Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xbFtM7C-h2BB3jhyr_j3uvXaisE.roa
File: xbFtM7C-h2BB3jhyr_j3uvXaisE.roa (raw, json)
Hash identifier: LxC1S+tLqpQ8fe01TnDtPcGwOZpYapNGuYnLyoxi8Xk=
Subject key identifier: C5:B1:6D:33:B0:BE:87:60:41:DE:38:72:AF:F8:F7:BA:F5:DA:8A:C1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 48A6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xbFtM7C-h2BB3jhyr_j3uvXaisE.roa
Signing time: Thu 25 Apr 2024 10:53:18 +0000
ROA not before: Thu 25 Apr 2024 10:53:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18598 (0x48a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 10:53:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C5B16D33B0BE876041DE3872AFF8F7BAF5DA8AC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:cf:eb:c1:9a:b2:68:39:76:9e:4a:f4:7b:f7:
bf:9e:40:20:94:0d:89:5c:eb:b6:91:1e:b4:e6:3f:
38:f1:3c:54:b1:91:69:43:39:bf:70:0d:b0:30:c6:
53:36:a8:9d:e2:17:4b:a9:a1:a6:b2:08:b0:4a:48:
c5:35:5e:5c:51:59:64:b8:c7:69:17:b7:ea:29:a4:
6a:1e:17:65:81:01:7d:ab:cb:4c:82:b2:f8:17:88:
61:3b:6c:40:3a:26:68:94:e8:3c:3d:00:41:84:04:
32:9c:b8:11:c3:ba:e7:16:e0:74:cc:08:84:95:5a:
f7:1a:35:bc:34:b2:6c:49:57:6a:cb:8c:a9:ad:dc:
45:0d:5c:7c:a6:e0:9d:96:6b:bc:0c:90:1e:1b:28:
34:f7:73:9b:ea:2c:54:38:5a:a7:11:0a:ce:40:55:
9e:bd:9b:dc:33:d5:e6:4a:fd:cc:a0:1a:f9:04:29:
64:92:4e:a0:69:8b:b9:b5:cb:e9:c2:d2:44:39:78:
20:33:d7:cd:82:c2:5c:2b:8f:67:f4:56:5d:14:7f:
b8:a6:2c:d2:cb:ae:92:17:93:49:a9:59:50:7f:24:
e3:62:f1:00:90:92:b1:85:e8:39:3d:f2:07:2b:9b:
55:8c:33:98:07:64:02:7e:9a:88:66:09:26:83:fe:
7d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B1:6D:33:B0:BE:87:60:41:DE:38:72:AF:F8:F7:BA:F5:DA:8A:C1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xbFtM7C-h2BB3jhyr_j3uvXaisE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
60:a1:5a:91:6e:a0:e1:ec:03:2d:4d:aa:3c:d6:d7:e0:9f:42:
c6:01:e9:32:8b:86:61:d8:3b:25:f6:64:73:80:57:b1:32:7f:
2f:99:f6:12:3d:f6:0f:0c:42:05:32:a2:51:e4:8a:3d:26:18:
0c:b2:81:9d:f9:2a:25:0b:df:94:aa:8b:72:3e:af:01:30:5c:
af:58:9d:b1:46:eb:92:f3:b3:35:37:4c:21:9b:0b:61:7b:c1:
6e:84:c1:93:66:aa:8a:20:5b:cf:02:97:24:ba:81:42:29:61:
c8:04:b1:fc:71:29:79:b0:20:e2:0d:b2:9d:3f:94:b3:d3:ca:
4f:80:75:89:cb:13:22:56:e4:dd:c6:cb:2f:fa:8f:15:c8:30:
ee:56:2e:d1:b5:94:da:26:93:e9:a9:4a:6c:c9:96:d5:e0:02:
a4:7e:14:ac:f7:a8:f5:cc:ae:2f:4c:29:ab:49:c6:c2:64:9a:
b4:85:ce:73:5b:be:a3:f1:9b:9e:2e:61:2a:79:31:64:98:9b:
e1:c7:a7:fe:7f:d9:4f:ae:30:97:34:b0:a1:ea:3c:0c:7a:d0:
2f:39:94:cc:ac:33:d7:ae:a9:ca:04:ea:92:07:26:53:84:2a:
20:c0:08:c2:f2:2f:f1:c9:81:39:f3:06:c9:5c:85:39:69:87:
03:83:66:7a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUx
MDUzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM1QjE2RDMzQjBCRTg3
NjA0MURFMzg3MkFGRjhGN0JBRjVEQThBQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsz+vBmrJoOXaeSvR797+eQCCUDYlc67aRHrTmPzjxPFSxkWlD
Ob9wDbAwxlM2qJ3iF0upoaayCLBKSMU1XlxRWWS4x2kXt+oppGoeF2WBAX2ry0yC
svgXiGE7bEA6JmiU6Dw9AEGEBDKcuBHDuucW4HTMCISVWvcaNbw0smxJV2rLjKmt
3EUNXHym4J2Wa7wMkB4bKDT3c5vqLFQ4WqcRCs5AVZ69m9wz1eZK/cygGvkEKWSS
TqBpi7m1y+nC0kQ5eCAz182Cwlwrj2f0Vl0Uf7imLNLLrpIXk0mpWVB/JONi8QCQ
krGF6Dk98gcrm1WMM5gHZAJ+mohmCSaD/n2/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxbFtM7C+h2BB3jhyr/j3uvXaisEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hiRnRNN0MtaDJCQjNq
aHlyX2ozdXZYYWlzRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAYKFakW6g4ewDLU2qPNbX4J9CxgHpMouG
Ydg7JfZkc4BXsTJ/L5n2Ej32DwxCBTKiUeSKPSYYDLKBnfkqJQvflKqLcj6vATBc
r1idsUbrkvOzNTdMIZsLYXvBboTBk2aqiiBbzwKXJLqBQilhyASx/HEpebAg4g2y
nT+Us9PKT4B1icsTIlbk3cbLL/qPFcgw7lYu0bWU2iaT6alKbMmW1eACpH4UrPeo
9cyuL0wpq0nGwmSatIXOc1u+o/Gbni5hKnkxZJib4cen/n/ZT64wlzSwoeo8DHrQ
LzmUzKwz166pygTqkgcmU4QqIMAIwvIv8cmBOfMGyVyFOWmHA4Nmeg==
-----END CERTIFICATE-----
Generated at Sat May 17 20:46:30 2025 by rpki-client