Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sxCrjC_4se87O45XWp7DLoR_keQ.roa
File: sxCrjC_4se87O45XWp7DLoR_keQ.roa (raw, json)
Hash identifier: 8BKMkJLsRByRNoX4v56EcKZxqJk9JdXBTRXrqc/7+3o=
Subject key identifier: B3:10:AB:8C:2F:F8:B1:EF:3B:3B:8E:57:5A:9E:C3:2E:84:7F:91:E4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3582
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sxCrjC_4se87O45XWp7DLoR_keQ.roa
Signing time: Sat 30 Mar 2024 22:22:11 +0000
ROA not before: Sat 30 Mar 2024 22:22:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13698 (0x3582)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 22:22:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B310AB8C2FF8B1EF3B3B8E575A9EC32E847F91E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e8:26:aa:90:6b:66:b5:1d:f4:2d:ca:57:16:
16:18:3d:8a:f0:6a:19:8a:b3:6e:3d:85:5d:fb:cf:
89:06:af:94:64:32:6a:cf:08:53:ac:44:fa:eb:76:
e1:12:1b:ea:6d:3e:26:c0:79:c1:88:c2:ac:ef:76:
26:18:30:6a:73:8f:b5:b8:85:95:94:35:4d:ae:d9:
da:c6:d2:16:2c:7e:9b:df:44:b4:f8:53:a6:69:00:
45:fb:f2:fb:f8:9f:aa:7d:d7:9f:77:5a:d0:1c:d2:
b5:a4:ac:fc:b8:5e:de:82:84:ba:ea:a7:bd:2e:c9:
ae:cd:7f:52:de:8f:ab:6e:2b:a5:48:cd:7a:f5:9b:
0e:f9:09:4e:5a:5b:ed:c8:39:44:14:a8:7e:5b:fa:
4e:1a:b6:41:f0:81:88:0d:08:07:4b:dd:8e:ac:3c:
44:ad:40:dd:3f:ed:9c:09:fc:40:e5:e3:65:3d:99:
e9:f6:eb:ad:44:59:57:79:6c:fe:8c:5e:20:bd:11:
a6:e2:5f:ac:27:db:80:2e:6c:2b:c0:a1:35:4b:73:
7d:07:01:b2:a5:f9:15:b3:ec:0c:9c:3e:99:da:96:
3a:e9:4e:07:aa:ce:15:70:3b:34:ae:9c:c6:22:b3:
e5:17:15:f7:3c:0b:bc:b0:10:4f:67:51:f0:be:b6:
89:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:10:AB:8C:2F:F8:B1:EF:3B:3B:8E:57:5A:9E:C3:2E:84:7F:91:E4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sxCrjC_4se87O45XWp7DLoR_keQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:bc:50:4c:db:a7:91:63:4f:65:f2:c7:db:af:d4:b5:4d:d8:
07:f5:66:a8:e7:f7:81:0a:a9:8b:1a:eb:f5:aa:07:1e:02:c8:
d7:10:e9:0e:08:07:6d:9e:44:0e:63:0d:a8:73:9b:d7:ee:47:
30:2c:47:98:4b:7b:1c:d5:a5:b6:f2:6a:37:97:71:38:3c:ae:
6d:b3:1e:34:db:46:31:44:3b:2e:01:23:fe:ea:9d:85:67:94:
5d:50:3a:b1:43:93:2f:02:21:b1:b9:52:23:9d:69:07:91:f3:
51:a4:18:db:d6:a7:e9:c4:13:d6:6f:a2:79:eb:76:db:66:a6:
f5:4e:8b:b1:1c:e4:2a:18:0e:74:ad:ad:95:2c:0a:b4:aa:06:
0a:bb:f9:3b:3e:05:f4:15:0a:bc:0a:04:14:c6:bb:fc:d3:e8:
d2:ef:98:67:63:cf:e1:d4:51:0f:19:00:ce:65:48:f4:dd:94:
f2:c5:8c:ff:b5:25:8f:ff:61:e6:24:ba:f5:b8:db:38:ff:12:
77:12:2b:e4:78:a0:0c:dc:dd:0a:88:e7:02:a0:4a:90:ba:16:
e5:4a:cb:4d:64:1a:d8:48:01:bb:18:2f:eb:1c:96:77:ca:2a:
40:dd:5d:99:de:f1:a2:41:26:79:e1:21:95:1b:2a:8d:1b:dd:
34:3f:19:0a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAy
MjIyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIzMTBBQjhDMkZGOEIx
RUYzQjNCOEU1NzVBOUVDMzJFODQ3RjkxRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDi6CaqkGtmtR30LcpXFhYYPYrwahmKs249hV37z4kGr5RkMmrP
CFOsRPrrduESG+ptPibAecGIwqzvdiYYMGpzj7W4hZWUNU2u2drG0hYsfpvfRLT4
U6ZpAEX78vv4n6p91593WtAc0rWkrPy4Xt6ChLrqp70uya7Nf1Lej6tuK6VIzXr1
mw75CU5aW+3IOUQUqH5b+k4atkHwgYgNCAdL3Y6sPEStQN0/7ZwJ/EDl42U9men2
661EWVd5bP6MXiC9EabiX6wn24AubCvAoTVLc30HAbKl+RWz7AycPpnaljrpTgeq
zhVwOzSunMYis+UXFfc8C7ywEE9nUfC+tolDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUsxCrjC/4se87O45XWp7DLoR/keQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3N4Q3JqQ180c2U4N080
NVhXcDdETG9SX2tlUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEABLxQTNunkWNPZfLH26/UtU3YB/VmqOf3
gQqpixrr9aoHHgLI1xDpDggHbZ5EDmMNqHOb1+5HMCxHmEt7HNWltvJqN5dxODyu
bbMeNNtGMUQ7LgEj/uqdhWeUXVA6sUOTLwIhsblSI51pB5HzUaQY29an6cQT1m+i
eet222am9U6LsRzkKhgOdK2tlSwKtKoGCrv5Oz4F9BUKvAoEFMa7/NPo0u+YZ2PP
4dRRDxkAzmVI9N2U8sWM/7Ulj/9h5iS69bjbOP8SdxIr5HigDNzdCojnAqBKkLoW
5UrLTWQa2EgBuxgv6xyWd8oqQN1dmd7xokEmeeEhlRsqjRvdND8ZCg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:55 2025 by rpki-client