Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/STEXIX-Xms0XGCgIjsWqCw6OBUg.roa
File: STEXIX-Xms0XGCgIjsWqCw6OBUg.roa (raw, json)
Hash identifier: TIdKlNntlTuoI7NZpEjcHcl25qCXVc7T6jCGVoKNw48=
Subject key identifier: 49:31:17:21:7F:97:9A:CD:17:18:28:08:8E:C5:AA:0B:0E:8E:05:48
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 51DA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/STEXIX-Xms0XGCgIjsWqCw6OBUg.roa
Signing time: Tue 07 May 2024 17:23:55 +0000
ROA not before: Tue 07 May 2024 17:23:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20954 (0x51da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 17:23:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=493117217F979ACD171828088EC5AA0B0E8E0548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d7:40:9c:cb:db:f4:d3:ab:c5:cb:03:e0:93:
91:c4:57:3a:b7:2c:c2:44:2d:e5:b9:b5:b6:b7:04:
8a:cd:e5:4c:53:ed:01:29:bf:d0:fe:b2:8d:bf:75:
0c:25:0c:d0:f0:e4:99:d2:8b:80:fc:0c:db:26:1b:
05:8d:52:52:c7:d9:dc:38:6d:b6:4c:45:7e:dc:05:
db:b0:27:40:6e:7c:62:02:08:b4:97:cc:f4:4e:49:
ca:8a:5f:97:f7:95:4b:d8:93:13:49:83:e4:49:58:
7b:c1:83:0d:e4:03:1d:b4:b1:cf:12:37:86:ea:16:
c1:ab:3d:7e:b5:d5:5f:ad:a9:3c:df:89:46:6d:fe:
85:3a:fc:32:bb:6b:31:51:78:4c:13:4a:6a:16:80:
3e:4a:cb:57:13:07:8a:ed:06:10:f3:8b:61:2a:23:
79:67:f7:c6:32:02:cd:b3:03:62:4f:97:f7:08:72:
c4:cc:ca:59:1d:7e:2b:2a:4c:a3:6c:5e:12:fe:05:
1f:2c:cb:3e:50:ba:e4:16:e8:42:f9:f7:47:6f:ec:
44:25:05:39:91:8b:7d:6d:97:36:64:ef:19:fd:1e:
19:3d:7b:22:22:97:f1:26:68:79:06:f8:32:c0:3a:
37:93:59:b1:2a:e9:23:05:bc:c0:7e:57:f9:d3:18:
97:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:31:17:21:7F:97:9A:CD:17:18:28:08:8E:C5:AA:0B:0E:8E:05:48
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/STEXIX-Xms0XGCgIjsWqCw6OBUg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:ea:72:86:01:fb:29:49:55:30:01:7f:07:0a:c9:e6:fa:b1:
91:0c:c4:11:9b:5d:7f:0d:04:3b:ac:eb:77:e0:44:ff:02:d1:
e7:81:25:e2:dd:75:3e:0b:42:5e:79:ef:0e:21:f0:77:24:53:
ea:3f:44:b1:14:20:c5:20:9d:49:c6:f6:19:93:77:c6:f4:0d:
3d:5d:53:07:e7:76:1b:d4:9a:b9:a5:d9:52:e6:58:da:71:e7:
c9:b9:b9:26:c4:49:08:8d:44:1a:90:67:e8:dc:dd:4e:bf:91:
94:de:81:b3:f2:51:20:71:be:e5:26:ba:0e:07:45:0d:06:c6:
43:da:d0:c9:2e:9c:5e:ac:7c:3e:93:bd:ad:b0:1a:26:b9:e0:
90:9d:00:2f:7f:08:30:31:4d:5b:29:a0:c7:a0:0d:7f:3d:22:
6d:b0:bf:0c:a5:09:47:52:fa:76:b0:60:09:b3:76:2f:8c:ce:
31:cc:fa:91:5a:ec:25:52:8c:b9:81:0b:62:b6:cf:a2:d9:1a:
4c:97:b7:47:55:67:25:1b:4e:ad:ea:9a:c7:f4:eb:b3:e0:0d:
73:1a:bc:1d:f3:b8:7a:bb:a5:7c:1e:04:d9:27:47:9c:bc:17:
74:aa:77:47:cf:21:d3:04:d4:13:bf:04:0b:37:7a:19:ec:18:
8d:23:a1:ff
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcx
NzIzNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ5MzExNzIxN0Y5NzlB
Q0QxNzE4MjgwODhFQzVBQTBCMEU4RTA1NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq10Ccy9v006vFywPgk5HEVzq3LMJELeW5tba3BIrN5UxT7QEp
v9D+so2/dQwlDNDw5JnSi4D8DNsmGwWNUlLH2dw4bbZMRX7cBduwJ0BufGICCLSX
zPROScqKX5f3lUvYkxNJg+RJWHvBgw3kAx20sc8SN4bqFsGrPX611V+tqTzfiUZt
/oU6/DK7azFReEwTSmoWgD5Ky1cTB4rtBhDzi2EqI3ln98YyAs2zA2JPl/cIcsTM
ylkdfisqTKNsXhL+BR8syz5QuuQW6EL590dv7EQlBTmRi31tlzZk7xn9Hhk9eyIi
l/EmaHkG+DLAOjeTWbEq6SMFvMB+V/nTGJcVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUSTEXIX+Xms0XGCgIjsWqCw6OBUgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NURVhJWC1YbXMwWEdD
Z0lqc1dxQ3c2T0JVZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAgepyhgH7KUlVMAF/BwrJ5vqxkQzEEZtd
fw0EO6zrd+BE/wLR54El4t11PgtCXnnvDiHwdyRT6j9EsRQgxSCdScb2GZN3xvQN
PV1TB+d2G9SauaXZUuZY2nHnybm5JsRJCI1EGpBn6NzdTr+RlN6Bs/JRIHG+5Sa6
DgdFDQbGQ9rQyS6cXqx8PpO9rbAaJrngkJ0AL38IMDFNWymgx6ANfz0ibbC/DKUJ
R1L6drBgCbN2L4zOMcz6kVrsJVKMuYELYrbPotkaTJe3R1VnJRtOreqax/Trs+AN
cxq8HfO4erulfB4E2SdHnLwXdKp3R88h0wTUE78ECzd6GewYjSOh/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:26 2024 by rpki-client on console-fra.rpki-client.org