Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XwWs06Y1Hz274iFpNDdNQM6hSjE.roa
File: XwWs06Y1Hz274iFpNDdNQM6hSjE.roa (raw, json)
Hash identifier: Lru/kw3flsu/73bkQSNplxuQDTUUva4ORFmRG/9zMZE=
Subject key identifier: 5F:05:AC:D3:A6:35:1F:3D:BB:E2:21:69:34:37:4D:40:CE:A1:4A:31
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3432
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XwWs06Y1Hz274iFpNDdNQM6hSjE.roa
Signing time: Fri 29 Mar 2024 04:22:04 +0000
ROA not before: Fri 29 Mar 2024 04:22:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13362 (0x3432)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 04:22:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5F05ACD3A6351F3DBBE2216934374D40CEA14A31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:70:3c:01:8c:a7:23:70:f7:d0:66:b5:2d:0f:
0d:c3:60:fc:1e:87:3c:0a:3d:20:97:27:49:bc:1f:
c3:90:14:c9:7f:c7:2c:da:65:65:c7:d5:ee:39:35:
cb:52:e3:3d:77:fa:f6:60:27:19:02:94:6c:3a:eb:
9b:02:88:f4:22:77:33:16:67:14:a7:4b:61:4b:23:
5e:c9:cf:26:26:e3:0d:b5:53:76:78:1c:36:af:53:
ca:23:68:45:3d:d9:d0:e9:53:5b:3c:fb:b4:72:e1:
e8:b2:28:1e:88:81:37:9d:64:ac:8f:57:39:e6:0f:
51:1e:67:d3:4b:d0:42:fc:ce:44:0b:93:b8:2c:90:
15:23:d2:2b:06:63:bc:6e:9e:12:47:9e:e7:47:3d:
6d:2d:66:78:2a:ef:25:74:57:cf:6e:fb:1b:7e:43:
7d:a9:92:c1:36:b6:45:10:e8:30:80:e1:73:45:20:
c0:fa:34:a0:1e:d0:a7:4d:52:36:d0:c1:77:72:a0:
2a:13:c0:a9:c8:0a:f7:ca:bf:ab:79:4c:94:95:41:
f4:2b:89:80:61:92:cd:41:a9:b8:b9:0f:8a:d5:b7:
b8:54:bb:fe:54:df:dd:d3:68:a1:91:36:9a:06:f5:
2a:4f:c0:c3:5f:d9:42:66:e8:a2:c4:5c:a4:fe:b4:
71:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:05:AC:D3:A6:35:1F:3D:BB:E2:21:69:34:37:4D:40:CE:A1:4A:31
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XwWs06Y1Hz274iFpNDdNQM6hSjE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
07:54:58:41:61:29:50:19:1c:4c:52:ac:48:41:47:b3:85:f2:
d1:43:d8:2c:85:aa:1a:13:aa:ac:d2:2b:ee:e1:80:ea:bd:30:
c2:8c:fd:b5:fb:55:2d:20:bf:00:cf:10:eb:1f:b7:40:51:9a:
12:63:4e:dd:8e:ae:4d:ea:40:5a:11:8e:8e:6e:da:b2:68:f4:
78:a9:95:54:0b:98:5a:0d:17:8a:53:d3:c0:ed:9f:5c:94:62:
c2:3d:f3:2c:42:82:ae:e6:97:11:34:a7:c9:a5:94:46:c5:d6:
41:a4:e2:8b:4b:a3:d3:59:b4:ff:3b:64:b9:ce:af:bf:91:fc:
90:22:c1:48:76:12:3b:f2:62:bd:53:e7:f4:31:6c:59:7f:0a:
b9:87:c2:90:c7:5d:26:df:1f:02:b1:a8:a2:4f:02:6d:f2:84:
ab:12:c6:03:42:39:4f:94:b3:cb:d8:f2:7c:fc:6c:bb:49:d0:
60:b6:6b:bd:b6:27:17:3c:aa:cd:4e:11:4e:89:56:9d:8c:97:
94:05:fd:8a:ad:6c:ce:fc:26:43:dc:fe:b6:1a:c5:8c:a6:58:
d6:11:42:3e:5a:83:12:8a:fc:3c:33:43:66:e9:5f:84:20:98:
07:dd:ec:a1:1a:a6:c4:67:f0:57:6b:13:c5:74:69:67:b4:4f:
42:2a:6f:9b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNDIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
NDIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVGMDVBQ0QzQTYzNTFG
M0RCQkUyMjE2OTM0Mzc0RDQwQ0VBMTRBMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgcDwBjKcjcPfQZrUtDw3DYPwehzwKPSCXJ0m8H8OQFMl/xyza
ZWXH1e45NctS4z13+vZgJxkClGw665sCiPQidzMWZxSnS2FLI17JzyYm4w21U3Z4
HDavU8ojaEU92dDpU1s8+7Ry4eiyKB6IgTedZKyPVznmD1EeZ9NL0EL8zkQLk7gs
kBUj0isGY7xunhJHnudHPW0tZngq7yV0V89u+xt+Q32pksE2tkUQ6DCA4XNFIMD6
NKAe0KdNUjbQwXdyoCoTwKnICvfKv6t5TJSVQfQriYBhks1Bqbi5D4rVt7hUu/5U
393TaKGRNpoG9SpPwMNf2UJm6KLEXKT+tHH3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUXwWs06Y1Hz274iFpNDdNQM6hSjEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1h3V3MwNlkxSHoyNzRp
RnBORGROUU02aFNqRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAB1RYQWEpUBkcTFKsSEFHs4Xy0UPYLIWq
GhOqrNIr7uGA6r0wwoz9tftVLSC/AM8Q6x+3QFGaEmNO3Y6uTepAWhGOjm7asmj0
eKmVVAuYWg0XilPTwO2fXJRiwj3zLEKCruaXETSnyaWURsXWQaTii0uj01m0/ztk
uc6vv5H8kCLBSHYSO/JivVPn9DFsWX8KuYfCkMddJt8fArGook8CbfKEqxLGA0I5
T5Szy9jyfPxsu0nQYLZrvbYnFzyqzU4RTolWnYyXlAX9iq1szvwmQ9z+thrFjKZY
1hFCPlqDEor8PDNDZulfhCCYB93soRqmxGfwV2sTxXRpZ7RPQipvmw==
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:04:07 2025 by rpki-client