:10:a1:86:af:bf:05:2e:
22:c7:e7:40:e0:8e:7f:2d:3e:bf:54:ab:2c:4e:28:
f2:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:90:13:B5:21:68:1A:7D:6E:42:BD:86:02:10:97:86:60:B4:5C:C8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/npATtSFoGn1uQr2GAhCXhmC0XMg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:8e:c3:9d:36:3f:4c:fd:dc:16:11:ca:59:3e:4a:1c:57:06:
2a:3d:85:4b:dc:a2:e9:90:2c:a1:b3:34:d6:2e:55:eb:2a:8c:
4e:cc:9d:fb:7d:e8:c1:c7:0d:ed:c4:8e:fd:74:c0:ea:ef:c4:
1b:b7:64:8b:a4:0d:8a:52:d7:4a:cb:dd:6f:76:28:c8:ab:2d:
de:0a:1c:9e:eb:0d:45:b3:f3:c9:09:c7:b7:a6:d6:ea:b2:37:
97:75:41:91:fc:8b:a0:da:3a:4d:34:aa:97:86:45:27:f3:8c:
cb:23:75:2b:fa:b5:7b:ec:77:ee:15:88:5c:18:9e:21:97:e6:
82:47:d2:c2:30:ec:f9:5c:b8:92:67:04:ee:c6:e6:fc:06:bb:
c1:2b:95:30:ab:61:91:fa:d7:90:c1:bb:54:05:a9:94:b4:0e:
44:95:8a:c6:d1:c9:53:7a:c2:34:f7:cd:6c:fa:f7:bb:88:48:
f7:be:74:4d:2e:31:c6:62:88:4e:b6:0f:73:48:1b:e9:b0:44:
3e:25:43:86:5c:37:cc:fe:21:47:1c:2d:16:74:84:3e:2b:d3:
20:43:88:23:ae:07:2c:23:86:b9:67:72:98:bf:24:e6:3a:56:
0d:c6:11:0c:5d:ec:79:ad:0c:d0:39:93:60:6e:72:c1:3b:1f:
6e:81:04:10
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUy
MDIzMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFOTAxM0I1MjE2ODFB
N0Q2RTQyQkQ4NjAyMTA5Nzg2NjBCNDVDQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCSfwAk4TAZzYmlezQhohAfE5Mk4bGZJEwxNNbUBJeadHBwJyP1
C5uv6ALniux0XkObo+pxIUlgZP7F5ScgbOWtrCFNveiPHis7UPvMGevTiPKxUVhJ
/xonSZ9P8Vu1wtV8/2mh4Hm5NVDntpWSSeGhiuIG2O6tB/HEafzEw3vz9BZVvwIO
U3XooIPfr4oHgPo6JxD6gJg2mO12Wtsbp4y2omF+v4sn9BiG5hA/cRSia5fTL83A
zIwzL3k38+sRvIPm/2vaFubj565s2TcmZGieU7kLaDOGLvIBj62H2Yz0d6n0UlN1
QInbEKGGr78FLiLH50Dgjn8tPr9UqyxOKPLJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUnpATtSFoGn1uQr2GAhCXhmC0XMgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25wQVR0U0ZvR24xdVFy
MkdBaENYaG1DMFhNZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQY7DnTY/TP3cFhHKWT5KHFcGKj2FS9yi
6ZAsobM01i5V6yqMTsyd+33owccN7cSO/XTA6u/EG7dki6QNilLXSsvdb3YoyKst
3gocnusNRbPzyQnHt6bW6rI3l3VBkfyLoNo6TTSql4ZFJ/OMyyN1K/q1e+x37hWI
XBieIZfmgkfSwjDs+Vy4kmcE7sbm/Aa7wSuVMKthkfrXkMG7VAWplLQORJWKxtHJ
U3rCNPfNbPr3u4hI9750TS4xxmKITrYPc0gb6bBEPiVDhlw3zP4hRxwtFnSEPivT
IEOII64HLCOGuWdymL8k5jpWDcYRDF3sea0M0DmTYG5ywTsfboEEEA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:34 2025 by rpki-client