Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/a_hg_XxYlkP4-ir0KqAEvJ1IDbQ.roa
File: a_hg_XxYlkP4-ir0KqAEvJ1IDbQ.roa (raw, json)
Hash identifier: xV+/glqLhmTzg/wk2hPzUNj2L0Iq2vIioGquNB4FKGQ=
Subject key identifier: 6B:F8:60:FD:7C:58:96:43:F8:FA:2A:F4:2A:A0:04:BC:9D:48:0D:B4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5296
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/a_hg_XxYlkP4-ir0KqAEvJ1IDbQ.roa
Signing time: Wed 08 May 2024 16:53:58 +0000
ROA not before: Wed 08 May 2024 16:53:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21142 (0x5296)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 16:53:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6BF860FD7C589643F8FA2AF42AA004BC9D480DB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fe:fa:51:41:02:16:fb:cf:e2:26:01:b8:a3:
c3:c0:4d:ac:4c:2b:53:e8:d4:bf:7e:a5:bd:69:27:
8b:2a:c3:8f:a3:f4:c9:91:c9:85:7d:11:3c:dc:b2:
46:5f:80:3c:48:06:99:30:10:82:7d:46:75:e4:c9:
b8:56:ae:53:87:2e:0a:33:89:60:0e:e5:87:60:52:
ed:c1:cb:82:45:41:e2:ff:1c:f8:76:b4:8c:03:58:
80:61:3a:8a:e9:ea:21:e0:7b:a2:17:73:28:27:d0:
25:2d:19:5f:32:9f:09:cd:7e:0d:20:1f:f0:94:b9:
9c:d8:18:fe:97:7e:07:61:e1:95:2d:1c:a9:e8:ff:
87:a7:e4:00:43:7f:d5:bd:b1:e8:fe:59:1d:c0:55:
be:6a:42:e3:fc:3a:86:e9:f0:a4:4b:46:02:57:38:
f2:61:a1:7e:c0:57:97:0f:c8:6e:9f:34:16:e0:1f:
50:99:d4:6c:96:ed:59:28:dd:fc:2c:91:4d:f9:56:
45:e6:fd:59:30:ee:e6:30:bb:c8:ae:46:b5:74:72:
06:8a:44:15:17:f6:8c:ad:f3:83:45:33:99:ca:6b:
cd:d9:d1:ee:d7:91:6a:cc:82:4d:29:08:b5:bb:e1:
17:c2:d7:b5:43:67:52:a0:e2:9e:10:61:41:e0:da:
67:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F8:60:FD:7C:58:96:43:F8:FA:2A:F4:2A:A0:04:BC:9D:48:0D:B4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/a_hg_XxYlkP4-ir0KqAEvJ1IDbQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:01:27:ec:4f:9a:26:62:0b:64:82:70:2f:99:f4:e5:db:6e:
05:fc:7e:17:17:b3:66:d8:1e:0e:af:50:e7:a7:ed:e4:7b:26:
7e:66:53:ef:af:08:10:07:fc:12:ef:c5:e0:d3:0f:a0:71:e5:
ef:79:db:11:48:fb:82:f8:98:31:19:25:59:37:55:09:05:25:
1d:84:5a:5a:f2:cd:76:5d:92:5c:c1:5f:1c:a3:f3:7c:a3:84:
84:4c:64:5e:b3:8d:a6:53:a5:c1:c0:a0:7e:80:9b:98:ce:42:
0e:cb:39:2d:16:16:c3:1f:e5:d8:af:94:89:15:dc:11:8e:7d:
83:4b:96:ac:36:32:36:d4:82:c4:44:e0:03:45:b7:d0:b9:fd:
d2:7d:72:16:5c:68:7a:d1:80:b0:20:fd:6c:74:95:7d:84:c4:
46:5e:a2:96:4c:70:45:93:ed:ab:3f:35:37:80:d9:5d:17:a0:
d5:1a:44:d8:14:e3:80:b1:16:ae:5f:4a:aa:77:56:f8:50:08:
11:25:af:22:f0:12:27:5c:6e:01:f7:ff:f4:ab:53:52:b3:02:
de:8c:d4:47:71:32:67:08:b9:b3:ad:10:a7:4e:1a:b0:0f:90:
62:e1:0a:f0:2d:0b:ec:83:d2:42:e6:91:e0:17:ee:4f:a7:db:
38:10:80:89
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUpYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgx
NjUzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZCRjg2MEZEN0M1ODk2
NDNGOEZBMkFGNDJBQTAwNEJDOUQ0ODBEQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCi/vpRQQIW+8/iJgG4o8PATaxMK1Po1L9+pb1pJ4sqw4+j9MmR
yYV9ETzcskZfgDxIBpkwEIJ9RnXkybhWrlOHLgoziWAO5YdgUu3By4JFQeL/HPh2
tIwDWIBhOorp6iHge6IXcygn0CUtGV8ynwnNfg0gH/CUuZzYGP6Xfgdh4ZUtHKno
/4en5ABDf9W9sej+WR3AVb5qQuP8Oobp8KRLRgJXOPJhoX7AV5cPyG6fNBbgH1CZ
1GyW7Vko3fwskU35VkXm/Vkw7uYwu8iuRrV0cgaKRBUX9oyt84NFM5nKa83Z0e7X
kWrMgk0pCLW74RfC17VDZ1Kg4p4QYUHg2mevAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUa/hg/XxYlkP4+ir0KqAEvJ1IDbQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FfaGdfWHhZbGtQNC1p
cjBLcUFFdkoxSURiUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAiAEn7E+aJmILZIJwL5n05dtuBfx+Fxez
ZtgeDq9Q56ft5HsmfmZT768IEAf8Eu/F4NMPoHHl73nbEUj7gviYMRklWTdVCQUl
HYRaWvLNdl2SXMFfHKPzfKOEhExkXrONplOlwcCgfoCbmM5CDss5LRYWwx/l2K+U
iRXcEY59g0uWrDYyNtSCxETgA0W30Ln90n1yFlxoetGAsCD9bHSVfYTERl6ilkxw
RZPtqz81N4DZXReg1RpE2BTjgLEWrl9KqndW+FAIESWvIvASJ1xuAff/9KtTUrMC
3ozUR3EyZwi5s60Qp04asA+QYuEK8C0L7IPSQuaR4BfuT6fbOBCAiQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:33 2025 by rpki-client