Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xs9AkgHnsBy1lun4yD5eTGpEHEg.roa
File: xs9AkgHnsBy1lun4yD5eTGpEHEg.roa (raw, json)
Hash identifier: 5ot5W5wgql7g99+mSwISbX6i2PrdCkRv2o/407KYUqA=
Subject key identifier: C6:CF:40:92:01:E7:B0:1C:B5:96:E9:F8:C8:3E:5E:4C:6A:44:1C:48
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41AA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xs9AkgHnsBy1lun4yD5eTGpEHEg.roa
Signing time: Tue 16 Apr 2024 03:22:57 +0000
ROA not before: Tue 16 Apr 2024 03:22:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16810 (0x41aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 03:22:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C6CF409201E7B01CB596E9F8C83E5E4C6A441C48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:71:25:20:41:2e:a3:43:1e:ee:33:49:99:e3:
06:97:ff:01:4e:20:22:0c:ca:95:90:a0:7b:05:15:
ce:6f:f5:f8:9d:64:4f:1b:d4:13:df:9e:21:0c:6c:
7b:47:07:b5:32:4c:17:77:6a:15:30:07:81:be:bf:
78:4e:08:53:ad:9e:bb:b4:d3:90:96:87:43:90:81:
f4:59:a9:c5:e4:08:62:cc:8d:ac:3e:7b:fc:4d:e3:
f7:2c:db:fc:9e:51:44:c1:0e:17:e1:1f:94:93:1c:
14:d9:b1:0d:70:dd:77:1a:23:5a:ff:e4:f1:f6:7f:
e5:74:1c:3b:e8:c4:73:1b:2b:45:e1:e3:db:09:ba:
65:ec:af:52:a2:3f:93:6f:eb:0f:57:b5:c0:41:6c:
fc:7b:94:6e:77:29:90:e6:27:7b:ac:1c:e6:72:a1:
d5:28:7a:90:e5:6b:e0:ad:b7:d4:57:b1:3b:da:b4:
fc:18:bb:db:24:42:cb:60:52:19:7f:3a:da:4d:f5:
ee:49:92:d0:97:34:77:ee:31:74:be:89:b7:3a:0c:
4f:4c:72:39:4c:49:67:3c:3e:12:fe:8a:4f:fe:9e:
7f:ff:f1:94:67:dc:2a:87:17:b9:2a:27:36:b6:9d:
61:3b:39:d3:37:2d:78:58:7d:98:7f:6c:56:bc:08:
c4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:CF:40:92:01:E7:B0:1C:B5:96:E9:F8:C8:3E:5E:4C:6A:44:1C:48
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xs9AkgHnsBy1lun4yD5eTGpEHEg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:6a:7b:22:47:57:a3:8c:a1:86:ac:03:cb:86:00:9d:ce:a5:
5f:d9:b0:0b:8b:f2:28:0a:a3:8c:26:a3:47:14:e5:0c:64:c4:
3a:f0:ba:11:64:d6:2c:3e:6c:60:16:2c:a0:cb:41:f3:93:6c:
88:38:79:8b:dc:59:d4:4d:9b:04:dc:de:ea:f8:29:0b:a5:93:
d8:a8:77:d6:7a:38:d7:b0:42:85:74:b0:2f:bb:2d:aa:58:da:
30:68:fd:02:f3:62:8e:ee:df:e4:6a:24:96:fe:c3:dd:3f:43:
95:0d:f4:c7:2b:e4:45:e5:62:4f:3f:1f:bf:a2:39:8c:90:c2:
83:8f:34:78:d3:df:8e:41:1c:d3:87:5c:54:e9:1e:51:be:3c:
9f:0c:3b:af:34:d1:1c:d9:da:d5:82:d9:ed:19:6a:60:62:00:
f9:03:cb:53:dd:75:78:7d:6d:fb:b9:91:e7:68:a9:44:11:91:
9a:17:6b:ba:b1:b7:f6:9a:ad:20:9f:0b:2e:1a:1d:2e:ec:a7:
dd:61:8e:fb:1c:10:04:55:84:7c:8a:2e:fa:2e:65:5a:10:9f:
6c:2b:cc:59:0e:1d:a0:70:d9:cd:d7:13:b8:76:01:5a:56:10:
08:2c:fb:2a:1c:07:4b:b3:b0:85:fc:d3:e9:86:14:61:ba:a2:
b4:2f:a2:1f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQaowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
MzIyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM2Q0Y0MDkyMDFFN0Iw
MUNCNTk2RTlGOEM4M0U1RTRDNkE0NDFDNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2cSUgQS6jQx7uM0mZ4waX/wFOICIMypWQoHsFFc5v9fidZE8b
1BPfniEMbHtHB7UyTBd3ahUwB4G+v3hOCFOtnru005CWh0OQgfRZqcXkCGLMjaw+
e/xN4/cs2/yeUUTBDhfhH5STHBTZsQ1w3XcaI1r/5PH2f+V0HDvoxHMbK0Xh49sJ
umXsr1KiP5Nv6w9XtcBBbPx7lG53KZDmJ3usHOZyodUoepDla+Ctt9RXsTvatPwY
u9skQstgUhl/OtpN9e5JktCXNHfuMXS+ibc6DE9McjlMSWc8PhL+ik/+nn//8ZRn
3CqHF7kqJza2nWE7OdM3LXhYfZh/bFa8CMQlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxs9AkgHnsBy1lun4yD5eTGpEHEgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hzOUFrZ0huc0J5MWx1
bjR5RDVlVEdwRUhFZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAN2p7IkdXo4yhhqwDy4YAnc6lX9mwC4vy
KAqjjCajRxTlDGTEOvC6EWTWLD5sYBYsoMtB85NsiDh5i9xZ1E2bBNze6vgpC6WT
2Kh31no417BChXSwL7stqljaMGj9AvNiju7f5Goklv7D3T9DlQ30xyvkReViTz8f
v6I5jJDCg480eNPfjkEc04dcVOkeUb48nww7rzTRHNna1YLZ7RlqYGIA+QPLU911
eH1t+7mR52ipRBGRmhdrurG39pqtIJ8LLhodLuyn3WGO+xwQBFWEfIou+i5lWhCf
bCvMWQ4doHDZzdcTuHYBWlYQCCz7KhwHS7OwhfzT6YYUYbqitC+iHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:55 2024 by rpki-client on console-fra.rpki-client.org