Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XGEL4Y8SBvgFut7sFSEU1VRTFDc.roa
File: XGEL4Y8SBvgFut7sFSEU1VRTFDc.roa (raw, json)
Hash identifier: C6xjt9GPhnkRWfEo4jBCmxHbhpUFvf+5titj9/H7ZUM=
Subject key identifier: 5C:61:0B:E1:8F:12:06:F8:05:BA:DE:EC:15:21:14:D5:54:53:14:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 52EE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XGEL4Y8SBvgFut7sFSEU1VRTFDc.roa
Signing time: Thu 09 May 2024 03:53:57 +0000
ROA not before: Thu 09 May 2024 03:53:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21230 (0x52ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 03:53:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5C610BE18F1206F805BADEEC152114D554531437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:76:19:17:d0:08:a7:f7:43:8a:74:55:59:a2:
0c:a3:1b:42:d4:53:bf:ba:00:82:8b:3d:28:05:3f:
db:15:e2:4c:13:c3:cc:03:1f:0b:55:21:5d:1d:b7:
26:50:ec:51:73:c6:35:fa:57:f3:3b:89:a6:05:4b:
9a:ef:fc:f6:37:52:f6:91:3c:de:5e:b7:3d:bd:ae:
cd:e3:ce:02:c6:96:b5:fc:dd:d2:c7:83:6c:14:ee:
ec:2e:ae:08:78:c5:b3:f6:a4:36:5b:94:1b:fc:50:
e1:90:ec:28:8b:5e:96:40:30:cd:1e:d5:54:ef:b0:
e8:27:91:af:8f:0f:24:00:bb:62:d7:cd:7a:0a:58:
94:35:89:d7:47:81:8d:1e:56:82:fe:ec:84:97:0d:
91:7a:74:d1:71:99:f3:59:44:43:80:84:0b:0e:5b:
d6:b8:78:5f:f8:e9:58:ab:ec:b6:15:92:27:bd:2a:
78:2a:d4:4f:41:ac:6c:1e:c0:a8:9b:2d:7e:30:00:
7d:50:66:e0:77:f5:ce:dd:ea:28:22:d5:82:16:8a:
9c:a6:1d:a3:68:9d:ce:13:85:07:05:53:48:04:cb:
3b:3d:d4:04:e7:0f:f3:19:a9:fe:0c:e1:5b:f4:58:
50:db:08:bf:d8:62:ba:58:6e:00:fe:c4:3c:4e:49:
a8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:61:0B:E1:8F:12:06:F8:05:BA:DE:EC:15:21:14:D5:54:53:14:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XGEL4Y8SBvgFut7sFSEU1VRTFDc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:5a:75:19:0d:b3:9d:4d:5c:77:49:5a:ea:89:63:f0:42:a0:
3b:00:d0:25:e2:44:37:db:ac:0c:04:3a:21:06:8d:26:0f:97:
bf:45:d5:ac:46:ca:5f:7e:ca:7e:af:dc:35:d6:d8:54:24:b4:
d2:64:c4:02:c0:e7:57:76:74:1a:ee:9c:ca:86:29:3f:8c:61:
91:55:3f:cb:78:a1:12:9c:e0:05:da:91:7d:03:78:64:f5:3a:
70:b7:04:0d:85:8d:6b:28:cd:60:65:1b:07:dc:e9:53:d1:87:
ca:53:6f:74:c3:e3:20:65:17:30:ba:67:af:b1:ed:fc:6f:f2:
96:10:03:12:7d:da:97:cb:c3:ab:37:98:a5:43:57:db:fd:d1:
cc:18:df:c7:31:78:ac:df:fa:61:24:a6:9c:47:24:08:a2:cd:
58:9c:c6:5b:47:ab:b8:f4:d0:b0:46:1f:a7:40:37:7f:7a:6b:
89:ce:c5:98:ef:cc:d9:0a:da:6f:5c:aa:8c:e4:f5:9f:0c:4a:
d0:f0:74:8a:84:a5:8c:4b:34:51:bc:fa:4a:71:bc:b6:b7:0a:
04:39:86:78:65:65:e0:69:18:30:18:9f:24:c5:0b:27:3a:d7:
8a:c3:eb:9a:f8:f5:0b:89:41:6c:9b:a5:f5:ed:39:47:67:d4:
ec:92:22:2f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUu4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkw
MzUzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVDNjEwQkUxOEYxMjA2
RjgwNUJBREVFQzE1MjExNEQ1NTQ1MzE0MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAdhkX0Ain90OKdFVZogyjG0LUU7+6AIKLPSgFP9sV4kwTw8wD
HwtVIV0dtyZQ7FFzxjX6V/M7iaYFS5rv/PY3UvaRPN5etz29rs3jzgLGlrX83dLH
g2wU7uwurgh4xbP2pDZblBv8UOGQ7CiLXpZAMM0e1VTvsOgnka+PDyQAu2LXzXoK
WJQ1iddHgY0eVoL+7ISXDZF6dNFxmfNZREOAhAsOW9a4eF/46Vir7LYVkie9Kngq
1E9BrGwewKibLX4wAH1QZuB39c7d6igi1YIWipymHaNonc4ThQcFU0gEyzs91ATn
D/MZqf4M4Vv0WFDbCL/YYrpYbgD+xDxOSahjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUXGEL4Y8SBvgFut7sFSEU1VRTFDcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1hHRUw0WThTQnZnRnV0
N3NGU0VVMVZSVEZEYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAY1p1GQ2znU1cd0la6olj8EKgOwDQJeJE
N9usDAQ6IQaNJg+Xv0XVrEbKX37Kfq/cNdbYVCS00mTEAsDnV3Z0Gu6cyoYpP4xh
kVU/y3ihEpzgBdqRfQN4ZPU6cLcEDYWNayjNYGUbB9zpU9GHylNvdMPjIGUXMLpn
r7Ht/G/ylhADEn3al8vDqzeYpUNX2/3RzBjfxzF4rN/6YSSmnEckCKLNWJzGW0er
uPTQsEYfp0A3f3pric7FmO/M2Qrab1yqjOT1nwxK0PB0ioSljEs0Ubz6SnG8trcK
BDmGeGVl4GkYMBifJMULJzrXisPrmvj1C4lBbJul9e05R2fU7JIiLw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:40 2025 by rpki-client