Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2X3kGnIXDw-rPSyhGHQQUQ7L5fg.roa
File: 2X3kGnIXDw-rPSyhGHQQUQ7L5fg.roa (raw, json)
Hash identifier: Mn4x0FjOshTw46JlPdBhFQSyNS/O8UjrE+fEOvsAR0A=
Subject key identifier: D9:7D:E4:1A:72:17:0F:0F:AB:3D:2C:A1:18:74:10:51:0E:CB:E5:F8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 480E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2X3kGnIXDw-rPSyhGHQQUQ7L5fg.roa
Signing time: Wed 24 Apr 2024 15:53:34 +0000
ROA not before: Wed 24 Apr 2024 15:53:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18446 (0x480e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 15:53:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D97DE41A72170F0FAB3D2CA1187410510ECBE5F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7b:24:68:e1:81:c3:63:3e:a2:e2:c4:b5:62:
1e:00:97:3c:5e:f8:6a:11:3b:bb:25:77:79:e5:c4:
44:3e:4f:f1:49:1d:d3:90:ce:96:54:2d:e4:75:6d:
66:d7:e4:84:98:df:e9:48:7a:ef:34:c5:be:ff:c1:
cb:e8:9a:07:7c:0c:54:dd:82:f2:07:2f:f8:10:5b:
4e:a2:48:6a:fe:e0:15:da:df:35:42:47:3f:8f:47:
3b:c1:60:78:13:27:f2:90:39:9a:a0:4e:d9:46:33:
84:14:25:93:ff:9a:9f:5e:52:fe:c8:85:63:51:63:
d8:55:d0:81:96:31:53:65:f1:f4:a4:12:9c:04:19:
00:d8:1d:da:fe:fb:a5:d5:ba:9a:a4:27:ca:55:d7:
c1:89:e0:71:c5:65:fe:32:bf:66:7d:0f:44:69:e2:
8d:2d:c2:17:b3:c7:30:1c:58:6e:4c:45:24:00:89:
e3:c0:05:31:c1:f3:7f:a4:eb:b3:d5:c7:97:bc:e9:
14:38:cc:eb:18:8c:e8:7e:2c:42:85:d5:f6:e6:cd:
68:6b:2e:7c:bc:a7:13:b2:05:c1:62:3c:1a:67:97:
35:63:1c:1c:0c:09:5a:cf:d5:39:a5:cf:49:a1:f9:
b6:3d:af:ce:f9:0a:44:99:79:a7:d8:d3:49:3e:00:
3a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:7D:E4:1A:72:17:0F:0F:AB:3D:2C:A1:18:74:10:51:0E:CB:E5:F8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2X3kGnIXDw-rPSyhGHQQUQ7L5fg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4e:60:ee:50:5a:fe:b0:13:46:18:20:49:8d:78:47:12:f1:e9:
99:f8:66:a7:75:1a:85:3c:9a:98:7c:77:7b:ea:d1:f8:27:b7:
9e:f4:f6:cd:12:8a:28:7f:05:fc:97:ab:e9:f8:a7:33:09:63:
cc:07:f8:52:26:f0:17:df:97:b3:15:4d:44:49:31:66:1a:b3:
96:f5:b3:9f:e1:3b:8d:98:dc:3b:7c:9d:c6:63:07:a7:74:d5:
93:37:ae:05:e5:80:3a:61:25:39:e0:d1:94:70:b0:16:66:2a:
e5:db:be:3e:e2:bb:21:e7:d4:45:9d:f1:7c:7b:d2:23:26:a7:
10:e2:6c:f1:62:a9:5f:d7:0a:1d:61:ff:e8:1b:e6:5f:fa:55:
bc:df:20:d9:1e:28:a2:cc:93:0d:1a:5b:fc:2e:3d:fc:29:0b:
da:d2:0a:87:af:83:82:30:91:7c:2f:f3:f1:fd:64:9c:7a:32:
18:b2:aa:b7:1d:24:be:90:e8:ce:c7:85:93:93:3f:55:cf:84:
4d:2c:91:15:58:59:06:3a:0c:e9:e0:a4:b1:14:38:cc:4f:ab:
6d:2a:1f:64:90:c2:66:29:b0:2f:3c:af:be:3a:8f:1e:d8:c8:
ee:c3:f4:64:f4:0c:53:04:62:9c:2d:fb:b2:7e:d7:70:4f:94:
36:dc:19:4b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSA4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQx
NTUzMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ5N0RFNDFBNzIxNzBG
MEZBQjNEMkNBMTE4NzQxMDUxMEVDQkU1RjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxeyRo4YHDYz6i4sS1Yh4Alzxe+GoRO7sld3nlxEQ+T/FJHdOQ
zpZULeR1bWbX5ISY3+lIeu80xb7/wcvomgd8DFTdgvIHL/gQW06iSGr+4BXa3zVC
Rz+PRzvBYHgTJ/KQOZqgTtlGM4QUJZP/mp9eUv7IhWNRY9hV0IGWMVNl8fSkEpwE
GQDYHdr++6XVupqkJ8pV18GJ4HHFZf4yv2Z9D0Rp4o0twhezxzAcWG5MRSQAiePA
BTHB83+k67PVx5e86RQ4zOsYjOh+LEKF1fbmzWhrLny8pxOyBcFiPBpnlzVjHBwM
CVrP1Tmlz0mh+bY9r875CkSZeafY00k+ADqlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2X3kGnIXDw+rPSyhGHQQUQ7L5fgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJYM2tHbklYRHctclBT
eWhHSFFRVVE3TDVmZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEATmDuUFr+sBNGGCBJjXhHEvHpmfhmp3Ua
hTyamHx3e+rR+Ce3nvT2zRKKKH8F/Jer6finMwljzAf4UibwF9+XsxVNREkxZhqz
lvWzn+E7jZjcO3ydxmMHp3TVkzeuBeWAOmElOeDRlHCwFmYq5du+PuK7IefURZ3x
fHvSIyanEOJs8WKpX9cKHWH/6BvmX/pVvN8g2R4oosyTDRpb/C49/CkL2tIKh6+D
gjCRfC/z8f1knHoyGLKqtx0kvpDozseFk5M/Vc+ETSyRFVhZBjoM6eCksRQ4zE+r
bSofZJDCZimwLzyvvjqPHtjI7sP0ZPQMUwRinC37sn7XcE+UNtwZSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:03 2024 by rpki-client on console-fra.rpki-client.org