Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2UDmF-SGJxxXcgOMaS1tiG9Kbwo.roa
File: 2UDmF-SGJxxXcgOMaS1tiG9Kbwo.roa (raw, json)
Hash identifier: NRH95rOWIE15fDGNX/4aI8gjzEAL97Q3SMn3FrjAr8U=
Subject key identifier: D9:40:E6:17:E4:86:27:1C:57:72:03:8C:69:2D:6D:88:6F:4A:6F:0A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3712
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2UDmF-SGJxxXcgOMaS1tiG9Kbwo.roa
Signing time: Tue 02 Apr 2024 00:22:13 +0000
ROA not before: Tue 02 Apr 2024 00:22:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14098 (0x3712)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 00:22:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D940E617E486271C5772038C692D6D886F4A6F0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:69:f3:51:2c:e2:37:05:7f:8b:44:41:93:c1:
fa:d8:63:89:e1:7f:61:cb:f3:59:f2:ba:f9:a0:ab:
6f:08:b3:69:93:24:4b:53:94:dd:1e:3f:23:8a:7e:
37:3c:2c:bf:0f:dd:e8:bf:49:e9:99:fa:a4:87:3f:
5d:53:85:a1:2a:10:4a:e1:58:28:a0:5a:1e:26:ad:
a1:fc:c2:5d:16:33:83:f4:a8:b4:8b:dc:dc:6d:42:
5f:32:13:7f:0d:04:78:07:41:d2:17:55:45:92:ca:
80:60:0f:a9:94:a5:10:80:a4:5f:05:b5:0e:99:4a:
15:f0:a8:d9:21:f7:7d:c3:0b:19:4f:f8:f9:0a:96:
e4:c9:c7:35:79:30:e4:87:1b:1e:e5:1c:b6:4a:0f:
5d:ee:51:24:42:71:97:1b:7e:79:33:d8:92:f7:a7:
e7:83:c9:3b:66:25:e3:14:3b:10:d6:7d:f0:40:82:
2c:b2:41:21:49:9c:ca:3f:4e:5e:25:4e:02:b0:37:
08:6b:c8:43:97:76:85:e5:3c:b3:20:ad:9b:e1:4a:
9a:f8:d8:b8:db:82:6c:d2:5e:ae:03:a7:8a:4c:bc:
04:d2:21:a8:f2:6a:7f:9d:70:08:73:60:75:8c:30:
19:a8:90:a6:13:f6:45:2f:f1:2a:d3:53:ef:2e:54:
91:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:40:E6:17:E4:86:27:1C:57:72:03:8C:69:2D:6D:88:6F:4A:6F:0A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2UDmF-SGJxxXcgOMaS1tiG9Kbwo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:ef:22:d5:61:11:3e:a3:19:df:5e:a1:37:fe:11:ad:a0:13:
0a:de:ed:7a:a6:6e:6a:8f:2d:b6:26:44:88:fd:d7:82:31:3e:
59:d6:3a:b6:51:37:f8:fa:91:80:39:4e:49:d7:f4:00:5d:7f:
4a:f4:46:85:c5:cc:90:f0:62:34:e3:4e:a5:c2:82:ca:9b:a2:
ac:c8:9c:96:c5:10:3e:dc:38:a9:60:8e:78:61:2c:51:6f:01:
0e:4b:1c:ac:fc:08:3e:09:c5:cb:3d:a6:56:ef:83:db:b5:f0:
2c:bd:58:b0:1d:36:be:36:de:3e:ba:1f:bc:a8:a3:35:01:db:
48:aa:68:20:92:b6:0c:b3:71:8b:d9:a3:ce:a2:87:2b:a2:27:
24:fc:a6:b0:52:e7:f5:32:5d:1c:0a:2e:2e:cb:82:1e:3b:11:
7e:78:13:2d:50:46:cb:7c:f8:58:9c:31:cb:dc:a0:f6:c4:aa:
49:e2:54:5f:5f:d2:9e:85:ec:24:9d:93:45:96:28:5b:43:1e:
5a:bb:31:75:55:80:d6:97:14:ab:cc:6d:35:2c:c5:b6:1f:2c:
fb:5c:76:ac:54:f5:af:3c:55:d5:00:6b:2f:7b:9d:83:0b:c2:
ab:02:58:8f:7f:32:b1:c3:c6:50:ec:c4:84:6b:2c:a4:a6:42:
7b:23:3b:1c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNxIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIw
MDIyMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ5NDBFNjE3RTQ4NjI3
MUM1NzcyMDM4QzY5MkQ2RDg4NkY0QTZGMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdafNRLOI3BX+LREGTwfrYY4nhf2HL81nyuvmgq28Is2mTJEtT
lN0ePyOKfjc8LL8P3ei/SemZ+qSHP11ThaEqEErhWCigWh4mraH8wl0WM4P0qLSL
3NxtQl8yE38NBHgHQdIXVUWSyoBgD6mUpRCApF8FtQ6ZShXwqNkh933DCxlP+PkK
luTJxzV5MOSHGx7lHLZKD13uUSRCcZcbfnkz2JL3p+eDyTtmJeMUOxDWffBAgiyy
QSFJnMo/Tl4lTgKwNwhryEOXdoXlPLMgrZvhSpr42LjbgmzSXq4Dp4pMvATSIajy
an+dcAhzYHWMMBmokKYT9kUv8SrTU+8uVJEhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2UDmF+SGJxxXcgOMaS1tiG9KbwowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJVRG1GLVNHSnh4WGNn
T01hUzF0aUc5S2J3by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAH+8i1WERPqMZ316hN/4RraATCt7teqZu
ao8ttiZEiP3XgjE+WdY6tlE3+PqRgDlOSdf0AF1/SvRGhcXMkPBiNONOpcKCypui
rMiclsUQPtw4qWCOeGEsUW8BDkscrPwIPgnFyz2mVu+D27XwLL1YsB02vjbeProf
vKijNQHbSKpoIJK2DLNxi9mjzqKHK6InJPymsFLn9TJdHAouLsuCHjsRfngTLVBG
y3z4WJwxy9yg9sSqSeJUX1/SnoXsJJ2TRZYoW0MeWrsxdVWA1pcUq8xtNSzFth8s
+1x2rFT1rzxV1QBrL3udgwvCqwJYj38yscPGUOzEhGsspKZCeyM7HA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:11 2024 by rpki-client on console-ams.rpki-client.org