Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xx_Vf4gmMKwGGSU1UsHFfmOpDM8.roa
File: xx_Vf4gmMKwGGSU1UsHFfmOpDM8.roa (raw, json)
Hash identifier: GQUiCpHZQgN7eh4q8+GzpsUyK4DPZ632pusn9yx6EXU=
Subject key identifier: C7:1F:D5:7F:88:26:30:AC:06:19:25:35:52:C1:C5:7E:63:A9:0C:CF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 54D6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xx_Vf4gmMKwGGSU1UsHFfmOpDM8.roa
Signing time: Sat 11 May 2024 16:54:09 +0000
ROA not before: Sat 11 May 2024 16:54:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21718 (0x54d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 16:54:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C71FD57F882630AC0619253552C1C57E63A90CCF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:39:47:db:6a:d6:fb:71:d8:db:a3:ff:0f:2f:
ec:b5:aa:02:b0:49:b5:da:50:82:00:68:be:e2:a1:
6d:ea:32:df:04:57:70:25:71:48:ba:5e:7e:7f:75:
0f:cf:c4:78:7a:23:c1:9a:9a:da:35:bb:db:b2:eb:
a8:8d:a6:41:56:5a:2c:db:76:1a:d4:53:f9:4e:b3:
90:06:5c:a3:b3:45:4c:8c:35:6e:c7:dd:04:50:51:
33:34:41:e5:3d:90:24:4c:f1:aa:90:9f:72:35:3e:
ba:42:fd:96:2d:85:d7:b6:a9:a0:01:c4:f6:b6:52:
01:81:fd:23:bf:48:04:ce:34:c6:b3:0f:8b:3a:0b:
ae:72:15:3b:fb:3f:15:0e:df:20:a0:5d:51:c0:00:
2d:2d:66:32:3e:f3:30:87:ff:35:df:30:e0:55:7d:
19:d9:bb:ec:65:3f:f7:50:ea:9d:2e:e0:20:1a:b3:
4f:17:0e:0f:a0:39:a1:cd:c7:09:96:16:a8:12:56:
3f:c5:85:6b:fd:43:fe:51:86:cd:ef:52:b4:2d:89:
6f:8b:3a:ae:4c:c5:60:99:e0:ea:ca:0d:25:52:d3:
4d:b7:15:bf:32:f4:6b:ba:b4:cc:a0:4f:d9:23:99:
16:1f:29:17:d9:a4:d3:bd:14:bd:56:82:ff:b0:7c:
72:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:1F:D5:7F:88:26:30:AC:06:19:25:35:52:C1:C5:7E:63:A9:0C:CF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xx_Vf4gmMKwGGSU1UsHFfmOpDM8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
57:04:09:39:5e:b0:ef:cb:86:9e:0e:35:8a:9a:b5:4c:5b:26:
f5:a7:63:fb:13:f3:ed:91:17:2a:59:85:cc:ea:e8:05:a4:3f:
c3:f3:cc:08:63:a6:5f:df:71:76:fb:eb:07:79:7b:2d:49:5b:
cb:17:95:4c:bd:15:68:5d:dd:65:b3:e9:c5:33:81:a7:b8:be:
1c:ad:0f:0b:61:11:b4:02:93:ce:6b:65:21:94:ba:52:e2:e5:
40:7c:42:3f:68:98:17:b1:8d:16:5f:3e:94:11:7c:d3:72:17:
b3:1a:fd:3d:7c:e0:d6:0e:55:46:89:0e:a1:ef:be:4d:bf:f7:
54:b2:5d:f0:5f:33:a6:04:9c:e2:d6:17:b0:dd:53:f6:84:5b:
44:01:5d:61:f6:d7:0f:34:0a:bc:b8:3c:ca:fc:42:80:45:4b:
14:e8:c7:b6:d6:2e:0f:5c:d8:a3:9c:cc:62:24:97:69:b2:68:
55:03:bc:69:d2:28:02:ee:c8:c7:01:cb:c5:9a:aa:a4:f9:bb:
a3:59:2d:b5:5d:4c:d0:53:bf:d6:ff:9e:80:74:c4:2b:92:d9:
95:5b:fe:17:ec:38:04:92:12:c5:7e:e7:0f:c7:ed:b4:6c:fd:
d3:65:09:39:81:89:7d:aa:10:9b:cf:b4:d8:40:c3:8f:aa:61:
d5:f3:78:f2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVNYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEx
NjU0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM3MUZENTdGODgyNjMw
QUMwNjE5MjUzNTUyQzFDNTdFNjNBOTBDQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxOUfbatb7cdjbo/8PL+y1qgKwSbXaUIIAaL7ioW3qMt8EV3Al
cUi6Xn5/dQ/PxHh6I8Gamto1u9uy66iNpkFWWizbdhrUU/lOs5AGXKOzRUyMNW7H
3QRQUTM0QeU9kCRM8aqQn3I1PrpC/ZYthde2qaABxPa2UgGB/SO/SATONMazD4s6
C65yFTv7PxUO3yCgXVHAAC0tZjI+8zCH/zXfMOBVfRnZu+xlP/dQ6p0u4CAas08X
Dg+gOaHNxwmWFqgSVj/FhWv9Q/5Rhs3vUrQtiW+LOq5MxWCZ4OrKDSVS0023Fb8y
9Gu6tMygT9kjmRYfKRfZpNO9FL1Wgv+wfHKtAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxx/Vf4gmMKwGGSU1UsHFfmOpDM8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3h4X1ZmNGdtTUt3R0dT
VTFVc0hGZm1PcERNOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAVwQJOV6w78uGng41ipq1TFsm9adj+xPz
7ZEXKlmFzOroBaQ/w/PMCGOmX99xdvvrB3l7LUlbyxeVTL0VaF3dZbPpxTOBp7i+
HK0PC2ERtAKTzmtlIZS6UuLlQHxCP2iYF7GNFl8+lBF803IXsxr9PXzg1g5VRokO
oe++Tb/3VLJd8F8zpgSc4tYXsN1T9oRbRAFdYfbXDzQKvLg8yvxCgEVLFOjHttYu
D1zYo5zMYiSXabJoVQO8adIoAu7IxwHLxZqqpPm7o1kttV1M0FO/1v+egHTEK5LZ
lVv+F+w4BJISxX7nD8fttGz902UJOYGJfaoQm8+02EDDj6ph1fN48g==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:35 2025 by rpki-client