Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ps52qfDcurhHxd8VQoODcPc1gxY.roa
File: ps52qfDcurhHxd8VQoODcPc1gxY.roa (raw, json)
Hash identifier: TynjZcCi/7r80VWx2QMbBLc2eZ23KePc99efE0XH3Ro=
Subject key identifier: A6:CE:76:A9:F0:DC:BA:B8:47:C5:DF:15:42:83:83:70:F7:35:83:16
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55EE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ps52qfDcurhHxd8VQoODcPc1gxY.roa
Signing time: Mon 13 May 2024 03:54:26 +0000
ROA not before: Mon 13 May 2024 03:54:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21998 (0x55ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 03:54:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A6CE76A9F0DCBAB847C5DF1542838370F7358316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:73:56:11:6e:2d:f9:48:22:b7:4d:1b:c4:55:
c5:7c:36:66:b4:d0:5f:5a:cf:4a:fa:0c:a5:3a:e5:
3a:43:54:34:80:5d:08:8f:f3:fc:62:14:f1:de:ff:
5f:b4:bc:d5:45:a4:e7:71:dc:5d:67:72:01:ce:b9:
dc:55:31:6d:60:c7:ca:59:00:cd:28:43:cd:b3:46:
d9:a4:41:a6:82:d2:7c:78:99:7b:24:fb:36:7c:ad:
17:1d:0e:c7:c7:84:60:3a:4b:6c:e2:8d:72:9a:fa:
7e:aa:da:3b:a8:c7:a3:0d:b2:6c:2c:6b:90:5b:67:
55:92:5c:64:be:d4:87:71:57:25:bd:a4:9e:da:4c:
7b:e3:9b:b0:88:97:27:e9:ac:6d:73:9a:a6:25:ca:
b2:f1:9e:78:d7:e6:47:9b:27:00:b0:00:7a:0d:9b:
46:8b:88:87:42:ca:a1:85:d0:cd:77:39:c3:b5:81:
34:cc:1b:ea:d5:ef:a6:68:92:72:b9:af:d9:4f:75:
fd:f6:78:a0:2c:62:51:b4:1c:b3:d8:7c:b3:70:d2:
3e:c7:84:df:88:fa:3a:f8:a7:74:c5:11:5e:8a:41:
02:6e:19:98:5a:12:b6:a1:87:53:6d:35:8a:f2:88:
8d:47:79:54:74:75:1e:47:31:9a:9e:67:04:ad:58:
fd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:CE:76:A9:F0:DC:BA:B8:47:C5:DF:15:42:83:83:70:F7:35:83:16
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ps52qfDcurhHxd8VQoODcPc1gxY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:0a:af:6b:59:f1:5d:a8:71:c6:c8:17:6d:ac:63:c0:e7:70:
e8:3e:fe:f6:96:8a:c0:4d:94:87:47:3d:a2:f7:d8:59:a5:25:
5f:59:ea:c0:9a:db:47:4b:c1:31:70:f0:2c:b8:29:39:9d:5c:
78:1f:c2:07:9b:da:6c:21:48:df:91:08:c4:92:94:1a:69:b6:
9a:b5:6e:fa:d7:6d:02:df:72:0f:61:83:2b:7c:58:22:54:76:
99:0e:21:15:23:bf:eb:f8:d5:c7:73:f3:90:ef:71:c4:ed:28:
9c:1b:17:6c:59:df:3f:0f:6b:f7:fb:ea:1c:84:a2:e0:2a:6c:
51:ba:b0:81:7d:a8:97:ee:5b:c7:59:6b:70:dc:db:6f:ec:0e:
84:0f:0b:c8:a4:11:93:92:cf:ee:b2:50:26:4c:1b:c2:df:94:
da:2b:f2:a0:0a:a9:52:0b:76:d2:d7:ee:02:c7:a4:7b:91:ae:
5c:a6:ca:ac:5a:1f:ac:5a:a5:33:42:10:7a:c5:2a:ac:d1:0b:
b7:f5:d0:e5:9f:0e:b7:a6:7e:75:96:12:38:fb:21:cc:e8:ff:
b6:67:72:f1:9a:5a:dc:9b:1e:d5:1c:b7:2f:ff:ec:e2:86:85:
64:86:44:af:ca:4a:fb:cf:27:64:15:8a:41:2b:21:ce:17:01:
72:4f:2e:76
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
MzU0MjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE2Q0U3NkE5RjBEQ0JB
Qjg0N0M1REYxNTQyODM4MzcwRjczNTgzMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsc1YRbi35SCK3TRvEVcV8Nma00F9az0r6DKU65TpDVDSAXQiP
8/xiFPHe/1+0vNVFpOdx3F1ncgHOudxVMW1gx8pZAM0oQ82zRtmkQaaC0nx4mXsk
+zZ8rRcdDsfHhGA6S2zijXKa+n6q2juox6MNsmwsa5BbZ1WSXGS+1IdxVyW9pJ7a
THvjm7CIlyfprG1zmqYlyrLxnnjX5kebJwCwAHoNm0aLiIdCyqGF0M13OcO1gTTM
G+rV76ZoknK5r9lPdf32eKAsYlG0HLPYfLNw0j7HhN+I+jr4p3TFEV6KQQJuGZha
Erahh1NtNYryiI1HeVR0dR5HMZqeZwStWP0HAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUps52qfDcurhHxd8VQoODcPc1gxYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BzNTJxZkRjdXJoSHhk
OFZRb09EY1BjMWd4WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKAqva1nxXahxxsgXbaxjwOdw6D7+9paK
wE2Uh0c9ovfYWaUlX1nqwJrbR0vBMXDwLLgpOZ1ceB/CB5vabCFI35EIxJKUGmm2
mrVu+tdtAt9yD2GDK3xYIlR2mQ4hFSO/6/jVx3PzkO9xxO0onBsXbFnfPw9r9/vq
HISi4CpsUbqwgX2ol+5bx1lrcNzbb+wOhA8LyKQRk5LP7rJQJkwbwt+U2ivyoAqp
Ugt20tfuAseke5GuXKbKrFofrFqlM0IQesUqrNELt/XQ5Z8Ot6Z+dZYSOPshzOj/
tmdy8Zpa3Jse1Ry3L//s4oaFZIZEr8pK+88nZBWKQSshzhcBck8udg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:02 2025 by rpki-client