Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xh2dVAAT2b0TnWS9gsVRRXqSOjE.roa
File: xh2dVAAT2b0TnWS9gsVRRXqSOjE.roa (raw, json)
Hash identifier: kA/ZPRKX/d8Pnh3e2cQbHVnWfV8xTUrn0G9VkF8ZDPM=
Subject key identifier: C6:1D:9D:54:00:13:D9:BD:13:9D:64:BD:82:C5:51:45:7A:92:3A:31
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DD2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xh2dVAAT2b0TnWS9gsVRRXqSOjE.roa
Signing time: Thu 11 Apr 2024 00:22:44 +0000
ROA not before: Thu 11 Apr 2024 00:22:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15826 (0x3dd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 00:22:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C61D9D540013D9BD139D64BD82C551457A923A31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:dd:15:f7:f1:85:0b:df:db:ff:11:b2:44:57:
3b:c3:6e:3e:a7:f3:e5:2a:f7:ec:b0:2c:eb:a4:55:
95:7f:c0:a8:7e:05:06:1f:26:72:41:a2:9a:11:b2:
69:d4:1e:00:59:70:aa:0c:18:03:d9:ab:28:5d:51:
ce:14:67:d6:de:bb:38:64:f7:5d:c6:cf:6f:09:7f:
db:6d:9b:49:8d:16:e4:73:2a:26:cf:02:01:d7:b1:
53:04:13:6e:e9:08:9e:f8:90:72:ac:55:63:fc:bd:
94:8c:b5:ff:ea:62:33:ed:6f:17:2e:d1:1e:26:89:
58:0b:09:26:50:e9:8d:85:ef:cd:c3:b3:27:bf:6f:
c4:0a:fa:12:64:3a:bc:5a:bc:68:d5:bb:2c:ee:51:
8c:70:6c:0c:da:5f:24:20:53:6d:fb:e1:b2:01:7c:
73:01:47:1e:62:76:5e:ef:0c:c0:42:23:7b:b4:d3:
e1:f8:31:ab:0e:a4:71:97:d7:a8:59:24:73:cb:6b:
3f:6d:d7:08:d0:c8:c1:1e:f8:e6:ff:ab:ca:52:de:
80:aa:44:3c:92:66:3a:91:09:cb:4c:d5:b2:c5:20:
80:77:36:a4:78:6e:14:62:4c:43:c7:7b:1d:ec:f5:
57:88:ab:06:e4:a7:db:9f:60:8a:d1:9f:32:07:87:
f7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1D:9D:54:00:13:D9:BD:13:9D:64:BD:82:C5:51:45:7A:92:3A:31
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xh2dVAAT2b0TnWS9gsVRRXqSOjE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:7b:6a:e8:4b:6a:84:7b:16:b8:a2:e4:87:51:2f:ba:77:19:
fd:4a:63:0e:31:b1:f3:a2:e9:1f:a1:67:4c:71:2f:97:e8:9b:
2b:8e:01:48:ab:0c:8a:0b:77:6b:b4:90:87:27:55:4c:1a:0d:
61:47:4e:56:35:fe:de:10:67:60:42:9c:b6:4b:db:32:92:ec:
40:a8:81:32:c8:4e:c0:e6:61:67:b5:2f:9a:6c:ca:a3:13:6e:
36:05:6f:4a:93:66:9e:ae:5d:97:69:14:8a:ee:f2:75:21:5e:
3b:66:77:af:aa:8a:d1:a1:70:0d:be:90:b8:48:c6:80:8c:8b:
19:12:14:41:c5:af:ad:05:b8:2f:bc:35:10:7d:a2:6b:32:b6:
32:28:03:af:00:02:bd:50:c5:23:6b:24:2d:5c:fa:af:cd:79:
7a:c6:10:ce:d4:1e:e8:e7:77:62:ec:2b:84:06:95:71:90:44:
b5:20:a7:f8:6a:71:e8:f4:02:51:65:fd:f3:ed:ca:5a:3d:23:
86:e9:10:31:5e:e5:c0:bf:83:08:13:56:12:3e:80:d4:e7:02:
43:15:04:d1:7b:6c:d0:40:7f:ff:9a:5c:b1:84:11:6e:02:f9:
25:a3:e9:61:1a:80:89:b3:20:e2:cd:fc:49:5d:29:c3:63:47:
1a:ca:3e:4a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
MDIyNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM2MUQ5RDU0MDAxM0Q5
QkQxMzlENjRCRDgyQzU1MTQ1N0E5MjNBMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZ3RX38YUL39v/EbJEVzvDbj6n8+Uq9+ywLOukVZV/wKh+BQYf
JnJBopoRsmnUHgBZcKoMGAPZqyhdUc4UZ9beuzhk913Gz28Jf9ttm0mNFuRzKibP
AgHXsVMEE27pCJ74kHKsVWP8vZSMtf/qYjPtbxcu0R4miVgLCSZQ6Y2F783Dsye/
b8QK+hJkOrxavGjVuyzuUYxwbAzaXyQgU2374bIBfHMBRx5idl7vDMBCI3u00+H4
MasOpHGX16hZJHPLaz9t1wjQyMEe+Ob/q8pS3oCqRDySZjqRCctM1bLFIIB3NqR4
bhRiTEPHex3s9VeIqwbkp9ufYIrRnzIHh/eHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxh2dVAAT2b0TnWS9gsVRRXqSOjEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hoMmRWQUFUMmIwVG5X
Uzlnc1ZSUlhxU09qRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAcXtq6EtqhHsWuKLkh1EvuncZ/UpjDjGx
86LpH6FnTHEvl+ibK44BSKsMigt3a7SQhydVTBoNYUdOVjX+3hBnYEKctkvbMpLs
QKiBMshOwOZhZ7UvmmzKoxNuNgVvSpNmnq5dl2kUiu7ydSFeO2Z3r6qK0aFwDb6Q
uEjGgIyLGRIUQcWvrQW4L7w1EH2iazK2MigDrwACvVDFI2skLVz6r815esYQztQe
6Od3YuwrhAaVcZBEtSCn+Gpx6PQCUWX98+3KWj0jhukQMV7lwL+DCBNWEj6A1OcC
QxUE0Xts0EB//5pcsYQRbgL5JaPpYRqAibMg4s38SV0pw2NHGso+Sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:55 2024 by rpki-client on console-fra.rpki-client.org