Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1-Tch9n0TxL3lm5OnP6qcQX73dw.roa
File: 1-Tch9n0TxL3lm5OnP6qcQX73dw.roa (raw, json)
Hash identifier: zE1RFT5pmu+rK4xwAmOW6cB9WAUyNbUcwC1IqiQdlRE=
Subject key identifier: D7:E4:DC:87:D9:F4:4F:12:F7:96:6E:4E:9C:FE:AA:71:05:FB:DD:DC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4302
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1-Tch9n0TxL3lm5OnP6qcQX73dw.roa
Signing time: Wed 17 Apr 2024 22:23:24 +0000
ROA not before: Wed 17 Apr 2024 22:23:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17154 (0x4302)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 22:23:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D7E4DC87D9F44F12F7966E4E9CFEAA7105FBDDDC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ed:70:ac:c9:b3:0b:cf:f3:a0:37:c0:6c:97:
be:04:fd:d4:82:a0:1f:33:44:0c:c2:76:29:85:17:
60:d2:b4:27:00:31:ac:51:01:a7:1f:b8:17:f9:38:
93:65:b5:74:39:d7:5c:5c:e4:e4:13:82:96:29:f5:
65:b3:db:83:2b:7f:36:89:cc:ee:d8:a0:77:14:96:
8a:63:a2:26:90:40:40:65:ca:f1:11:6e:c5:2b:5c:
7e:f6:b9:62:66:5f:71:1c:be:94:34:44:bb:a1:61:
ee:2c:bb:ba:16:bf:86:d6:57:e7:88:d3:8c:60:65:
5f:1a:b6:67:c9:01:74:2c:9e:0f:96:e9:97:1c:54:
af:a1:17:60:dd:09:8c:98:9a:c0:1c:72:18:6d:e5:
15:8a:7e:1c:78:8f:b9:aa:6a:b4:63:7a:cc:40:3b:
5b:9b:20:82:28:97:9c:55:12:40:78:5c:7a:2b:88:
a4:1f:81:98:5f:89:71:7f:f8:ba:ff:0b:20:c8:9c:
b6:97:d7:bd:dd:e4:09:63:22:2b:0c:c4:16:ff:b1:
5d:0c:f9:19:78:03:b3:51:59:a3:15:c5:d5:8f:12:
ef:1b:89:d5:74:50:91:33:6a:a0:66:65:5d:da:89:
8e:02:d4:da:55:68:5f:2a:23:52:ef:eb:94:1c:62:
79:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E4:DC:87:D9:F4:4F:12:F7:96:6E:4E:9C:FE:AA:71:05:FB:DD:DC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1-Tch9n0TxL3lm5OnP6qcQX73dw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:c1:31:81:08:26:fa:a6:67:30:81:09:91:82:6a:9c:97:a0:
04:95:75:9d:c1:fd:17:c1:24:5f:10:04:a9:0c:81:8a:94:0a:
ac:8a:00:a5:47:ec:ca:00:1a:98:98:96:f7:ee:0b:87:ba:75:
7d:25:d2:37:81:7c:cf:7c:be:90:18:b2:11:14:09:61:ad:c7:
a8:b7:33:db:8d:f6:14:19:a1:4e:ab:af:ff:1d:e4:5e:84:8c:
b7:df:ee:9a:6d:e3:ad:13:2c:57:9c:5e:6a:a9:ea:95:f6:60:
7a:f4:13:20:75:87:1b:a3:e9:ca:92:b4:71:3a:5e:16:11:05:
5a:f9:51:4e:53:58:bb:7c:cc:33:dd:e8:c9:2f:73:6b:95:61:
1d:c1:42:c0:fd:a2:af:e8:89:06:0f:1f:5f:86:37:d8:25:d9:
eb:0f:31:2c:c9:58:99:d4:ac:f1:fa:ce:8d:2c:94:de:bd:68:
9b:fc:96:de:7a:cc:ba:76:d8:2a:67:61:69:0c:33:b2:36:03:
50:d1:5c:88:32:9a:ca:07:c8:c7:48:16:f4:a2:f5:eb:a5:3f:
0f:75:8a:37:52:ed:79:ca:ee:89:10:ba:9a:0a:59:d7:30:b2:
48:95:53:5e:56:2b:85:28:71:b4:cc:23:4d:a5:e1:88:58:85:
8b:b6:9b:4a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQwIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcy
MjIzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ3RTREQzg3RDlGNDRG
MTJGNzk2NkU0RTlDRkVBQTcxMDVGQkREREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH7XCsybMLz/OgN8Bsl74E/dSCoB8zRAzCdimFF2DStCcAMaxR
AacfuBf5OJNltXQ511xc5OQTgpYp9WWz24MrfzaJzO7YoHcUlopjoiaQQEBlyvER
bsUrXH72uWJmX3EcvpQ0RLuhYe4su7oWv4bWV+eI04xgZV8atmfJAXQsng+W6Zcc
VK+hF2DdCYyYmsAcchht5RWKfhx4j7mqarRjesxAO1ubIIIol5xVEkB4XHoriKQf
gZhfiXF/+Lr/CyDInLaX173d5AljIisMxBb/sV0M+Rl4A7NRWaMVxdWPEu8bidV0
UJEzaqBmZV3aiY4C1NpVaF8qI1Lv65QcYnkvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU1+Tch9n0TxL3lm5OnP6qcQX73dwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzEtVGNoOW4wVHhMM2xt
NU9uUDZxY1FYNzNkdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAecExgQgm+qZnMIEJkYJqnJegBJV1ncH9
F8EkXxAEqQyBipQKrIoApUfsygAamJiW9+4Lh7p1fSXSN4F8z3y+kBiyERQJYa3H
qLcz2432FBmhTquv/x3kXoSMt9/umm3jrRMsV5xeaqnqlfZgevQTIHWHG6PpypK0
cTpeFhEFWvlRTlNYu3zMM93oyS9za5VhHcFCwP2ir+iJBg8fX4Y32CXZ6w8xLMlY
mdSs8frOjSyU3r1om/yW3nrMunbYKmdhaQwzsjYDUNFciDKaygfIx0gW9KL166U/
D3WKN1LtecruiRC6mgpZ1zCySJVTXlYrhShxtMwjTaXhiFiFi7abSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:09 2024 by rpki-client on console-ams.rpki-client.org