Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/19BE5K3uiMarlBRmEVVqaJMUHO8.roa
File: 19BE5K3uiMarlBRmEVVqaJMUHO8.roa (raw, json)
Hash identifier: mfSqRURywvIRB67ol5s1T22vd9IM2Apesf1GHVmeSdc=
Subject key identifier: D7:D0:44:E4:AD:EE:88:C6:AB:94:14:66:11:55:6A:68:93:14:1C:EF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F36
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/19BE5K3uiMarlBRmEVVqaJMUHO8.roa
Signing time: Sat 04 May 2024 04:54:02 +0000
ROA not before: Sat 04 May 2024 04:54:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20278 (0x4f36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 04:54:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D7D044E4ADEE88C6AB94146611556A6893141CEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4d:0a:59:91:56:84:7f:d2:54:88:5d:ad:97:
9e:7c:b3:7a:62:9a:d5:cd:6a:83:03:c5:6f:fc:bf:
f8:4c:d3:67:26:d4:27:5d:8e:47:ae:b9:f6:e5:cd:
ad:12:cb:20:2e:48:5b:dc:c6:c8:5b:21:4d:39:c7:
ce:1a:73:d7:a8:bd:dd:52:0f:4e:5c:a6:09:e1:94:
50:77:65:03:ab:63:88:4e:69:a7:af:e0:5f:c2:db:
fa:13:eb:3d:bb:81:4a:df:97:99:30:c9:fd:4d:84:
f4:3e:e1:e9:33:e4:21:46:74:d5:86:1a:5b:c1:96:
35:ce:b7:af:03:45:a4:22:16:db:7e:ba:e9:a2:34:
4a:4c:c9:e4:dd:5b:c2:32:95:00:7f:cc:6e:dc:0d:
3e:cd:5e:a6:98:83:69:9d:13:9d:df:60:7b:d0:e7:
df:e8:a8:61:a6:eb:c9:a2:2d:04:78:c3:39:7c:2f:
c3:ff:47:c5:a8:78:48:fb:40:80:52:7b:cd:f5:d9:
35:d6:09:4d:0f:8f:18:b2:de:3e:8a:e2:cf:76:1f:
a4:d0:f6:f2:09:eb:3d:7d:ff:5d:c0:04:4b:62:c3:
5f:a8:37:1a:66:20:94:43:ea:65:f5:35:4d:ba:41:
af:6f:a6:b7:44:e8:c8:07:91:da:41:69:08:d5:41:
85:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:D0:44:E4:AD:EE:88:C6:AB:94:14:66:11:55:6A:68:93:14:1C:EF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/19BE5K3uiMarlBRmEVVqaJMUHO8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:22:d1:e5:8d:78:2e:20:d6:39:01:7d:aa:a0:c7:b4:a5:d2:
cc:0c:a0:68:5e:f8:3c:9d:ad:95:4d:4c:da:74:39:87:9a:f5:
cc:c5:19:a5:4f:e6:dc:a3:cf:6f:15:b8:8c:c5:65:f1:75:a2:
93:da:73:61:e7:a2:17:a8:2d:2a:0f:d7:1a:66:c5:0e:77:0e:
c1:49:7c:10:11:f2:c7:2e:d5:c0:12:1f:08:f2:4e:fc:b7:75:
6f:ff:7e:5a:cb:4c:12:64:47:4d:a9:d5:d1:f7:60:99:3a:c2:
5f:88:35:1b:4b:75:d2:08:b9:86:96:10:34:46:7d:b9:67:46:
35:fe:fe:58:c7:15:69:df:d7:9b:c9:8f:5d:ec:23:a9:d7:12:
c4:f9:f2:18:14:34:19:1b:b7:58:e1:e7:71:34:35:99:82:63:
31:d3:f0:3e:0b:2d:2e:2d:c2:3e:0f:d4:51:d3:07:a6:c7:97:
6f:ea:08:82:17:6c:f6:c3:a2:2e:16:78:bc:27:fc:2f:94:1d:
03:a7:c9:b2:f6:c1:9e:e2:13:c5:a5:2d:8c:7e:2b:09:3c:2a:
64:c4:c3:74:b8:55:34:26:93:08:d2:09:16:6a:9b:bc:b2:7e:
a6:f9:46:e9:87:73:67:3c:ba:85:96:10:e1:bf:42:40:2b:32:
7e:93:4b:f7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQw
NDU0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ3RDA0NEU0QURFRTg4
QzZBQjk0MTQ2NjExNTU2QTY4OTMxNDFDRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBTQpZkVaEf9JUiF2tl558s3pimtXNaoMDxW/8v/hM02cm1Cdd
jkeuufblza0SyyAuSFvcxshbIU05x84ac9eovd1SD05cpgnhlFB3ZQOrY4hOaaev
4F/C2/oT6z27gUrfl5kwyf1NhPQ+4ekz5CFGdNWGGlvBljXOt68DRaQiFtt+uumi
NEpMyeTdW8IylQB/zG7cDT7NXqaYg2mdE53fYHvQ59/oqGGm68miLQR4wzl8L8P/
R8WoeEj7QIBSe8312TXWCU0Pjxiy3j6K4s92H6TQ9vIJ6z19/13ABEtiw1+oNxpm
IJRD6mX1NU26Qa9vprdE6MgHkdpBaQjVQYVjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU19BE5K3uiMarlBRmEVVqaJMUHO8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzE5QkU1SzN1aU1hcmxC
Um1FVlZxYUpNVUhPOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAZSLR5Y14LiDWOQF9qqDHtKXSzAygaF74
PJ2tlU1M2nQ5h5r1zMUZpU/m3KPPbxW4jMVl8XWik9pzYeeiF6gtKg/XGmbFDncO
wUl8EBHyxy7VwBIfCPJO/Ld1b/9+WstMEmRHTanV0fdgmTrCX4g1G0t10gi5hpYQ
NEZ9uWdGNf7+WMcVad/Xm8mPXewjqdcSxPnyGBQ0GRu3WOHncTQ1mYJjMdPwPgst
Li3CPg/UUdMHpseXb+oIghds9sOiLhZ4vCf8L5QdA6fJsvbBnuITxaUtjH4rCTwq
ZMTDdLhVNCaTCNIJFmqbvLJ+pvlG6YdzZzy6hZYQ4b9CQCsyfpNL9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:02 2024 by rpki-client on console-fra.rpki-client.org