Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/R5RmE0Yjh84L03iMz6YjgYj2bwQ.roa
File: R5RmE0Yjh84L03iMz6YjgYj2bwQ.roa (raw, json)
Hash identifier: lAYF/nOgRAVGbx3/Xl5cjY2eG6b9pzJjjZN5RHJJHX4=
Subject key identifier: 47:94:66:13:46:23:87:CE:0B:D3:78:8C:CF:A6:23:81:88:F6:6F:04
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4916
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/R5RmE0Yjh84L03iMz6YjgYj2bwQ.roa
Signing time: Fri 26 Apr 2024 00:53:20 +0000
ROA not before: Fri 26 Apr 2024 00:53:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18710 (0x4916)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 00:53:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=47946613462387CE0BD3788CCFA6238188F66F04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:48:b8:ae:10:8d:e5:8d:a1:0d:91:d8:f8:a5:
5a:a4:08:a3:38:6e:41:5c:e3:53:a5:ee:98:6b:7c:
e4:90:2a:f3:b6:28:32:fc:18:e9:ef:9a:b2:0d:e4:
59:76:02:2c:c7:2c:62:c0:72:ad:80:d0:41:f2:86:
0b:88:d5:63:f8:35:de:8f:b6:35:6d:a3:da:a5:a9:
b2:c8:f8:4d:2c:87:09:40:81:e4:c6:b9:5a:f3:a1:
d5:5c:28:30:26:c7:0b:56:16:9c:9a:fb:cf:62:1e:
dc:bf:ed:cb:f7:4d:d2:25:81:d0:fa:67:81:02:eb:
64:c6:57:6c:ac:b5:a4:6e:5e:ac:df:c4:1d:26:db:
65:9c:68:50:c2:b1:ed:1e:90:6f:0c:01:e6:85:9c:
99:ae:44:0b:c4:3f:81:dc:26:99:be:7d:ca:e9:40:
56:25:72:17:73:37:f8:6e:04:c3:30:55:58:20:f7:
b2:79:6e:3a:87:85:c0:a7:f1:5c:cf:4c:31:2e:73:
a6:e8:c5:6c:53:6a:f9:94:b2:d2:25:9d:66:3b:7e:
0f:52:c5:13:9a:f0:99:b1:b7:07:09:31:e2:55:8e:
25:23:6d:f4:22:36:0b:a3:94:42:55:c2:92:74:7b:
23:a4:09:bd:43:c2:98:32:8f:5b:3f:73:95:70:36:
97:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:94:66:13:46:23:87:CE:0B:D3:78:8C:CF:A6:23:81:88:F6:6F:04
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/R5RmE0Yjh84L03iMz6YjgYj2bwQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:27:57:57:ec:3c:e0:28:11:17:51:78:83:93:7b:3a:af:3f:
ef:fa:02:53:4e:76:3a:55:55:2d:0a:5b:69:d4:22:a7:9a:b7:
64:bc:47:9d:b7:62:4d:9d:bf:d2:f5:da:e5:fe:18:e4:27:2b:
1b:dc:0a:d6:a0:56:90:48:88:8c:83:b1:44:35:5d:cc:78:2a:
93:5c:ed:8c:41:13:a2:2e:10:58:34:b4:1e:3f:6c:3e:a9:cf:
55:72:2b:d1:5b:f0:0f:54:d2:c6:11:b8:3b:16:5e:b5:76:78:
d0:0c:2e:27:83:df:f6:be:89:22:b1:0e:a3:df:c2:c7:82:e0:
5f:2c:43:ac:08:b2:96:e5:9c:cb:a5:8b:d8:83:3a:23:e3:1c:
98:5b:9c:9c:e7:2b:7f:c0:dc:bf:13:ab:39:00:24:59:b0:68:
12:f0:d4:f6:48:39:ce:76:04:2f:d9:9f:a2:7e:3e:2b:37:e6:
8e:14:6a:a2:22:0f:5c:8a:29:4c:22:5b:85:a2:b4:49:e5:1a:
96:84:08:c6:65:c7:7a:d0:80:51:14:33:13:2b:1f:7e:d5:68:
f2:0f:5c:3b:3c:31:3d:65:88:34:26:05:25:ce:ba:e2:ae:0e:
ea:5b:e2:06:f5:ff:31:90:4e:b8:2e:7c:f3:39:1d:cd:bb:4b:
b0:e4:72:c6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSRYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYw
MDUzMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ3OTQ2NjEzNDYyMzg3
Q0UwQkQzNzg4Q0NGQTYyMzgxODhGNjZGMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpSLiuEI3ljaENkdj4pVqkCKM4bkFc41Ol7phrfOSQKvO2KDL8
GOnvmrIN5Fl2AizHLGLAcq2A0EHyhguI1WP4Nd6PtjVto9qlqbLI+E0shwlAgeTG
uVrzodVcKDAmxwtWFpya+89iHty/7cv3TdIlgdD6Z4EC62TGV2ystaRuXqzfxB0m
22WcaFDCse0ekG8MAeaFnJmuRAvEP4HcJpm+fcrpQFYlchdzN/huBMMwVVgg97J5
bjqHhcCn8VzPTDEuc6boxWxTavmUstIlnWY7fg9SxROa8JmxtwcJMeJVjiUjbfQi
NgujlEJVwpJ0eyOkCb1Dwpgyj1s/c5VwNpcNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUR5RmE0Yjh84L03iMz6YjgYj2bwQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1I1Um1FMFlqaDg0TDAz
aU16NllqZ1lqMmJ3US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAJydXV+w84CgRF1F4g5N7Oq8/7/oCU052
OlVVLQpbadQip5q3ZLxHnbdiTZ2/0vXa5f4Y5CcrG9wK1qBWkEiIjIOxRDVdzHgq
k1ztjEEToi4QWDS0Hj9sPqnPVXIr0VvwD1TSxhG4OxZetXZ40AwuJ4Pf9r6JIrEO
o9/Cx4LgXyxDrAiyluWcy6WL2IM6I+McmFucnOcrf8DcvxOrOQAkWbBoEvDU9kg5
znYEL9mfon4+KzfmjhRqoiIPXIopTCJbhaK0SeUaloQIxmXHetCAURQzEysfftVo
8g9cOzwxPWWINCYFJc664q4O6lviBvX/MZBOuC588zkdzbtLsORyxg==
-----END CERTIFICATE-----
Generated at Sat May 17 20:48:32 2025 by rpki-client