Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RXjP5XnlfX4ps1xgC_Wt1ZZeV6I.roa
File: RXjP5XnlfX4ps1xgC_Wt1ZZeV6I.roa (raw, json)
Hash identifier: Imb0+p6Ay8vaNDu37j6vkE/v6EwKpwIPKw0iWyDZoJQ=
Subject key identifier: 45:78:CF:E5:79:E5:7D:7E:29:B3:5C:60:0B:F5:AD:D5:96:5E:57:A2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5512
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RXjP5XnlfX4ps1xgC_Wt1ZZeV6I.roa
Signing time: Sun 12 May 2024 00:24:04 +0000
ROA not before: Sun 12 May 2024 00:24:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21778 (0x5512)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 00:24:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4578CFE579E57D7E29B35C600BF5ADD5965E57A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d7:21:25:58:8b:6b:7b:13:17:d4:96:6c:94:
ee:ca:d3:99:08:3c:47:1a:52:47:6e:e6:cd:86:19:
af:db:c3:09:4b:9f:79:26:02:cd:b5:41:7d:50:25:
d5:0c:02:84:15:cc:df:d1:7e:1f:67:d3:f3:8b:60:
ce:c5:b5:d1:60:04:19:16:48:08:44:5a:99:2f:66:
16:85:dc:13:b9:c2:25:66:99:27:3c:b3:af:9a:f2:
8c:11:16:1e:96:3f:31:a2:81:48:33:cc:9b:c8:65:
ab:37:c6:f9:95:97:80:56:bb:15:20:f4:62:ec:72:
19:87:b8:c7:49:2e:3a:43:9e:6a:1e:3b:44:d4:50:
99:b0:2d:33:45:de:53:50:89:ae:82:1a:6c:82:11:
15:b7:e5:2c:fe:72:ee:4e:5f:0f:71:ad:4f:eb:09:
c3:82:9d:9b:16:7c:93:b4:6e:1b:a6:76:a0:71:5c:
9f:7a:c5:80:02:b3:5f:4e:56:06:71:b5:68:24:2e:
cc:06:5c:8b:5a:f7:b7:6a:2b:01:03:f4:5a:1c:f1:
83:6e:38:77:2b:59:90:97:77:bc:dc:44:fe:d0:24:
9f:26:5f:2b:89:4f:86:1c:d6:23:59:67:98:5f:bc:
e0:69:b3:d8:78:92:55:8b:0f:af:14:12:08:75:28:
d1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:78:CF:E5:79:E5:7D:7E:29:B3:5C:60:0B:F5:AD:D5:96:5E:57:A2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RXjP5XnlfX4ps1xgC_Wt1ZZeV6I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:31:7e:85:80:92:17:64:7b:4f:46:4f:18:b3:47:f6:ca:6d:
e4:3b:6f:e3:29:0c:bf:7e:a7:0a:11:3b:d9:df:f5:fe:f1:80:
d7:e7:ad:fd:b4:dc:f9:11:04:98:b5:24:99:33:6a:c0:b6:00:
30:4b:68:82:86:54:8c:80:eb:42:7c:08:9f:f2:a8:38:b8:54:
8d:84:11:52:8c:e8:f4:72:dc:b5:63:99:56:f4:70:62:4f:5e:
b1:b0:b2:2e:98:f3:3f:9f:95:f4:17:a3:22:6d:d4:ca:9b:dd:
d3:49:89:39:dc:fb:a8:dc:ef:1d:d4:0f:19:c9:96:78:1e:ae:
ba:dd:77:4e:52:d0:ac:80:f2:f1:6a:71:f2:fe:00:5f:ae:76:
50:63:88:dc:a2:3b:73:5a:08:c0:b7:5e:bc:fc:50:14:0b:2f:
cc:33:11:50:f4:63:b9:89:94:f3:fc:4a:16:4f:3f:82:49:bc:
a4:6d:e9:3d:5b:cb:e8:99:e6:41:45:a2:ae:f9:8b:82:6d:7b:
d3:9f:bf:b8:37:79:72:01:d5:ce:7a:8a:86:be:6c:bb:ed:34:
c2:c6:de:ba:11:d6:bb:81:3c:ed:59:22:8d:99:51:25:d1:fb:
bb:b8:11:5d:66:60:38:9e:cb:5e:66:32:b3:5c:73:75:59:97:
32:18:1a:12
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVRIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIw
MDI0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ1NzhDRkU1NzlFNTdE
N0UyOUIzNUM2MDBCRjVBREQ1OTY1RTU3QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDC1yElWItrexMX1JZslO7K05kIPEcaUkdu5s2GGa/bwwlLn3km
As21QX1QJdUMAoQVzN/Rfh9n0/OLYM7FtdFgBBkWSAhEWpkvZhaF3BO5wiVmmSc8
s6+a8owRFh6WPzGigUgzzJvIZas3xvmVl4BWuxUg9GLschmHuMdJLjpDnmoeO0TU
UJmwLTNF3lNQia6CGmyCERW35Sz+cu5OXw9xrU/rCcOCnZsWfJO0bhumdqBxXJ96
xYACs19OVgZxtWgkLswGXIta97dqKwED9Foc8YNuOHcrWZCXd7zcRP7QJJ8mXyuJ
T4Yc1iNZZ5hfvOBps9h4klWLD68UEgh1KNFJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQURXjP5XnlfX4ps1xgC/Wt1ZZeV6IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JYalA1WG5sZlg0cHMx
eGdDX1d0MVpaZVY2SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAnjF+hYCSF2R7T0ZPGLNH9spt5Dtv4ykM
v36nChE72d/1/vGA1+et/bTc+REEmLUkmTNqwLYAMEtogoZUjIDrQnwIn/KoOLhU
jYQRUozo9HLctWOZVvRwYk9esbCyLpjzP5+V9BejIm3Uypvd00mJOdz7qNzvHdQP
GcmWeB6uut13TlLQrIDy8Wpx8v4AX652UGOI3KI7c1oIwLdevPxQFAsvzDMRUPRj
uYmU8/xKFk8/gkm8pG3pPVvL6JnmQUWirvmLgm1705+/uDd5cgHVznqKhr5su+00
wsbeuhHWu4E87VkijZlRJdH7u7gRXWZgOJ7LXmYys1xzdVmXMhgaEg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:39 2025 by rpki-client