Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-PAjjN5NyTepNqc0EaxKqLnpbv0.roa
File: -PAjjN5NyTepNqc0EaxKqLnpbv0.roa (raw, json)
Hash identifier: 9UBcfYKQeuZyPcpp4jDOjzweSoJAkUhnbYyEOHdryRY=
Subject key identifier: F8:F0:23:8C:DE:4D:C9:37:A9:36:A7:34:11:AC:4A:A8:B9:E9:6E:FD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3526
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-PAjjN5NyTepNqc0EaxKqLnpbv0.roa
Signing time: Sat 30 Mar 2024 10:52:08 +0000
ROA not before: Sat 30 Mar 2024 10:52:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13606 (0x3526)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 10:52:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F8F0238CDE4DC937A936A73411AC4AA8B9E96EFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cf:57:87:27:d9:ea:08:1c:df:2d:aa:2d:e9:
87:54:4f:56:33:49:f4:ea:52:86:26:b1:e2:b4:52:
a6:f3:e4:d0:5e:cd:35:da:b8:cd:2a:cb:82:f6:e2:
cc:13:9d:35:5b:04:8e:75:41:70:d6:d6:81:30:c9:
a0:8f:6b:76:b6:9d:74:cb:f0:89:5a:b9:1a:87:19:
db:07:82:14:ce:a9:97:c5:f6:54:39:5b:c4:63:7c:
1f:5a:1c:f1:4d:c7:b6:d8:c7:97:27:32:28:58:be:
48:ec:32:70:6a:4f:f0:ec:12:b5:a9:49:0a:b2:d6:
ca:c4:b2:b5:aa:f5:06:f1:68:a8:12:7e:ac:4e:5a:
3c:3d:1d:bf:aa:68:3a:fa:df:f6:9d:ce:6d:8f:1c:
f4:7c:92:91:60:47:4f:3b:a3:64:4e:81:98:47:f9:
b1:75:15:d0:27:f6:03:e1:68:b1:63:25:16:eb:61:
a2:dc:35:89:ef:3d:8c:fe:4d:6e:d4:15:40:ab:a6:
79:f4:27:62:92:c1:69:08:f5:36:eb:79:d5:7f:08:
41:c3:fb:67:f1:59:2d:d8:08:9b:ed:ae:a0:cc:c4:
18:69:0b:5f:be:2e:1a:e4:72:76:bd:c7:95:42:b2:
9d:43:1a:97:ef:bd:26:08:1e:08:bf:8d:55:1c:6b:
19:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F0:23:8C:DE:4D:C9:37:A9:36:A7:34:11:AC:4A:A8:B9:E9:6E:FD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-PAjjN5NyTepNqc0EaxKqLnpbv0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:06:ec:ce:ae:d8:5d:79:2d:f7:42:9f:c1:04:90:48:34:94:
a7:3c:0a:d1:ce:b8:73:b6:5e:f0:63:f8:cf:26:f6:90:d0:16:
62:4a:41:87:9c:ff:7c:29:40:62:1c:aa:f3:b6:48:10:eb:56:
31:65:d6:98:43:ae:4f:d0:1a:7f:9c:38:41:79:bb:aa:d6:3f:
10:af:9a:e7:26:79:3e:60:23:67:50:46:3b:fb:2c:b1:48:5b:
91:8b:0c:0b:f3:ce:d8:15:74:22:e3:cc:81:d1:62:b7:4f:41:
3f:99:4f:19:70:cc:a0:58:97:cd:e8:3d:f3:a2:f5:5e:84:95:
b1:cb:d0:5f:a3:23:c2:b5:ce:f4:d0:c1:3a:b6:f6:d7:18:6b:
79:e7:81:a6:90:bf:a9:8f:c0:71:56:62:b2:f5:2a:0a:a9:7c:
ef:52:28:ff:7d:86:4c:40:14:41:95:8b:06:60:96:37:d7:9c:
2e:b2:f7:af:6e:ba:ab:ac:67:a0:5c:61:03:b0:8f:ca:19:ef:
ac:68:87:b5:5b:1d:24:65:86:26:43:87:96:56:a3:a4:6a:07:
36:49:e3:32:1a:ef:59:5f:6f:97:01:4c:7e:50:f4:69:64:d4:
03:d3:56:a6:0f:99:91:f4:27:f6:ad:0a:76:20:0e:4f:da:f3:
e7:ce:54:20
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNSYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
MDUyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY4RjAyMzhDREU0REM5
MzdBOTM2QTczNDExQUM0QUE4QjlFOTZFRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyz1eHJ9nqCBzfLaot6YdUT1YzSfTqUoYmseK0Uqbz5NBezTXa
uM0qy4L24swTnTVbBI51QXDW1oEwyaCPa3a2nXTL8IlauRqHGdsHghTOqZfF9lQ5
W8RjfB9aHPFNx7bYx5cnMihYvkjsMnBqT/DsErWpSQqy1srEsrWq9QbxaKgSfqxO
Wjw9Hb+qaDr63/adzm2PHPR8kpFgR087o2ROgZhH+bF1FdAn9gPhaLFjJRbrYaLc
NYnvPYz+TW7UFUCrpnn0J2KSwWkI9TbredV/CEHD+2fxWS3YCJvtrqDMxBhpC1++
Lhrkcna9x5VCsp1DGpfvvSYIHgi/jVUcaxmJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU+PAjjN5NyTepNqc0EaxKqLnpbv0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly1QQWpqTjVOeVRlcE5x
YzBFYXhLcUxucGJ2MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAqgbszq7YXXkt90KfwQSQSDSUpzwK0c64
c7Ze8GP4zyb2kNAWYkpBh5z/fClAYhyq87ZIEOtWMWXWmEOuT9Aaf5w4QXm7qtY/
EK+a5yZ5PmAjZ1BGO/sssUhbkYsMC/PO2BV0IuPMgdFit09BP5lPGXDMoFiXzeg9
86L1XoSVscvQX6MjwrXO9NDBOrb21xhreeeBppC/qY/AcVZisvUqCql871Io/32G
TEAUQZWLBmCWN9ecLrL3r266q6xnoFxhA7CPyhnvrGiHtVsdJGWGJkOHllajpGoH
NknjMhrvWV9vlwFMflD0aWTUA9NWpg+ZkfQn9q0KdiAOT9rz585UIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:01 2024 by rpki-client on console-fra.rpki-client.org