Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qxKh_PGtolOX_3VWyo0284a6_Jk.roa
File: qxKh_PGtolOX_3VWyo0284a6_Jk.roa (raw, json)
Hash identifier: c9cMAnY9IiWmSQG6iRN9DcssaYPanh0vvCHLe+ANMkw=
Subject key identifier: AB:12:A1:FC:F1:AD:A2:53:97:FF:75:56:CA:8D:36:F3:86:BA:FC:99
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56D2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qxKh_PGtolOX_3VWyo0284a6_Jk.roa
Signing time: Tue 14 May 2024 08:24:08 +0000
ROA not before: Tue 14 May 2024 08:24:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22226 (0x56d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 08:24:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AB12A1FCF1ADA25397FF7556CA8D36F386BAFC99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d5:21:56:ee:ab:42:a8:3b:5c:a3:6c:78:4f:
2e:f0:4d:21:b1:74:4c:1a:29:a9:2e:03:a7:45:e1:
38:5e:3f:45:5c:df:a1:e3:2b:3d:b7:23:52:79:b1:
5c:d4:9e:91:37:c2:92:36:d7:4b:0a:0f:fe:76:63:
52:25:0d:4c:5c:2c:c5:a2:3e:d1:c2:94:a5:12:75:
22:58:6d:41:33:53:fe:e3:03:6c:49:99:46:97:27:
94:7f:12:45:2f:af:62:c1:6f:b3:4c:f0:16:58:15:
c3:cf:8d:65:02:df:92:6a:b5:00:17:ae:ee:c1:56:
34:00:af:8c:dc:08:57:64:6f:0e:ce:41:6b:19:fa:
7d:35:1d:11:6c:bc:ef:ca:5a:51:7c:f2:d9:2e:70:
f5:22:76:37:0c:56:fd:e5:c2:00:bd:60:86:6f:4c:
0a:ae:be:95:7c:d8:24:44:63:0d:be:ae:11:53:ac:
d6:b4:17:bc:e6:aa:dd:be:96:0a:6c:a2:fc:c5:bd:
7b:76:24:4c:2e:98:c9:18:b2:8d:9b:55:6f:da:ca:
c3:cc:6d:00:81:cb:06:7b:0f:ad:e6:6d:97:3d:44:
69:ca:c9:06:e6:de:fb:75:90:f7:9c:12:62:10:38:
a3:ac:13:2a:cc:a3:c0:aa:cf:37:24:fe:56:67:18:
10:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:12:A1:FC:F1:AD:A2:53:97:FF:75:56:CA:8D:36:F3:86:BA:FC:99
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qxKh_PGtolOX_3VWyo0284a6_Jk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:c8:5f:d7:92:5f:54:81:38:c2:fd:4f:ea:68:93:16:c2:b1:
25:90:0c:88:b0:6c:c8:30:a4:5d:21:b2:9e:37:20:b4:69:69:
48:63:4c:27:03:b9:17:f1:70:64:d6:cb:38:34:43:11:dd:de:
da:02:66:f6:82:73:ee:a3:03:0a:7e:ec:99:d6:27:61:b7:1a:
48:4b:a0:78:f1:cb:68:b7:58:de:06:40:78:e1:12:80:ec:2b:
76:f0:c9:24:fd:eb:24:4c:b0:d5:6f:b5:3d:db:52:45:77:82:
e9:c4:df:5e:ac:d6:69:d6:d7:3b:cd:24:db:a8:b1:b8:a2:f2:
44:1d:0d:8b:52:8f:68:fd:b0:d1:8e:de:e9:a9:b8:b9:df:b7:
bf:39:bf:bd:0d:4b:e2:58:d7:2a:eb:16:b3:42:ef:4a:0d:9e:
28:b1:7a:12:35:6f:e1:21:31:3e:bb:04:f7:56:1e:53:b4:d2:
53:a9:36:33:58:02:c4:22:55:59:90:b0:d8:76:21:ed:14:44:
9e:79:5f:a2:c5:2d:0f:12:ad:d0:7a:f8:09:a3:45:f9:98:00:
6d:82:c8:1a:32:ff:9d:63:a5:9a:a3:c0:9f:1e:db:fc:ec:b2:
51:a8:35:53:99:9a:9d:4c:ef:af:c0:5b:c9:d9:1d:82:df:ef:
af:bb:db:0a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVtIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQw
ODI0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFCMTJBMUZDRjFBREEy
NTM5N0ZGNzU1NkNBOEQzNkYzODZCQUZDOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCX1SFW7qtCqDtco2x4Ty7wTSGxdEwaKakuA6dF4TheP0Vc36Hj
Kz23I1J5sVzUnpE3wpI210sKD/52Y1IlDUxcLMWiPtHClKUSdSJYbUEzU/7jA2xJ
mUaXJ5R/EkUvr2LBb7NM8BZYFcPPjWUC35JqtQAXru7BVjQAr4zcCFdkbw7OQWsZ
+n01HRFsvO/KWlF88tkucPUidjcMVv3lwgC9YIZvTAquvpV82CREYw2+rhFTrNa0
F7zmqt2+lgpsovzFvXt2JEwumMkYso2bVW/aysPMbQCBywZ7D63mbZc9RGnKyQbm
3vt1kPecEmIQOKOsEyrMo8Cqzzck/lZnGBC/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqxKh/PGtolOX/3VWyo0284a6/JkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3F4S2hfUEd0b2xPWF8z
Vld5bzAyODRhNl9Kay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAh8hf15JfVIE4wv1P6miTFsKxJZAMiLBs
yDCkXSGynjcgtGlpSGNMJwO5F/FwZNbLODRDEd3e2gJm9oJz7qMDCn7smdYnYbca
SEugePHLaLdY3gZAeOESgOwrdvDJJP3rJEyw1W+1PdtSRXeC6cTfXqzWadbXO80k
26ixuKLyRB0Ni1KPaP2w0Y7e6am4ud+3vzm/vQ1L4ljXKusWs0LvSg2eKLF6EjVv
4SExPrsE91YeU7TSU6k2M1gCxCJVWZCw2HYh7RREnnlfosUtDxKt0Hr4CaNF+ZgA
bYLIGjL/nWOlmqPAnx7b/OyyUag1U5manUzvr8Bbydkdgt/vr7vbCg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:41 2025 by rpki-client