Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xVjF6aZC0zHhX40XywGKKRi3vNE.roa
File: xVjF6aZC0zHhX40XywGKKRi3vNE.roa (raw, json)
Hash identifier: A7R2xhjhrnpZbIEPC8V+1Ti/6+lt0Ne/C92DIjv48L4=
Subject key identifier: C5:58:C5:E9:A6:42:D3:31:E1:5F:8D:17:CB:01:8A:29:18:B7:BC:D1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 567A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xVjF6aZC0zHhX40XywGKKRi3vNE.roa
Signing time: Mon 13 May 2024 21:24:06 +0000
ROA not before: Mon 13 May 2024 21:24:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22138 (0x567a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 21:24:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C558C5E9A642D331E15F8D17CB018A2918B7BCD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:5a:19:6d:60:c0:2b:e1:d9:d6:96:09:dd:5f:
79:58:23:96:50:c8:e6:f2:11:50:a8:e7:ae:ef:2c:
ce:c4:8e:7b:27:32:d7:70:90:55:45:e1:a1:56:31:
8a:4b:d1:49:cd:eb:66:78:7c:65:26:48:63:64:57:
96:ee:74:a6:df:46:c0:52:ef:cc:6a:0b:d0:4e:8f:
a3:77:bf:70:c9:ac:27:c6:e6:6d:e9:c2:fe:30:5f:
9c:9b:b3:19:cc:76:ab:33:5f:9c:ea:58:e9:61:4d:
c2:d6:23:b2:b6:f4:e2:11:9e:b2:59:7b:28:5e:b1:
7a:36:5d:ba:9e:dc:c9:dd:61:9e:86:57:69:41:9a:
6e:af:2d:ca:2b:dd:8f:ac:60:a3:44:0a:88:2e:f0:
a3:b0:98:e3:90:2e:a0:e7:a1:d8:a0:62:e1:8c:b9:
79:b6:c4:64:6d:d7:83:51:2d:61:f7:26:6e:d9:ad:
81:19:9b:71:cf:71:a1:72:46:ef:13:8c:ca:31:bc:
74:5d:1a:b8:69:aa:90:b4:05:3c:1b:2b:dc:bd:74:
f1:77:c3:f7:71:0c:cb:61:2d:69:01:d3:58:18:da:
c6:37:e2:4b:be:b5:5b:52:8d:1f:4a:33:40:e6:ff:
fe:a3:d1:16:10:90:fc:e8:83:06:04:2c:30:f2:3c:
16:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:58:C5:E9:A6:42:D3:31:E1:5F:8D:17:CB:01:8A:29:18:B7:BC:D1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xVjF6aZC0zHhX40XywGKKRi3vNE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:a8:9a:80:84:82:65:16:ad:53:6b:c5:ec:b7:bc:10:08:de:
98:40:76:ac:35:83:77:ea:24:06:2b:bc:fa:66:8f:64:ec:3b:
5e:ca:f0:0f:b8:12:6d:46:c0:82:d7:a6:1b:31:cb:73:de:b5:
75:2e:48:94:77:df:94:37:7b:50:a1:8d:78:69:2c:65:fb:4d:
b3:dc:11:77:6f:be:d1:ef:52:64:05:f3:3b:e8:1d:c6:5a:10:
0e:41:3e:3b:97:17:43:84:7b:e2:43:80:f4:c4:3a:76:0e:1d:
f7:8b:60:dd:5d:0d:8d:a1:da:70:d5:18:ba:1b:ab:eb:9d:9d:
20:b3:56:a6:fc:e3:25:61:dd:7c:5c:af:70:4d:e0:ee:81:c8:
ad:00:41:d4:75:5d:7e:1e:05:5d:45:2f:30:60:fb:09:41:2d:
a1:a9:2f:39:54:69:92:72:09:62:31:88:a1:0d:c7:a3:f2:97:
d6:44:2f:84:21:39:51:f4:16:c0:7e:bd:51:94:d4:ce:a6:b9:
45:13:96:96:6e:97:48:b9:4b:b6:6e:2e:0e:8e:2e:a8:12:02:
26:42:e4:78:ba:ae:71:46:0c:7b:70:0a:a1:57:57:0c:30:6e:
49:8a:36:a9:91:dd:25:d8:6c:93:8b:f1:fc:08:59:ed:ff:5c:
d9:f3:35:c9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVnowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMy
MTI0MDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM1NThDNUU5QTY0MkQz
MzFFMTVGOEQxN0NCMDE4QTI5MThCN0JDRDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnWhltYMAr4dnWlgndX3lYI5ZQyObyEVCo567vLM7EjnsnMtdw
kFVF4aFWMYpL0UnN62Z4fGUmSGNkV5budKbfRsBS78xqC9BOj6N3v3DJrCfG5m3p
wv4wX5ybsxnMdqszX5zqWOlhTcLWI7K29OIRnrJZeyhesXo2Xbqe3MndYZ6GV2lB
mm6vLcor3Y+sYKNECogu8KOwmOOQLqDnodigYuGMuXm2xGRt14NRLWH3Jm7ZrYEZ
m3HPcaFyRu8TjMoxvHRdGrhpqpC0BTwbK9y9dPF3w/dxDMthLWkB01gY2sY34ku+
tVtSjR9KM0Dm//6j0RYQkPzogwYELDDyPBZTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxVjF6aZC0zHhX40XywGKKRi3vNEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hWakY2YVpDMHpIaFg0
MFh5d0dLS1JpM3ZORS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAiKiagISCZRatU2vF7Le8EAjemEB2rDWD
d+okBiu8+maPZOw7XsrwD7gSbUbAgtemGzHLc961dS5IlHfflDd7UKGNeGksZftN
s9wRd2++0e9SZAXzO+gdxloQDkE+O5cXQ4R74kOA9MQ6dg4d94tg3V0NjaHacNUY
uhur652dILNWpvzjJWHdfFyvcE3g7oHIrQBB1HVdfh4FXUUvMGD7CUEtoakvOVRp
knIJYjGIoQ3Ho/KX1kQvhCE5UfQWwH69UZTUzqa5RROWlm6XSLlLtm4uDo4uqBIC
JkLkeLqucUYMe3AKoVdXDDBuSYo2qZHdJdhsk4vx/AhZ7f9c2fM1yQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:46 2025 by rpki-client