Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XBP6cKESbp1xvkmIJOKuY9ST4kM.roa
File: XBP6cKESbp1xvkmIJOKuY9ST4kM.roa (raw, json)
Hash identifier: uXFZ57uXcttjMgsmx4G/IoY4y7rAUS9iB1q0Nj1oqQs=
Subject key identifier: 5C:13:FA:70:A1:12:6E:9D:71:BE:49:88:24:E2:AE:63:D4:93:E2:43
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53E6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XBP6cKESbp1xvkmIJOKuY9ST4kM.roa
Signing time: Fri 10 May 2024 10:54:10 +0000
ROA not before: Fri 10 May 2024 10:54:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21478 (0x53e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 10:54:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5C13FA70A1126E9D71BE498824E2AE63D493E243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c9:51:cb:42:5d:f8:e7:fe:21:42:05:b9:f6:
e4:2c:f6:3f:22:87:42:06:67:ad:54:ac:43:6a:3b:
c9:c1:04:07:0e:76:e6:e6:36:49:3c:d6:4d:9f:48:
68:b7:f0:df:f2:6b:b9:64:9d:91:14:6c:9f:ae:07:
dd:f9:f4:6f:55:d5:51:2f:66:bf:7e:f1:ff:19:9a:
8e:db:28:e2:43:bd:4c:36:98:38:9f:4d:f8:8c:67:
27:2a:cc:90:de:10:48:3a:ee:76:7f:8a:96:ae:9f:
d7:c3:88:32:1e:ec:81:26:73:0a:1a:65:d5:ab:d0:
dd:4c:a6:60:e5:fd:63:f0:4d:7e:b9:94:e8:03:b9:
f5:4b:e3:53:62:63:d8:dd:00:10:bc:a2:03:c6:34:
e5:d9:72:f7:ea:8a:01:f3:9d:4b:db:5e:0d:e5:b2:
03:5c:cc:48:8c:85:3d:51:13:59:e4:0a:92:ae:14:
04:e7:60:0c:ff:f9:8e:17:c2:b0:97:aa:dd:bf:1a:
1b:06:30:39:31:a9:df:3f:8c:a7:2d:b4:e2:18:f0:
ca:d4:9e:45:95:68:4d:ba:92:6f:39:c5:19:fa:c7:
4b:2a:05:c2:ab:3f:f9:60:7d:ff:6c:c1:ac:ab:0f:
16:bc:10:99:0d:dc:9d:ec:f9:44:41:e6:29:f5:4d:
d1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:13:FA:70:A1:12:6E:9D:71:BE:49:88:24:E2:AE:63:D4:93:E2:43
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XBP6cKESbp1xvkmIJOKuY9ST4kM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
61:70:b6:3c:62:16:d6:98:5d:ab:ac:28:96:46:d4:62:d7:4c:
94:2b:ea:09:4b:1d:3f:2d:38:94:84:fa:36:25:62:bc:5b:af:
02:fd:05:37:ba:7f:98:22:c1:10:a8:72:eb:21:ea:f7:a0:0c:
7b:75:e2:58:a1:fd:3d:8f:26:9c:68:08:d7:da:6c:7e:f0:41:
f1:1d:83:88:59:f3:35:c0:76:1b:32:7e:23:1b:b2:5d:4d:c1:
b4:1e:70:0c:72:30:8a:d6:03:1e:c6:5a:a5:43:ab:19:54:b8:
f6:f1:ea:6c:a6:0c:b0:41:d6:e4:10:06:53:be:30:49:ca:55:
8d:42:3c:3a:a8:66:76:4a:00:63:3c:5c:df:e6:f4:2b:76:ae:
c9:06:b7:d2:16:3d:b0:b4:c2:ab:fe:71:cb:af:95:28:0d:c7:
50:40:e2:5f:b2:d3:8e:ea:70:9f:73:2f:5d:16:50:ec:d1:f8:
6f:c7:f2:54:d8:27:55:98:24:40:cb:cc:97:93:5f:0f:8c:3a:
fc:e5:8f:08:ad:79:34:87:7f:75:ed:90:ee:b6:e1:7d:01:9e:
7b:cb:72:20:2a:b3:e8:bb:7b:a3:34:a2:09:66:9b:98:8f:fe:
af:94:81:fc:97:a0:5a:a1:29:51:ac:15:b2:2c:51:de:70:5f:
f9:36:47:83
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU+YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAx
MDU0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVDMTNGQTcwQTExMjZF
OUQ3MUJFNDk4ODI0RTJBRTYzRDQ5M0UyNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyyVHLQl345/4hQgW59uQs9j8ih0IGZ61UrENqO8nBBAcOdubm
Nkk81k2fSGi38N/ya7lknZEUbJ+uB9359G9V1VEvZr9+8f8Zmo7bKOJDvUw2mDif
TfiMZycqzJDeEEg67nZ/ipaun9fDiDIe7IEmcwoaZdWr0N1MpmDl/WPwTX65lOgD
ufVL41NiY9jdABC8ogPGNOXZcvfqigHznUvbXg3lsgNczEiMhT1RE1nkCpKuFATn
YAz/+Y4XwrCXqt2/GhsGMDkxqd8/jKcttOIY8MrUnkWVaE26km85xRn6x0sqBcKr
P/lgff9swayrDxa8EJkN3J3s+URB5in1TdFZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUXBP6cKESbp1xvkmIJOKuY9ST4kMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1hCUDZjS0VTYnAxeHZr
bUlKT0t1WTlTVDRrTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAYXC2PGIW1phdq6wolkbUYtdMlCvqCUsd
Py04lIT6NiVivFuvAv0FN7p/mCLBEKhy6yHq96AMe3XiWKH9PY8mnGgI19psfvBB
8R2DiFnzNcB2GzJ+IxuyXU3BtB5wDHIwitYDHsZapUOrGVS49vHqbKYMsEHW5BAG
U74wScpVjUI8OqhmdkoAYzxc3+b0K3auyQa30hY9sLTCq/5xy6+VKA3HUEDiX7LT
jupwn3MvXRZQ7NH4b8fyVNgnVZgkQMvMl5NfD4w6/OWPCK15NId/de2Q7rbhfQGe
e8tyICqz6Lt7ozSiCWabmI/+r5SB/JegWqEpUawVsixR3nBf+TZHgw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:30 2024 by rpki-client on console-fra.rpki-client.org