Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1g2f8KUDNzNQhekJii78d0ljOWk.roa
File: 1g2f8KUDNzNQhekJii78d0ljOWk.roa (raw, json)
Hash identifier: WF6fPFfy3DTKymZuAMw8vOg3IyOvyI2sbnBqC1MKgTs=
Subject key identifier: D6:0D:9F:F0:A5:03:37:33:50:85:E9:09:8A:2E:FC:77:49:63:39:69
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 549A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1g2f8KUDNzNQhekJii78d0ljOWk.roa
Signing time: Sat 11 May 2024 09:24:09 +0000
ROA not before: Sat 11 May 2024 09:24:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21658 (0x549a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 09:24:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D60D9FF0A50337335085E9098A2EFC7749633969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ae:90:cc:18:57:77:62:bc:b3:19:76:ca:7d:
60:c3:0b:69:01:86:2e:a2:6f:8c:5e:ec:66:c3:c9:
ba:81:de:05:56:0a:29:d9:15:c1:61:1a:c5:18:96:
31:8b:89:48:1d:4f:fa:a6:f9:23:8c:f8:2e:e1:73:
1f:80:a0:d5:51:c2:7b:d4:87:e0:11:ee:0a:ca:df:
7e:bc:f0:1b:0e:ed:d7:28:8f:0d:cb:88:c7:fa:2f:
e9:9b:be:4f:15:db:1f:37:54:69:04:f5:56:a8:f5:
98:d3:29:b4:87:4e:e3:db:9f:5d:d8:c1:ef:2b:1f:
63:b8:28:22:24:4f:82:8a:0e:b4:2a:e8:7a:90:68:
da:5a:4f:e4:f2:0a:25:4b:ca:11:c3:a3:b6:5d:5c:
cd:2c:4c:f9:f0:6b:f8:4c:91:46:74:b4:75:16:36:
b5:6a:f6:4c:22:fa:e8:9a:8a:22:de:be:7c:5e:06:
cf:95:fc:6d:c1:6a:fe:f0:3c:3c:40:85:44:2b:5d:
eb:be:cd:ff:d6:1e:0c:a0:f2:d1:c4:58:60:42:4d:
39:fc:65:5a:83:97:ce:a2:b1:38:1f:ed:b8:1b:85:
e6:4a:b9:0f:1d:09:32:82:ed:7b:b7:3b:7c:27:4f:
a7:2a:4f:45:ac:2d:b8:39:3b:00:20:ca:b5:dd:d8:
88:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:0D:9F:F0:A5:03:37:33:50:85:E9:09:8A:2E:FC:77:49:63:39:69
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1g2f8KUDNzNQhekJii78d0ljOWk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b5:ca:71:5b:5d:06:68:a0:97:ba:b8:a5:ed:ac:1a:d3:fb:55:
a5:1a:d7:7e:e9:9b:eb:56:a6:6d:eb:25:04:96:b4:87:c4:db:
ed:01:f6:af:d8:0c:fc:08:fc:b4:28:a4:75:cd:9b:b3:88:ed:
d3:5b:e1:ae:75:1a:79:ac:89:ac:28:5b:e4:06:24:6d:85:72:
c2:24:fd:0a:ab:f0:47:68:d2:4c:62:bb:3f:44:26:b5:be:e0:
7d:0f:10:d7:b8:59:bc:32:44:ca:9d:2e:98:23:af:ab:e7:da:
44:7a:49:87:8c:82:61:e1:e2:38:c1:ed:cb:a2:5f:38:ec:bb:
39:d1:86:11:65:ff:38:45:97:22:3c:3c:71:89:01:e9:c2:e7:
29:a7:cd:c0:cf:7e:65:57:a9:6d:9c:93:7e:88:54:64:71:ee:
bb:88:6d:56:c5:b0:8b:17:7c:85:63:68:e1:99:ed:b8:5e:96:
3e:72:88:83:5d:ca:24:b8:8d:41:81:d4:e6:79:75:97:54:b8:
1c:ed:05:3b:e6:c5:82:b3:ff:68:e0:a9:ef:9e:91:b2:f7:41:
37:be:87:69:de:b9:57:15:5b:3f:e4:f1:b2:34:25:1d:d5:10:
28:4c:e1:2a:d4:19:d1:ff:36:d2:db:37:e8:e7:01:5f:ae:4d:
0c:a1:75:75
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEw
OTI0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ2MEQ5RkYwQTUwMzM3
MzM1MDg1RTkwOThBMkVGQzc3NDk2MzM5NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfrpDMGFd3YryzGXbKfWDDC2kBhi6ib4xe7GbDybqB3gVWCinZ
FcFhGsUYljGLiUgdT/qm+SOM+C7hcx+AoNVRwnvUh+AR7grK33688BsO7dcojw3L
iMf6L+mbvk8V2x83VGkE9Vao9ZjTKbSHTuPbn13Ywe8rH2O4KCIkT4KKDrQq6HqQ
aNpaT+TyCiVLyhHDo7ZdXM0sTPnwa/hMkUZ0tHUWNrVq9kwi+uiaiiLevnxeBs+V
/G3Bav7wPDxAhUQrXeu+zf/WHgyg8tHEWGBCTTn8ZVqDl86isTgf7bgbheZKuQ8d
CTKC7Xu3O3wnT6cqT0WsLbg5OwAgyrXd2IizAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU1g2f8KUDNzNQhekJii78d0ljOWkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzFnMmY4S1VETnpOUWhl
a0ppaTc4ZDBsak9Xay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAtcpxW10GaKCXuril7awa0/tVpRrXfumb
61ambeslBJa0h8Tb7QH2r9gM/Aj8tCikdc2bs4jt01vhrnUaeayJrChb5AYkbYVy
wiT9CqvwR2jSTGK7P0Qmtb7gfQ8Q17hZvDJEyp0umCOvq+faRHpJh4yCYeHiOMHt
y6JfOOy7OdGGEWX/OEWXIjw8cYkB6cLnKafNwM9+ZVepbZyTfohUZHHuu4htVsWw
ixd8hWNo4ZntuF6WPnKIg13KJLiNQYHU5nl1l1S4HO0FO+bFgrP/aOCp756RsvdB
N76Had65VxVbP+TxsjQlHdUQKEzhKtQZ0f820ts36OcBX65NDKF1dQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:11 2024 by rpki-client on console-ams.rpki-client.org