Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/inGsXJr5_S9h2KyBggX_NRvtlyk.roa
File: inGsXJr5_S9h2KyBggX_NRvtlyk.roa (raw, json)
Hash identifier: /DWKbIckSdrKSnBscrISj/Vrrm0Z9QVaJh1JW5zgrks=
Subject key identifier: 8A:71:AC:5C:9A:F9:FD:2F:61:D8:AC:81:82:05:FF:35:1B:ED:97:29
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FB2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/inGsXJr5_S9h2KyBggX_NRvtlyk.roa
Signing time: Sat 04 May 2024 20:23:48 +0000
ROA not before: Sat 04 May 2024 20:23:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20402 (0x4fb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 20:23:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8A71AC5C9AF9FD2F61D8AC818205FF351BED9729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b9:b2:d1:a7:71:f6:99:35:50:89:af:df:ef:
29:41:bf:52:79:a7:9e:fc:a4:a6:3f:0a:be:a6:e9:
2b:1c:06:68:a6:d1:6f:e2:e2:da:29:de:47:ef:d0:
cb:77:8a:0f:58:e2:04:46:55:2c:9b:93:b5:e1:88:
3f:b4:da:a9:c6:34:c4:50:2a:2f:b9:3f:0d:f5:0d:
8f:77:1b:06:58:f5:8f:45:29:26:49:5d:55:48:5c:
a9:8c:20:f2:23:dc:f9:d6:1e:64:15:93:b2:10:38:
72:a1:cc:db:e8:d9:47:3e:97:c7:16:99:1d:c4:05:
0d:37:43:94:ed:80:8d:4a:92:b6:d8:c3:77:b3:e1:
9b:1e:3d:1f:dd:0f:d1:93:ad:42:3f:10:8e:d3:eb:
f0:81:35:95:84:a2:e4:a3:28:e2:fc:d0:3b:81:ce:
5b:4c:74:25:da:af:5c:6c:a9:4a:62:38:b6:fa:1f:
9c:63:ec:a4:56:af:82:4c:dc:e2:fa:30:61:e3:98:
b7:fd:69:e4:9d:c8:f7:53:8b:22:36:d6:f3:fe:9b:
7f:b1:c0:3e:b4:56:43:52:67:e8:97:85:43:c4:db:
1c:b7:91:0a:c9:f8:e8:76:6e:dc:98:1b:8d:89:48:
34:3b:04:b1:c2:bf:8d:80:fc:75:90:8d:2e:59:e7:
4c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:71:AC:5C:9A:F9:FD:2F:61:D8:AC:81:82:05:FF:35:1B:ED:97:29
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/inGsXJr5_S9h2KyBggX_NRvtlyk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:2a:1f:2a:df:6b:e0:c9:63:e3:03:97:43:a3:34:98:28:e6:
61:cf:e3:ff:83:6b:5b:b0:49:c1:04:40:2e:a4:f5:31:f5:1b:
91:d8:12:88:37:4f:36:17:07:58:02:de:dd:ee:34:b4:2a:dd:
95:ac:59:56:24:3f:06:a8:dc:8c:ba:dc:cd:1f:77:3c:18:8e:
cc:c4:74:51:73:a7:ba:ac:ea:26:95:8e:ef:c2:a9:11:b4:e3:
1a:e9:a7:58:82:b8:e9:2c:81:88:5f:b1:dd:5b:be:40:e3:7e:
70:0e:64:be:90:a5:c0:4b:94:bf:1e:84:45:33:d4:ab:49:e7:
88:ba:50:8d:cf:60:55:a4:b5:ec:0f:d9:b5:f7:0c:8e:98:19:
8d:ea:bd:8e:7a:71:d8:98:dc:ad:c5:04:e4:e0:85:35:d0:b8:
95:ce:98:1d:45:9b:84:41:fa:4d:d9:11:46:fa:8c:1f:76:1a:
c8:0c:15:da:b9:c7:a8:21:62:53:f6:e1:87:c5:1b:01:68:4e:
02:3b:74:cb:5c:48:d5:45:23:c0:ea:47:68:ef:60:33:e2:4a:
63:e0:23:d3:dc:33:32:ce:78:c4:c4:c6:a1:04:ce:1b:62:ae:
f5:85:a3:51:54:cd:de:21:4d:98:3d:06:25:61:ce:ca:5b:d7:
eb:bf:7b:3b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICT7IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQy
MDIzNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhBNzFBQzVDOUFGOUZE
MkY2MUQ4QUM4MTgyMDVGRjM1MUJFRDk3MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2ubLRp3H2mTVQia/f7ylBv1J5p578pKY/Cr6m6SscBmim0W/i
4top3kfv0Mt3ig9Y4gRGVSybk7XhiD+02qnGNMRQKi+5Pw31DY93GwZY9Y9FKSZJ
XVVIXKmMIPIj3PnWHmQVk7IQOHKhzNvo2Uc+l8cWmR3EBQ03Q5TtgI1KkrbYw3ez
4ZsePR/dD9GTrUI/EI7T6/CBNZWEouSjKOL80DuBzltMdCXar1xsqUpiOLb6H5xj
7KRWr4JM3OL6MGHjmLf9aeSdyPdTiyI21vP+m3+xwD60VkNSZ+iXhUPE2xy3kQrJ
+Oh2btyYG42JSDQ7BLHCv42A/HWQjS5Z50xDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUinGsXJr5/S9h2KyBggX/NRvtlykwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2luR3NYSnI1X1M5aDJL
eUJnZ1hfTlJ2dGx5ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAJiofKt9r4Mlj4wOXQ6M0mCjmYc/j/4Nr
W7BJwQRALqT1MfUbkdgSiDdPNhcHWALe3e40tCrdlaxZViQ/BqjcjLrczR93PBiO
zMR0UXOnuqzqJpWO78KpEbTjGumnWIK46SyBiF+x3Vu+QON+cA5kvpClwEuUvx6E
RTPUq0nniLpQjc9gVaS17A/ZtfcMjpgZjeq9jnpx2JjcrcUE5OCFNdC4lc6YHUWb
hEH6TdkRRvqMH3YayAwV2rnHqCFiU/bhh8UbAWhOAjt0y1xI1UUjwOpHaO9gM+JK
Y+Aj09wzMs54xMTGoQTOG2Ku9YWjUVTN3iFNmD0GJWHOylvX6797Ow==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:20 2025 by rpki-client