Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XHjUl1sIt1jVixdJ02ssMko9nHo.roa
File: XHjUl1sIt1jVixdJ02ssMko9nHo.roa (raw, json)
Hash identifier: ZDvW0AEEeExS1JNx09P+eZnDjSgqN5ZKyMPAQCcxB8Y=
Subject key identifier: 5C:78:D4:97:5B:08:B7:58:D5:8B:17:49:D3:6B:2C:32:4A:3D:9C:7A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 446E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XHjUl1sIt1jVixdJ02ssMko9nHo.roa
Signing time: Fri 19 Apr 2024 19:53:04 +0000
ROA not before: Fri 19 Apr 2024 19:53:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17518 (0x446e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 19:53:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5C78D4975B08B758D58B1749D36B2C324A3D9C7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d8:9e:ca:81:32:3f:41:ff:94:35:99:c4:dd:
9b:84:42:99:d3:68:02:69:28:b0:94:c5:0e:8b:e7:
ab:fc:67:03:de:bb:4a:7a:eb:30:ba:dc:23:cd:19:
36:33:5a:36:fd:46:c4:7a:f8:64:6d:88:23:54:41:
24:28:9e:af:73:f2:0e:79:a5:4a:23:85:31:d5:a5:
3d:30:7a:35:2e:62:5d:8b:35:58:1f:65:b9:2c:44:
67:e7:e6:27:df:d4:38:a1:2c:8c:78:6d:b9:f9:17:
8e:13:ee:0f:01:4a:3a:b5:72:fe:cb:4b:40:ca:29:
00:4d:43:e2:fe:31:1e:97:de:df:55:16:31:4c:90:
4a:09:41:db:0c:75:57:82:0d:34:95:f0:f0:d4:d7:
3c:9e:a2:d6:14:b7:0c:c0:9e:07:0f:5f:2e:af:57:
d4:6d:02:d5:4d:6d:b1:03:78:14:65:ac:39:d9:fb:
c2:b5:c0:fa:b8:16:a2:ce:31:b5:55:f5:19:0d:6c:
f5:86:89:9d:a3:e1:21:35:16:c9:1d:f7:41:7b:05:
c0:90:17:19:c3:fa:c0:51:df:a1:e9:28:52:85:ce:
50:49:db:2b:e7:66:57:33:21:d8:38:e7:34:88:5e:
4c:4f:ad:19:32:c4:7a:b0:1b:ba:dd:e4:7d:46:56:
63:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:78:D4:97:5B:08:B7:58:D5:8B:17:49:D3:6B:2C:32:4A:3D:9C:7A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XHjUl1sIt1jVixdJ02ssMko9nHo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:49:9f:de:32:74:49:2c:08:e5:f2:e3:60:8f:bb:06:71:5e:
ed:ed:ea:42:48:24:42:39:a1:5d:03:17:a6:d9:e1:2a:ec:da:
3d:bf:ed:bd:67:32:b6:91:7d:38:e4:f1:0e:a4:e5:40:f1:69:
2b:48:6b:fc:8b:e3:11:0a:33:f2:05:62:1f:d2:53:dc:d6:3a:
64:23:86:3f:ea:0c:82:ef:e9:1d:49:54:51:4b:36:36:48:15:
90:9f:39:95:bb:c3:2c:65:45:fb:b2:5b:98:5b:b9:77:a4:3e:
92:0c:56:9c:ea:c5:d9:72:7a:a1:ab:ab:31:9c:d6:e6:e8:0c:
95:d5:ee:ad:e7:9f:97:9e:b6:55:6d:fa:7b:35:4c:9f:90:cf:
83:9b:6f:97:40:15:88:ba:1c:bb:52:8c:c1:97:55:e7:79:48:
b1:49:ea:e4:91:ea:e0:65:4d:9f:21:9c:40:3f:ec:06:17:44:
f3:5c:d7:61:f7:95:57:f0:0d:bb:9b:a8:4a:52:83:b5:11:fc:
e6:d4:4f:b0:89:8f:f7:e9:7b:c1:21:a2:cd:f7:d1:99:a6:79:
e7:0c:48:f9:93:7c:9e:f8:30:72:c1:60:c0:44:9f:a3:17:27:
cc:4f:64:a4:86:74:05:ce:af:ec:c1:8d:be:9f:59:8c:87:c7:
0d:a1:8e:8f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRG4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkx
OTUzMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVDNzhENDk3NUIwOEI3
NThENThCMTc0OUQzNkIyQzMyNEEzRDlDN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF2J7KgTI/Qf+UNZnE3ZuEQpnTaAJpKLCUxQ6L56v8ZwPeu0p6
6zC63CPNGTYzWjb9RsR6+GRtiCNUQSQonq9z8g55pUojhTHVpT0wejUuYl2LNVgf
ZbksRGfn5iff1DihLIx4bbn5F44T7g8BSjq1cv7LS0DKKQBNQ+L+MR6X3t9VFjFM
kEoJQdsMdVeCDTSV8PDU1zyeotYUtwzAngcPXy6vV9RtAtVNbbEDeBRlrDnZ+8K1
wPq4FqLOMbVV9RkNbPWGiZ2j4SE1Fskd90F7BcCQFxnD+sBR36HpKFKFzlBJ2yvn
ZlczIdg45zSIXkxPrRkyxHqwG7rd5H1GVmM3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUXHjUl1sIt1jVixdJ02ssMko9nHowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1hIalVsMXNJdDFqVml4
ZEowMnNzTWtvOW5Iby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAoEmf3jJ0SSwI5fLjYI+7BnFe7e3qQkgk
QjmhXQMXptnhKuzaPb/tvWcytpF9OOTxDqTlQPFpK0hr/IvjEQoz8gViH9JT3NY6
ZCOGP+oMgu/pHUlUUUs2NkgVkJ85lbvDLGVF+7JbmFu5d6Q+kgxWnOrF2XJ6oaur
MZzW5ugMldXureefl562VW36ezVMn5DPg5tvl0AViLocu1KMwZdV53lIsUnq5JHq
4GVNnyGcQD/sBhdE81zXYfeVV/ANu5uoSlKDtRH85tRPsImP9+l7wSGizffRmaZ5
5wxI+ZN8nvgwcsFgwESfoxcnzE9kpIZ0Bc6v7MGNvp9ZjIfHDaGOjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:30 2024 by rpki-client on console-fra.rpki-client.org