Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/x59skNY30B2iNxUbcDL8Mk-g8Qc.roa
File: x59skNY30B2iNxUbcDL8Mk-g8Qc.roa (raw, json)
Hash identifier: +LcVr6lmOO2jf902vol1tWPN2N4u4hniJ7CPEV3v8gQ=
Subject key identifier: C7:9F:6C:90:D6:37:D0:1D:A2:37:15:1B:70:32:FC:32:4F:A0:F1:07
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 375A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/x59skNY30B2iNxUbcDL8Mk-g8Qc.roa
Signing time: Tue 02 Apr 2024 09:22:13 +0000
ROA not before: Tue 02 Apr 2024 09:22:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14170 (0x375a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 09:22:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C79F6C90D637D01DA237151B7032FC324FA0F107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:55:85:36:e1:f8:52:b7:f5:67:9b:13:ae:ac:
76:ec:a1:e9:d8:84:de:72:11:aa:a8:a0:39:cc:4b:
d0:1d:59:bc:c1:c8:3a:f5:b7:e0:09:50:a1:34:b3:
b2:85:a4:a1:5a:ef:c2:c7:73:95:c7:17:7b:db:a0:
81:4b:c9:a7:5a:d4:78:0c:84:3f:7f:85:28:52:4b:
c2:75:70:23:79:cc:fc:dc:5a:52:1b:5d:ee:d0:27:
16:25:65:65:ea:e5:1f:cc:fc:c4:e1:ce:b6:d2:b0:
a2:6e:bc:ac:8f:b7:ed:be:36:50:cb:8e:c6:40:e6:
0f:f6:fe:20:c1:5b:7f:c5:93:be:59:67:49:b4:8b:
53:c9:f4:3a:38:94:08:c9:32:00:8e:2c:80:76:41:
15:bd:2b:f4:40:90:2b:4c:3c:70:62:a8:09:c2:a1:
cc:3f:a2:fb:50:fd:7e:29:40:3a:c7:4b:b9:38:3a:
c8:e8:12:83:33:8e:5c:24:63:55:52:4a:17:73:2c:
b2:4d:e8:13:8a:a2:0a:b7:89:59:7e:59:34:c7:9b:
d3:57:4c:24:6d:58:77:91:2b:34:91:10:47:65:53:
d6:be:03:bb:a2:44:e0:8a:b6:a6:54:fb:c4:ae:ce:
55:8e:fa:24:1d:e6:e4:b2:a4:08:3e:e8:f4:e2:61:
97:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:9F:6C:90:D6:37:D0:1D:A2:37:15:1B:70:32:FC:32:4F:A0:F1:07
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/x59skNY30B2iNxUbcDL8Mk-g8Qc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
43:88:38:08:7f:ab:80:35:9c:0f:2b:98:66:49:fb:79:26:a0:
1e:1c:34:a9:99:65:0e:d9:7a:bb:71:1b:55:49:a4:3e:c5:a4:
3c:37:09:fb:4a:88:68:f0:b3:5a:53:d5:6f:e6:dd:18:fa:d3:
af:b5:fa:8a:80:e9:1a:53:b3:71:39:6c:f9:6e:42:e9:ec:63:
fa:be:b2:87:f7:b9:43:96:eb:cc:b7:e1:6f:cf:13:92:e0:c2:
21:26:d8:fc:e2:de:70:f4:05:b6:20:bc:cf:b3:36:a5:62:67:
a8:bf:68:9d:55:8b:4d:23:69:0b:ed:fc:3a:e4:9b:c2:c4:18:
8b:52:21:33:1b:39:80:e2:8c:52:66:da:de:b2:f5:ea:ce:5c:
f7:f2:58:ea:87:6c:b5:9d:bc:e8:0a:13:c7:ff:62:23:20:7b:
f4:da:fb:2c:7c:c0:38:1a:89:c9:38:2b:ee:93:87:d8:f4:ba:
d8:84:e4:38:c1:20:23:21:03:4f:b2:c7:d8:57:7b:53:b2:9a:
f3:8d:32:45:3e:d6:29:18:75:82:a2:63:4d:a1:de:52:f7:36:
32:54:20:4c:fc:5e:c3:41:f2:7e:14:ea:58:5b:83:d2:0a:71:
f0:22:26:41:1e:e2:92:48:98:c0:34:75:c5:11:66:03:5f:7b:
6c:d2:69:20
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICN1owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIw
OTIyMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM3OUY2QzkwRDYzN0Qw
MURBMjM3MTUxQjcwMzJGQzMyNEZBMEYxMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEVYU24fhSt/VnmxOurHbsoenYhN5yEaqooDnMS9AdWbzByDr1
t+AJUKE0s7KFpKFa78LHc5XHF3vboIFLyada1HgMhD9/hShSS8J1cCN5zPzcWlIb
Xe7QJxYlZWXq5R/M/MThzrbSsKJuvKyPt+2+NlDLjsZA5g/2/iDBW3/Fk75ZZ0m0
i1PJ9Do4lAjJMgCOLIB2QRW9K/RAkCtMPHBiqAnCocw/ovtQ/X4pQDrHS7k4Osjo
EoMzjlwkY1VSShdzLLJN6BOKogq3iVl+WTTHm9NXTCRtWHeRKzSREEdlU9a+A7ui
ROCKtqZU+8SuzlWO+iQd5uSypAg+6PTiYZeNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUx59skNY30B2iNxUbcDL8Mk+g8QcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3g1OXNrTlkzMEIyaU54
VWJjREw4TWstZzhRYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQ4g4CH+rgDWcDyuYZkn7eSagHhw0qZll
Dtl6u3EbVUmkPsWkPDcJ+0qIaPCzWlPVb+bdGPrTr7X6ioDpGlOzcTls+W5C6exj
+r6yh/e5Q5brzLfhb88TkuDCISbY/OLecPQFtiC8z7M2pWJnqL9onVWLTSNpC+38
OuSbwsQYi1IhMxs5gOKMUmba3rL16s5c9/JY6odstZ286AoTx/9iIyB79Nr7LHzA
OBqJyTgr7pOH2PS62ITkOMEgIyEDT7LH2Fd7U7Ka840yRT7WKRh1gqJjTaHeUvc2
MlQgTPxew0HyfhTqWFuD0gpx8CImQR7ikkiYwDR1xRFmA197bNJpIA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:02 2025 by rpki-client