Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/16UStFl3rCfxWbOBouKwvZRxcHI.roa
File: 16UStFl3rCfxWbOBouKwvZRxcHI.roa (raw, json)
Hash identifier: aiefJKe2fkDCzdQ9gJXWawdS6PG265WyTmMx1vva+Io=
Subject key identifier: D7:A5:12:B4:59:77:AC:27:F1:59:B3:81:A2:E2:B0:BD:94:71:70:72
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B92
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/16UStFl3rCfxWbOBouKwvZRxcHI.roa
Signing time: Mon 08 Apr 2024 00:23:00 +0000
ROA not before: Mon 08 Apr 2024 00:23:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15250 (0x3b92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 00:23:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D7A512B45977AC27F159B381A2E2B0BD94717072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f2:6f:62:da:89:a8:fa:29:4c:b2:c7:90:2e:
60:38:7d:8c:3d:a1:9e:9c:6c:82:3a:84:5a:5f:4b:
3e:7c:fa:58:86:c3:13:ae:b2:9b:a4:9c:bb:00:14:
ca:46:2e:99:6c:38:a1:28:90:da:23:94:7b:e1:1d:
ad:fb:4d:21:ee:b7:e2:bc:3e:f0:1b:68:2f:35:b7:
10:cd:54:ed:70:7f:52:9f:09:c3:0b:3d:4b:28:bb:
1d:88:c7:34:91:03:30:14:69:69:61:d2:1f:f0:e0:
79:8a:f7:d7:a0:cc:e7:d5:be:19:68:1c:07:af:02:
22:d9:17:76:65:72:5a:e6:e0:94:45:b8:8f:4c:2c:
f0:f3:25:72:30:c0:ba:f5:58:74:db:89:e2:e4:72:
a9:5c:60:c7:c5:23:95:7c:a6:87:40:70:32:72:0e:
03:e4:34:d4:aa:b3:ea:95:d1:d0:4f:cf:3f:7f:54:
59:4a:95:b2:2e:4a:4e:e3:59:ac:e6:d2:6a:91:93:
a5:6c:8b:01:4c:4a:35:49:b2:f2:e7:8a:25:74:78:
4d:db:ef:81:8d:5e:f4:a8:18:37:07:47:c8:bf:31:
6e:f6:fc:1e:ac:59:ef:64:b0:8f:b8:11:25:b0:b2:
9a:2b:4f:d4:a9:bc:df:c5:89:7f:a5:3d:7b:68:ed:
25:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A5:12:B4:59:77:AC:27:F1:59:B3:81:A2:E2:B0:BD:94:71:70:72
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/16UStFl3rCfxWbOBouKwvZRxcHI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2b:40:91:9c:d6:05:48:f3:da:dc:c8:c7:20:b3:02:7e:2b:52:
48:df:d8:49:a4:3a:0e:5d:92:45:11:f1:30:d4:67:01:6f:fd:
06:d0:af:35:a2:4e:27:83:db:37:2f:e0:3b:54:d9:57:58:6a:
93:a2:00:11:41:6e:66:f8:55:af:23:88:2b:33:48:63:0e:dc:
a2:7b:5c:2e:b9:0a:5b:1d:a2:bd:86:02:fa:cd:a6:8a:f2:27:
be:5d:24:4f:69:84:59:f9:30:57:32:d0:e6:06:7b:56:cf:1e:
a4:c6:b0:f7:e5:10:71:fb:c3:2d:f5:a2:4b:ae:cd:0a:18:94:
31:3d:ef:dc:d6:87:65:7a:fa:65:ab:90:66:42:b3:45:d2:22:
80:aa:74:5f:ac:3b:8e:e5:be:c3:15:68:ec:05:9f:a6:47:fe:
10:35:4d:5d:53:f5:0d:f7:d9:8b:f6:43:52:44:4e:12:b9:2a:
d9:eb:8b:8f:d7:9f:d9:65:2f:97:ea:19:e7:09:15:89:06:3f:
95:57:4c:33:a5:d3:ac:7b:2f:47:cc:ea:1e:b5:8c:aa:9a:88:
c5:18:9a:1d:37:50:a5:98:a7:c7:2c:3a:b0:1b:63:28:c9:0f:
22:f3:b3:bd:c3:0c:85:10:bb:ea:f0:ae:14:41:65:90:d8:02:
41:87:7b:eb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICO5IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgw
MDIzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ3QTUxMkI0NTk3N0FD
MjdGMTU5QjM4MUEyRTJCMEJEOTQ3MTcwNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs8m9i2omo+ilMsseQLmA4fYw9oZ6cbII6hFpfSz58+liGwxOu
spuknLsAFMpGLplsOKEokNojlHvhHa37TSHut+K8PvAbaC81txDNVO1wf1KfCcML
PUsoux2IxzSRAzAUaWlh0h/w4HmK99egzOfVvhloHAevAiLZF3Zlclrm4JRFuI9M
LPDzJXIwwLr1WHTbieLkcqlcYMfFI5V8podAcDJyDgPkNNSqs+qV0dBPzz9/VFlK
lbIuSk7jWazm0mqRk6VsiwFMSjVJsvLniiV0eE3b74GNXvSoGDcHR8i/MW72/B6s
We9ksI+4ESWwsporT9SpvN/FiX+lPXto7SVZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU16UStFl3rCfxWbOBouKwvZRxcHIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzE2VVN0RmwzckNmeFdi
T0JvdUt3dlpSeGNISS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAK0CRnNYFSPPa3MjHILMCfitSSN/YSaQ6
Dl2SRRHxMNRnAW/9BtCvNaJOJ4PbNy/gO1TZV1hqk6IAEUFuZvhVryOIKzNIYw7c
ontcLrkKWx2ivYYC+s2mivInvl0kT2mEWfkwVzLQ5gZ7Vs8epMaw9+UQcfvDLfWi
S67NChiUMT3v3NaHZXr6ZauQZkKzRdIigKp0X6w7juW+wxVo7AWfpkf+EDVNXVP1
DffZi/ZDUkROErkq2euLj9ef2WUvl+oZ5wkViQY/lVdMM6XTrHsvR8zqHrWMqpqI
xRiaHTdQpZinxyw6sBtjKMkPIvOzvcMMhRC76vCuFEFlkNgCQYd76w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:02 2024 by rpki-client on console-fra.rpki-client.org