Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rXidS2J22d7OsDuq8COlXrcgQTQ.roa
File: rXidS2J22d7OsDuq8COlXrcgQTQ.roa (raw, json)
Hash identifier: CCkVT1o3ak7dwk+bsDuCUt2SEEMretdMThm+c4NMiRo=
Subject key identifier: AD:78:9D:4B:62:76:D9:DE:CE:B0:3B:AA:F0:23:A5:5E:B7:20:41:34
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 568A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rXidS2J22d7OsDuq8COlXrcgQTQ.roa
Signing time: Mon 13 May 2024 23:24:06 +0000
ROA not before: Mon 13 May 2024 23:24:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22154 (0x568a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 23:24:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AD789D4B6276D9DECEB03BAAF023A55EB7204134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f8:7f:c1:d9:d1:d5:da:ad:e1:32:43:16:cc:
92:b4:67:be:ba:97:1a:36:f7:84:9d:dc:53:49:0f:
cd:10:f8:08:4b:98:35:6c:ec:04:00:aa:bf:7f:75:
24:b4:c3:8f:e2:00:7f:e0:cd:c8:5a:63:0d:4b:60:
72:9d:80:b0:f8:5e:8c:90:43:59:87:eb:20:b9:e8:
20:52:f2:af:4b:3f:f9:e6:21:d7:df:da:6e:61:98:
68:d7:f1:b0:d9:8e:84:8b:ea:b1:83:3c:e3:2e:82:
33:11:6b:90:7e:d1:3b:b6:04:aa:fe:94:85:90:5a:
2f:85:fa:d6:3c:19:e6:33:5e:a9:3e:39:24:c1:da:
1f:29:9d:90:8d:ab:0b:6d:00:7a:2b:b6:cd:b5:6f:
19:c6:39:17:ec:08:c8:78:e2:29:a8:eb:b0:11:e1:
95:fd:de:a4:4c:df:d8:13:d6:41:4e:a4:89:2f:d9:
8b:77:db:d2:19:84:2d:ef:19:09:86:e3:89:6b:2b:
e8:54:5b:8a:af:82:ca:bc:a0:e2:aa:c4:5e:37:35:
54:7c:9d:9a:ad:da:3d:c6:ef:2b:02:16:2e:2e:d6:
60:9f:a0:72:61:24:95:d6:fa:00:9c:66:3d:3b:b4:
3a:a4:c9:51:31:1f:48:4d:16:19:0f:e6:20:a0:b8:
2d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:78:9D:4B:62:76:D9:DE:CE:B0:3B:AA:F0:23:A5:5E:B7:20:41:34
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rXidS2J22d7OsDuq8COlXrcgQTQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:0f:03:43:b8:68:d0:33:b6:2d:53:85:62:12:26:9a:f7:56:
66:40:54:3b:81:ff:84:7d:70:0d:c5:26:c2:98:69:c2:09:d6:
4d:b4:a1:4d:0d:7c:d2:b6:b1:03:cc:58:4d:a7:6c:07:e4:fe:
05:d8:ce:9a:bc:c7:65:0d:59:b1:1b:f4:11:28:b3:af:f1:42:
87:c3:c2:b0:e2:12:60:0d:54:86:92:b2:91:da:ca:58:07:25:
15:20:6e:d6:3c:35:71:af:5a:18:49:31:cf:19:15:4e:7f:c7:
08:52:f0:c9:d4:ba:bb:5d:5f:03:72:c3:f7:34:e3:15:93:a5:
b6:4f:64:66:97:0c:a1:c8:93:98:48:14:a6:3a:ff:84:b7:09:
5b:a0:94:d8:2c:32:bf:56:81:26:42:a1:5c:79:7f:ed:0f:60:
14:94:eb:d7:22:27:a2:de:5d:58:ee:51:8e:46:bb:95:83:64:
48:19:6a:58:e9:c6:ed:98:10:b2:6b:35:01:ac:71:a6:d9:bd:
f9:8d:69:e7:6c:e0:0e:3f:e4:d9:96:ad:23:f7:0a:cc:0d:b5:
00:b3:9f:a4:f2:10:f6:6f:0f:83:c1:ee:da:9e:29:47:c4:05:
27:c5:e1:53:73:21:40:45:76:f3:e0:96:80:80:4e:2f:3b:ff:
77:4f:be:7f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVoowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMy
MzI0MDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFENzg5RDRCNjI3NkQ5
REVDRUIwM0JBQUYwMjNBNTVFQjcyMDQxMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCj+H/B2dHV2q3hMkMWzJK0Z766lxo294Sd3FNJD80Q+AhLmDVs
7AQAqr9/dSS0w4/iAH/gzchaYw1LYHKdgLD4XoyQQ1mH6yC56CBS8q9LP/nmIdff
2m5hmGjX8bDZjoSL6rGDPOMugjMRa5B+0Tu2BKr+lIWQWi+F+tY8GeYzXqk+OSTB
2h8pnZCNqwttAHorts21bxnGORfsCMh44imo67AR4ZX93qRM39gT1kFOpIkv2Yt3
29IZhC3vGQmG44lrK+hUW4qvgsq8oOKqxF43NVR8nZqt2j3G7ysCFi4u1mCfoHJh
JJXW+gCcZj07tDqkyVExH0hNFhkP5iCguC39AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrXidS2J22d7OsDuq8COlXrcgQTQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JYaWRTMkoyMmQ3T3NE
dXE4Q09sWHJjZ1FUUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAXA8DQ7ho0DO2LVOFYhImmvdWZkBUO4H/
hH1wDcUmwphpwgnWTbShTQ180raxA8xYTadsB+T+BdjOmrzHZQ1ZsRv0ESizr/FC
h8PCsOISYA1UhpKykdrKWAclFSBu1jw1ca9aGEkxzxkVTn/HCFLwydS6u11fA3LD
9zTjFZOltk9kZpcMociTmEgUpjr/hLcJW6CU2Cwyv1aBJkKhXHl/7Q9gFJTr1yIn
ot5dWO5Rjka7lYNkSBlqWOnG7ZgQsms1Aaxxptm9+Y1p52zgDj/k2ZatI/cKzA21
ALOfpPIQ9m8Pg8Hu2p4pR8QFJ8XhU3MhQEV28+CWgIBOLzv/d0++fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:49 2024 by rpki-client on console-fra.rpki-client.org