Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XvFY5D53aa8Or_v0iMQivI_lAfI.roa
File: XvFY5D53aa8Or_v0iMQivI_lAfI.roa (raw, json)
Hash identifier: lREiwZM5dHrz/YtsZWtSgNu1AeHrBqb4RPtzyRdBlUg=
Subject key identifier: 5E:F1:58:E4:3E:77:69:AF:0E:AF:FB:F4:88:C4:22:BC:8F:E5:01:F2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47BA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XvFY5D53aa8Or_v0iMQivI_lAfI.roa
Signing time: Wed 24 Apr 2024 05:23:13 +0000
ROA not before: Wed 24 Apr 2024 05:23:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18362 (0x47ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 05:23:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5EF158E43E7769AF0EAFFBF488C422BC8FE501F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3d:53:57:32:3b:dd:1e:3d:4c:42:d8:e6:65:
5d:c0:d9:10:81:e2:ef:a2:72:45:45:56:ae:c8:d8:
f8:03:2c:4f:09:bb:e4:c4:b8:18:5d:99:06:b1:30:
ab:96:16:2c:0d:0f:2b:44:21:c2:f3:2f:f1:30:18:
23:97:06:62:11:f7:ee:5a:58:2d:84:c5:64:c7:62:
e7:54:ac:38:46:7a:4a:5b:15:5c:52:4b:bb:ce:a6:
fc:67:a1:d5:4b:73:8c:85:99:69:7f:1a:72:71:b0:
9f:4a:c3:6f:de:6d:c3:a8:e9:19:c0:14:d4:c0:9f:
fd:72:d1:0a:e7:4b:39:60:b4:4a:19:5c:38:63:7a:
3c:53:ed:c0:e1:f7:f9:0c:fa:61:cc:ca:35:74:8c:
31:1a:aa:93:cc:66:ae:c3:fa:e3:8b:de:5d:f8:b2:
5d:e0:da:ba:5d:79:4c:c9:c9:c5:65:aa:cc:50:d8:
5d:25:11:10:3e:ca:1a:94:2a:b7:f0:d0:cb:72:e1:
17:c8:ec:84:76:cc:2b:5e:ec:52:9d:20:60:78:a7:
64:dd:08:01:43:71:d2:4a:fa:e3:7c:51:36:c7:e8:
a1:2e:64:ef:a8:43:c3:0c:59:a5:1a:87:1b:66:77:
0d:4e:da:f4:f3:c9:87:79:80:63:3c:e9:b5:9e:c0:
ed:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F1:58:E4:3E:77:69:AF:0E:AF:FB:F4:88:C4:22:BC:8F:E5:01:F2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XvFY5D53aa8Or_v0iMQivI_lAfI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:1a:19:65:5d:ed:1c:46:39:1e:b6:ae:ee:5d:07:fd:16:ec:
8c:2e:77:18:0a:37:9a:21:a8:c2:2b:4b:28:ae:d1:65:88:53:
62:db:ab:e0:cc:18:96:cd:f3:c4:34:ab:b4:01:0a:ed:11:64:
85:4a:d8:cf:d0:99:0b:86:43:15:3a:68:ac:16:59:9b:f1:c1:
de:f4:8f:ee:63:2e:2b:c2:ee:14:d9:4a:a3:05:73:b8:9e:f7:
f8:4a:54:1f:c5:0a:96:3a:ed:86:0a:bf:88:27:32:29:27:bd:
b4:39:f9:3a:72:5e:90:6d:9a:56:07:4b:54:d0:2d:b3:8f:41:
3c:2f:28:88:90:92:9d:c3:96:1f:bd:ca:0d:9b:f6:ad:16:18:
2a:68:57:06:49:f0:2c:5b:70:8f:d3:13:fa:cc:c5:26:ee:f9:
fc:ef:db:57:7a:dd:3b:16:a3:db:82:70:2f:3d:79:e0:8c:0b:
dd:e5:27:ef:2c:ab:bd:aa:6a:ae:d9:ac:a9:43:35:6e:6b:de:
9e:4b:80:1c:f3:87:a3:a5:d6:c0:cb:1e:ea:fb:c3:df:7e:74:
e1:b9:19:75:09:aa:b5:52:bd:4a:10:07:f4:25:95:50:f0:5f:
65:ae:3f:61:cc:ed:5f:fd:54:e9:95:c4:65:21:f1:63:27:fd:
56:cd:97:b8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR7owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
NTIzMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVFRjE1OEU0M0U3NzY5
QUYwRUFGRkJGNDg4QzQyMkJDOEZFNTAxRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtPVNXMjvdHj1MQtjmZV3A2RCB4u+ickVFVq7I2PgDLE8Ju+TE
uBhdmQaxMKuWFiwNDytEIcLzL/EwGCOXBmIR9+5aWC2ExWTHYudUrDhGekpbFVxS
S7vOpvxnodVLc4yFmWl/GnJxsJ9Kw2/ebcOo6RnAFNTAn/1y0QrnSzlgtEoZXDhj
ejxT7cDh9/kM+mHMyjV0jDEaqpPMZq7D+uOL3l34sl3g2rpdeUzJycVlqsxQ2F0l
ERA+yhqUKrfw0Mty4RfI7IR2zCte7FKdIGB4p2TdCAFDcdJK+uN8UTbH6KEuZO+o
Q8MMWaUahxtmdw1O2vTzyYd5gGM86bWewO2vAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUXvFY5D53aa8Or/v0iMQivI/lAfIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1h2Rlk1RDUzYWE4T3Jf
djBpTVFpdklfbEFmSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAcRoZZV3tHEY5Hrau7l0H/RbsjC53GAo3
miGowitLKK7RZYhTYtur4MwYls3zxDSrtAEK7RFkhUrYz9CZC4ZDFTporBZZm/HB
3vSP7mMuK8LuFNlKowVzuJ73+EpUH8UKljrthgq/iCcyKSe9tDn5OnJekG2aVgdL
VNAts49BPC8oiJCSncOWH73KDZv2rRYYKmhXBknwLFtwj9MT+szFJu75/O/bV3rd
Oxaj24JwLz154IwL3eUn7yyrvapqrtmsqUM1bmvenkuAHPOHo6XWwMse6vvD3350
4bkZdQmqtVK9ShAH9CWVUPBfZa4/YcztX/1U6ZXEZSHxYyf9Vs2XuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org