Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/trxx0-9n72ch67aAiB5jt8D871Q.roa
File: trxx0-9n72ch67aAiB5jt8D871Q.roa (raw, json)
Hash identifier: aWKt4HwCDEAeB0calRBWlCDHsJmhrDHlzhhh/QkYokU=
Subject key identifier: B6:BC:71:D3:EF:67:EF:67:21:EB:B6:80:88:1E:63:B7:C0:FC:EF:54
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 479A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/trxx0-9n72ch67aAiB5jt8D871Q.roa
Signing time: Wed 24 Apr 2024 01:23:14 +0000
ROA not before: Wed 24 Apr 2024 01:23:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18330 (0x479a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 01:23:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B6BC71D3EF67EF6721EBB680881E63B7C0FCEF54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ef:aa:8e:d1:46:9c:df:33:36:0f:e1:54:24:
e3:35:41:40:89:63:e0:15:d0:95:8e:6e:76:9e:4f:
9a:ba:cf:dc:e8:32:96:02:fc:29:83:7d:e6:be:72:
17:e3:77:bb:6d:a5:d7:e2:c6:cc:48:7e:ba:65:4c:
c7:b0:30:c4:f4:c8:7f:b1:28:6d:63:ae:fe:50:9d:
d2:ea:67:0f:c4:42:11:66:e7:b1:d0:03:95:6f:ba:
23:3e:a1:85:d8:6a:c2:a6:dc:4d:1f:b9:82:6a:db:
da:d2:a8:e9:51:ea:bf:07:41:85:62:89:87:82:25:
a6:3e:62:c8:b8:65:56:78:89:1c:f3:6d:82:19:6d:
05:cf:f7:7e:10:15:48:9b:91:b3:91:21:e5:51:87:
50:ea:09:8e:96:1c:3c:11:26:7a:e0:15:5d:4d:81:
de:11:ad:8c:1e:09:ed:ae:99:92:82:76:01:c5:5b:
a8:e7:d3:f0:17:21:f9:be:5c:d0:6c:3e:9a:98:af:
b1:59:68:af:26:56:7f:02:21:9a:3e:28:79:1d:a0:
62:91:6f:01:95:f4:37:55:81:17:df:c2:ef:b1:cc:
c2:70:41:0e:e6:ba:ea:ff:b6:83:07:7b:dc:c6:1f:
67:92:db:e4:cf:ea:0d:19:b1:af:9e:de:ac:35:b1:
c4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:BC:71:D3:EF:67:EF:67:21:EB:B6:80:88:1E:63:B7:C0:FC:EF:54
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/trxx0-9n72ch67aAiB5jt8D871Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:2c:7b:ca:15:f4:32:5b:16:86:bb:e9:2e:55:d3:6a:00:2a:
43:30:95:23:a7:83:ea:ed:2d:b8:e6:d9:e0:84:a4:1d:02:aa:
48:76:15:64:66:a9:9b:ce:09:fd:88:de:59:d5:3a:ee:13:22:
11:1a:cc:b8:b9:4f:3b:79:9c:b2:12:cf:79:5b:8a:2d:d1:d5:
03:6a:73:65:75:e4:af:16:ef:88:c4:5b:68:fe:7c:42:e1:7f:
5f:5d:dd:07:9e:53:26:9d:fb:06:a9:73:5c:42:1a:f4:26:79:
79:1a:c6:e8:44:0a:5f:c5:08:15:eb:81:f8:eb:42:6f:3f:d8:
74:b0:70:cf:f9:55:aa:4f:3c:b2:93:e3:a5:4e:7e:97:2c:97:
ea:92:45:a6:5d:ca:1d:9f:7c:98:38:d8:6a:38:24:1a:10:a3:
80:71:6d:fd:e7:0a:6a:f6:ac:02:b4:1d:f6:6a:14:6c:d7:25:
a0:ee:2d:d9:16:28:ca:b7:d4:16:cc:cc:0f:18:fc:99:1b:d4:
aa:d4:aa:45:c1:5f:12:15:cf:a2:b1:51:71:1c:9d:2b:1a:69:
ab:32:7e:12:ab:95:ba:81:72:aa:b9:1a:a0:0e:1f:71:35:57:
8f:d1:08:9c:b1:78:77:ed:ba:c0:20:55:de:8d:20:18:de:c8:
65:20:96:fe
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR5owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
MTIzMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI2QkM3MUQzRUY2N0VG
NjcyMUVCQjY4MDg4MUU2M0I3QzBGQ0VGNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC876qO0Uac3zM2D+FUJOM1QUCJY+AV0JWObnaeT5q6z9zoMpYC
/CmDfea+chfjd7ttpdfixsxIfrplTMewMMT0yH+xKG1jrv5QndLqZw/EQhFm57HQ
A5VvuiM+oYXYasKm3E0fuYJq29rSqOlR6r8HQYViiYeCJaY+Ysi4ZVZ4iRzzbYIZ
bQXP934QFUibkbORIeVRh1DqCY6WHDwRJnrgFV1Ngd4RrYweCe2umZKCdgHFW6jn
0/AXIfm+XNBsPpqYr7FZaK8mVn8CIZo+KHkdoGKRbwGV9DdVgRffwu+xzMJwQQ7m
uur/toMHe9zGH2eS2+TP6g0Zsa+e3qw1scRBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUtrxx0+9n72ch67aAiB5jt8D871QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RyeHgwLTluNzJjaDY3
YUFpQjVqdDhEODcxUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKSx7yhX0MlsWhrvpLlXTagAqQzCVI6eD
6u0tuObZ4ISkHQKqSHYVZGapm84J/YjeWdU67hMiERrMuLlPO3mcshLPeVuKLdHV
A2pzZXXkrxbviMRbaP58QuF/X13dB55TJp37BqlzXEIa9CZ5eRrG6EQKX8UIFeuB
+OtCbz/YdLBwz/lVqk88spPjpU5+lyyX6pJFpl3KHZ98mDjYajgkGhCjgHFt/ecK
avasArQd9moUbNcloO4t2RYoyrfUFszMDxj8mRvUqtSqRcFfEhXPorFRcRydKxpp
qzJ+EquVuoFyqrkaoA4fcTVXj9EInLF4d+26wCBV3o0gGN7IZSCW/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:52 2024 by rpki-client on console-fra.rpki-client.org