Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xpmjosYTNFlg0NVV2mcqcU7uSbY.roa
File: xpmjosYTNFlg0NVV2mcqcU7uSbY.roa (raw, json)
Hash identifier: ryfT1xSD1BwEYOue/wI/+ps81dSGdKhvWg/F9EwuoTM=
Subject key identifier: C6:99:A3:A2:C6:13:34:59:60:D0:D5:55:DA:67:2A:71:4E:EE:49:B6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4CD6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xpmjosYTNFlg0NVV2mcqcU7uSbY.roa
Signing time: Wed 01 May 2024 00:53:34 +0000
ROA not before: Wed 01 May 2024 00:53:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19670 (0x4cd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 00:53:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C699A3A2C613345960D0D555DA672A714EEE49B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:75:27:d3:3d:1e:4c:c3:29:1c:de:f7:bc:eb:
58:f5:cd:dd:9e:5c:b2:93:27:95:db:1f:54:cd:45:
2e:4f:a3:2e:8f:bb:03:ca:69:5a:6f:f9:5d:f3:0c:
4c:5d:8a:45:53:9a:26:74:22:69:d2:3a:a1:a0:15:
8e:8e:11:b3:b6:00:f2:ec:8b:64:aa:5c:f7:05:d9:
3c:05:5e:7d:d6:d0:dc:2a:24:e9:ae:d8:e6:d1:29:
16:c1:91:ec:b2:de:db:fd:eb:4f:03:43:82:8e:56:
ab:5c:f4:c2:7d:5f:c2:78:b0:d7:4c:c3:ad:a7:88:
96:63:f6:33:fb:f2:37:47:da:e3:19:38:f4:1f:0c:
97:e7:bd:d9:22:33:23:e7:e9:65:cb:a7:27:da:77:
4f:2d:a3:c0:bb:03:a8:e9:50:cc:21:cb:b9:c6:f3:
d0:36:7d:83:85:87:32:f0:86:c5:19:33:b9:41:25:
ea:05:66:53:b4:2d:3a:8c:a5:14:21:57:48:5c:8a:
bf:af:56:91:6b:2b:58:90:a6:b3:ee:57:dc:8a:05:
85:7a:28:62:db:db:72:c8:0b:39:05:90:85:18:e2:
cc:79:79:bf:ba:6d:15:3e:19:1c:ad:56:f5:a8:b8:
fc:c2:d8:3c:33:41:0f:6d:75:4c:bd:1e:4d:dc:15:
4c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:99:A3:A2:C6:13:34:59:60:D0:D5:55:DA:67:2A:71:4E:EE:49:B6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xpmjosYTNFlg0NVV2mcqcU7uSbY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:66:6c:fb:55:a4:8b:a3:89:f8:ee:1f:2b:5b:99:b0:32:e0:
bc:a9:d1:93:9f:37:d5:87:ef:5b:8c:0f:91:bc:ac:42:ab:a3:
42:df:38:78:01:6b:b2:c6:27:68:b1:7d:73:93:d9:6b:98:40:
15:97:7b:9b:d4:dc:5e:49:9e:e3:ab:a0:4b:d9:c0:34:ce:cd:
94:a2:6a:73:4a:61:70:28:05:86:86:45:28:cf:76:d2:80:65:
b3:0b:eb:fa:2f:05:8d:29:6b:16:69:a3:c8:f9:9d:cd:e0:72:
7f:5e:3e:cd:11:c8:af:f5:13:d3:25:f4:ed:59:0b:a8:d6:f8:
51:5d:27:7b:6e:6c:4e:ac:d5:e2:19:8e:0b:ba:7f:42:df:bc:
24:72:2e:fd:ac:25:6e:8c:a3:21:4f:16:e7:99:39:d2:29:41:
11:69:b8:e4:5c:72:78:03:e8:33:b2:f4:1b:2f:3b:6d:50:e9:
29:77:b0:87:68:d3:be:0d:63:98:52:5a:b1:bc:aa:f8:c8:5b:
9f:6f:c2:e7:29:5f:c6:2f:44:3a:f6:c6:f1:8c:15:f1:57:3e:
eb:30:a3:1e:05:58:30:41:73:c7:b7:1f:54:42:29:b6:80:f8:
3a:f6:ac:05:10:4e:ba:a5:d4:27:14:82:86:a0:d8:19:ee:02:
d1:de:bb:a7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTNYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEw
MDUzMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM2OTlBM0EyQzYxMzM0
NTk2MEQwRDU1NURBNjcyQTcxNEVFRTQ5QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbdSfTPR5Mwykc3ve861j1zd2eXLKTJ5XbH1TNRS5Poy6PuwPK
aVpv+V3zDExdikVTmiZ0ImnSOqGgFY6OEbO2APLsi2SqXPcF2TwFXn3W0NwqJOmu
2ObRKRbBkeyy3tv9608DQ4KOVqtc9MJ9X8J4sNdMw62niJZj9jP78jdH2uMZOPQf
DJfnvdkiMyPn6WXLpyfad08to8C7A6jpUMwhy7nG89A2fYOFhzLwhsUZM7lBJeoF
ZlO0LTqMpRQhV0hcir+vVpFrK1iQprPuV9yKBYV6KGLb23LICzkFkIUY4sx5eb+6
bRU+GRytVvWouPzC2DwzQQ9tdUy9Hk3cFUzRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxpmjosYTNFlg0NVV2mcqcU7uSbYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hwbWpvc1lUTkZsZzBO
VlYybWNxY1U3dVNiWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAYmZs+1Wki6OJ+O4fK1uZsDLgvKnRk583
1YfvW4wPkbysQqujQt84eAFrssYnaLF9c5PZa5hAFZd7m9TcXkme46ugS9nANM7N
lKJqc0phcCgFhoZFKM920oBlswvr+i8FjSlrFmmjyPmdzeByf14+zRHIr/UT0yX0
7VkLqNb4UV0ne25sTqzV4hmOC7p/Qt+8JHIu/awlboyjIU8W55k50ilBEWm45Fxy
eAPoM7L0Gy87bVDpKXewh2jTvg1jmFJasbyq+Mhbn2/C5ylfxi9EOvbG8YwV8Vc+
6zCjHgVYMEFzx7cfVEIptoD4OvasBRBOuqXUJxSChqDYGe4C0d67pw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:45 2025 by rpki-client