Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tXkbOvISv6r88hHD08V2mK7pTx8.roa
File: tXkbOvISv6r88hHD08V2mK7pTx8.roa (raw, json)
Hash identifier: yDI0d6UCPZemIB6wrXaHqg7Fe3gcLZa5rty+4qBSKGo=
Subject key identifier: B5:79:1B:3A:F2:12:BF:AA:FC:F2:11:C3:D3:C5:76:98:AE:E9:4F:1F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56A2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tXkbOvISv6r88hHD08V2mK7pTx8.roa
Signing time: Tue 14 May 2024 02:28:03 +0000
ROA not before: Tue 14 May 2024 02:28:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22178 (0x56a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 02:28:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B5791B3AF212BFAAFCF211C3D3C57698AEE94F1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d3:00:f1:fb:b2:5a:45:e5:fa:d9:e1:fc:59:
8e:1e:46:0b:53:7b:8b:39:68:69:b2:d2:79:74:66:
18:ad:47:02:75:bf:8c:e6:87:98:0b:67:19:49:a7:
2d:58:41:ac:28:34:bb:eb:20:f8:73:50:3e:e9:29:
50:6a:b4:fb:bb:e9:60:23:85:c3:23:cd:16:cd:84:
42:7a:68:8f:89:a7:f1:11:ab:ff:0e:59:51:8a:0f:
e7:8d:3b:cf:f7:3c:6d:1a:46:36:12:e8:56:ed:0b:
cb:7b:c2:92:75:ed:b4:3d:70:2b:55:5f:ad:9e:8a:
7c:50:3f:24:80:48:cd:31:ad:e8:67:22:3a:7f:e5:
36:13:d7:6a:24:b5:72:4f:5f:1a:c9:29:b3:c4:4f:
fc:cc:87:6c:3a:a5:f6:99:59:ac:66:b3:80:77:60:
11:5d:4b:91:0a:a2:e3:fe:3b:bb:32:96:94:3d:ed:
21:5c:f4:50:56:da:ed:5a:63:2a:df:26:19:6d:24:
39:21:0c:4e:5d:3f:d6:20:1f:1f:5c:b0:32:03:83:
19:ff:55:75:1a:f3:e1:a5:6c:bb:d3:4b:52:41:52:
ac:55:e3:59:1c:2d:fb:cf:54:24:d0:47:f5:07:a0:
0c:61:d5:94:c2:8e:da:e1:21:71:ab:3d:77:cb:06:
99:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:79:1B:3A:F2:12:BF:AA:FC:F2:11:C3:D3:C5:76:98:AE:E9:4F:1F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tXkbOvISv6r88hHD08V2mK7pTx8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:3c:40:43:b6:9d:d8:c5:80:eb:69:b7:6a:6b:b0:c3:28:8b:
75:c2:83:5c:a1:dd:02:60:36:8c:73:26:dc:05:e8:97:1f:58:
3e:bc:8c:db:ad:ac:d5:96:ee:06:26:63:cf:d8:d9:9f:b7:86:
4e:45:ca:fa:9d:5c:91:80:a3:c4:3c:9d:be:2b:1e:ef:44:37:
77:ec:a7:d0:98:53:4b:95:a5:52:9c:24:3c:8a:2d:1a:d8:d8:
18:62:c4:a8:d2:3a:19:62:0d:ec:8c:e6:f2:33:e6:df:8f:15:
17:7a:02:04:3c:3e:3e:2d:5c:44:d4:86:5b:70:2a:6f:55:24:
7f:bc:02:89:c4:c3:be:75:a4:fb:f9:2f:a9:ba:98:dd:7e:0d:
6a:0d:cb:25:89:2f:0d:06:23:31:e3:44:61:b5:96:f2:16:0c:
dc:d2:09:b9:d4:93:fb:f0:5a:b3:92:02:2a:51:ea:cd:9d:01:
eb:3d:09:c6:7d:d0:3c:c1:55:96:e9:d0:b0:2e:ca:ec:cd:71:
86:0b:e5:99:90:65:eb:f7:60:e4:46:af:38:23:a3:b3:fc:cf:
81:53:ba:35:56:bc:a8:fb:f4:83:96:1d:58:9e:bd:64:62:bf:
d9:03:ab:33:20:3c:4d:a3:1f:8e:fe:78:6d:a5:3e:0a:d6:8f:
af:4d:f8:ae
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVqIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQw
MjI4MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI1NzkxQjNBRjIxMkJG
QUFGQ0YyMTFDM0QzQzU3Njk4QUVFOTRGMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE0wDx+7JaReX62eH8WY4eRgtTe4s5aGmy0nl0ZhitRwJ1v4zm
h5gLZxlJpy1YQawoNLvrIPhzUD7pKVBqtPu76WAjhcMjzRbNhEJ6aI+Jp/ERq/8O
WVGKD+eNO8/3PG0aRjYS6FbtC8t7wpJ17bQ9cCtVX62einxQPySASM0xrehnIjp/
5TYT12oktXJPXxrJKbPET/zMh2w6pfaZWaxms4B3YBFdS5EKouP+O7sylpQ97SFc
9FBW2u1aYyrfJhltJDkhDE5dP9YgHx9csDIDgxn/VXUa8+GlbLvTS1JBUqxV41kc
LfvPVCTQR/UHoAxh1ZTCjtrhIXGrPXfLBpkzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUtXkbOvISv6r88hHD08V2mK7pTx8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RYa2JPdklTdjZyODho
SEQwOFYybUs3cFR4OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKjxAQ7ad2MWA62m3amuwwyiLdcKDXKHd
AmA2jHMm3AXolx9YPryM262s1ZbuBiZjz9jZn7eGTkXK+p1ckYCjxDydvise70Q3
d+yn0JhTS5WlUpwkPIotGtjYGGLEqNI6GWIN7Izm8jPm348VF3oCBDw+Pi1cRNSG
W3Aqb1Ukf7wCicTDvnWk+/kvqbqY3X4Nag3LJYkvDQYjMeNEYbWW8hYM3NIJudST
+/Bas5ICKlHqzZ0B6z0Jxn3QPMFVlunQsC7K7M1xhgvlmZBl6/dg5EavOCOjs/zP
gVO6NVa8qPv0g5YdWJ69ZGK/2QOrMyA8TaMfjv54baU+CtaPr034rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:51 2024 by rpki-client on console-fra.rpki-client.org