Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XeB0R8wQh0XRlB-YB2Qo1W1ziMc.roa
File: XeB0R8wQh0XRlB-YB2Qo1W1ziMc.roa (raw, json)
Hash identifier: zzWIf5TjfuIn7oVQZ3ZP6inuc7fzkDF0OCxYVT/Tr7E=
Subject key identifier: 5D:E0:74:47:CC:10:87:45:D1:94:1F:98:07:64:28:D5:6D:73:88:C7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 550A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XeB0R8wQh0XRlB-YB2Qo1W1ziMc.roa
Signing time: Sat 11 May 2024 23:24:03 +0000
ROA not before: Sat 11 May 2024 23:24:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21770 (0x550a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 23:24:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5DE07447CC108745D1941F98076428D56D7388C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fe:c9:34:76:a4:f5:56:2a:e9:67:f6:b7:20:
cf:a9:6e:23:e2:a6:2a:52:df:b6:40:86:25:b0:6c:
15:a5:13:cc:43:ea:09:20:58:6c:e2:30:36:10:8b:
19:3c:d7:9a:53:0d:fd:34:d4:bc:1f:6b:dc:78:f9:
34:fb:ed:4d:1c:00:51:23:34:82:aa:48:fc:dc:62:
1d:ed:ce:0b:32:a2:1c:c3:80:59:ed:25:b7:d2:0c:
a5:53:c9:11:7d:e6:26:7d:87:1d:36:c8:85:da:77:
0b:d3:35:33:90:c3:2d:01:b8:71:de:1b:ef:a8:84:
25:e4:2d:6f:bf:c2:13:cb:46:62:60:50:89:ae:d1:
65:bd:4b:bb:13:09:a3:e9:2d:da:03:ce:ea:0e:f1:
82:0c:31:f1:5e:fc:6c:59:3b:15:8d:f2:f7:36:d2:
13:41:54:12:b5:35:a7:ff:07:1e:b1:74:3f:19:16:
af:58:63:41:69:d5:c1:38:31:7c:d4:27:24:b4:a4:
3d:bb:47:ea:c9:15:bc:9d:3a:01:c0:cc:0c:db:11:
97:65:03:8d:f5:e6:bc:5e:a6:36:0e:67:f1:16:28:
96:4a:55:a1:0e:70:dc:4b:30:01:9a:ee:82:73:4e:
0f:20:74:55:59:f3:4f:61:ae:aa:f9:0e:99:cb:fb:
e0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E0:74:47:CC:10:87:45:D1:94:1F:98:07:64:28:D5:6D:73:88:C7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XeB0R8wQh0XRlB-YB2Qo1W1ziMc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:ec:bb:55:ae:4e:31:13:2b:e4:2e:c6:44:4c:74:fa:f7:ae:
49:88:0d:d3:29:5f:f4:dc:1a:99:65:72:3f:33:6f:3d:54:3c:
a3:6e:e1:af:8f:e9:6f:01:39:6e:8f:39:98:f3:1b:39:ee:4f:
1f:f3:81:95:9d:e9:63:b1:09:98:88:36:e2:a1:6f:b5:03:10:
a5:a6:fb:e3:4f:b8:e3:3d:d8:44:f5:90:52:23:6f:00:15:5f:
c5:df:6a:38:fa:14:22:f7:2c:76:5f:65:31:6b:58:84:d1:9d:
c7:66:90:55:f7:de:63:db:fa:9d:75:92:7c:84:a5:af:b5:3e:
b3:7b:61:fd:69:84:64:b8:ef:81:92:41:96:43:43:e4:92:c7:
e1:f4:87:7c:b4:f4:1c:40:d6:77:c6:29:c4:5f:f5:38:1b:c7:
98:fb:50:d5:f6:be:e2:2d:46:9c:e0:2f:e9:ec:5d:78:c3:b2:
77:4b:bc:1a:53:d5:9b:f1:67:65:2d:6e:56:8c:13:f9:ce:82:
9c:ce:cd:a3:39:ac:ec:be:32:c3:ba:a4:f1:54:33:af:9b:dd:
a5:c7:5c:38:c2:e5:03:25:78:80:37:d0:8e:25:58:92:ab:b5:
ef:db:25:18:f4:5d:cc:66:4e:b4:a5:29:b5:14:f6:f1:d3:d7:
cc:74:bc:de
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEy
MzI0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVERTA3NDQ3Q0MxMDg3
NDVEMTk0MUY5ODA3NjQyOEQ1NkQ3Mzg4QzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv/sk0dqT1VirpZ/a3IM+pbiPipipS37ZAhiWwbBWlE8xD6gkg
WGziMDYQixk815pTDf001Lwfa9x4+TT77U0cAFEjNIKqSPzcYh3tzgsyohzDgFnt
JbfSDKVTyRF95iZ9hx02yIXadwvTNTOQwy0BuHHeG++ohCXkLW+/whPLRmJgUImu
0WW9S7sTCaPpLdoDzuoO8YIMMfFe/GxZOxWN8vc20hNBVBK1Naf/Bx6xdD8ZFq9Y
Y0Fp1cE4MXzUJyS0pD27R+rJFbydOgHAzAzbEZdlA4315rxepjYOZ/EWKJZKVaEO
cNxLMAGa7oJzTg8gdFVZ809hrqr5DpnL++CbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUXeB0R8wQh0XRlB+YB2Qo1W1ziMcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1hlQjBSOHdRaDBYUmxC
LVlCMlFvMVcxemlNYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAOOy7Va5OMRMr5C7GREx0+veuSYgN0ylf
9NwamWVyPzNvPVQ8o27hr4/pbwE5bo85mPMbOe5PH/OBlZ3pY7EJmIg24qFvtQMQ
pab740+44z3YRPWQUiNvABVfxd9qOPoUIvcsdl9lMWtYhNGdx2aQVffeY9v6nXWS
fISlr7U+s3th/WmEZLjvgZJBlkND5JLH4fSHfLT0HEDWd8YpxF/1OBvHmPtQ1fa+
4i1GnOAv6exdeMOyd0u8GlPVm/FnZS1uVowT+c6CnM7Nozms7L4yw7qk8VQzr5vd
pcdcOMLlAyV4gDfQjiVYkqu179slGPRdzGZOtKUptRT28dPXzHS83g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:49 2024 by rpki-client on console-ams.rpki-client.org