Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2gAHdFASgLlXU1HsDbqvt0wz058.roa
File: 2gAHdFASgLlXU1HsDbqvt0wz058.roa (raw, json)
Hash identifier: 79plfktzVgjY6kfkpUARVPoJTP7O0+tiPTYI9jExNkw=
Subject key identifier: DA:00:07:74:50:12:80:B9:57:53:51:EC:0D:BA:AF:B7:4C:33:D3:9F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 475E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2gAHdFASgLlXU1HsDbqvt0wz058.roa
Signing time: Tue 23 Apr 2024 17:53:13 +0000
ROA not before: Tue 23 Apr 2024 17:53:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18270 (0x475e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 23 17:53:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DA000774501280B9575351EC0DBAAFB74C33D39F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9e:ef:7d:05:7d:93:8f:28:6c:78:af:13:b4:
c8:99:ac:a9:f6:72:6d:a1:f2:23:d9:1a:08:87:ca:
1b:75:4f:20:ea:af:5e:07:e1:31:3a:b6:15:58:09:
94:89:c1:b9:af:f8:9d:6f:e7:34:d8:29:d6:d5:b8:
4a:98:66:c7:c4:c4:da:29:15:51:ad:6e:d1:c4:e8:
0c:3a:45:e3:1d:ae:80:8f:80:63:fc:b6:ba:b9:bf:
a8:33:35:ad:8c:64:87:21:6b:b7:10:ea:05:f8:a9:
e7:ab:9b:fc:8a:f9:e0:71:0d:a3:94:b2:68:9f:08:
1a:f6:24:70:9e:e4:f9:80:c5:22:73:d0:b6:b5:c0:
8d:19:47:1c:68:34:07:da:a5:67:65:99:84:7e:ba:
32:1f:14:ce:e8:fd:07:7f:e4:fc:f1:d7:55:7e:a9:
23:2d:f1:15:7b:68:f3:90:88:fe:5a:fa:d4:81:22:
16:be:32:d0:8a:ee:20:de:0a:81:3c:98:c6:2c:3b:
bc:a4:b1:01:9b:a3:ba:60:92:8b:71:0c:3a:6f:31:
32:ac:4b:0a:8e:c1:7c:92:f2:08:09:1a:0c:18:b2:
2a:00:2d:6d:b7:46:36:6b:b7:d4:69:1d:12:34:18:
b2:55:94:2e:a7:aa:d9:37:01:04:bd:90:43:c1:8b:
97:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:00:07:74:50:12:80:B9:57:53:51:EC:0D:BA:AF:B7:4C:33:D3:9F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2gAHdFASgLlXU1HsDbqvt0wz058.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:cf:71:74:74:7d:62:db:88:bb:33:8b:9b:30:35:d9:61:95:
2e:11:c8:32:c2:7d:59:4b:b2:7e:69:b8:b3:db:84:6d:de:73:
29:58:45:e8:ff:10:f1:88:57:60:71:16:10:7b:1b:ad:96:57:
8d:f9:9f:eb:13:f2:55:07:09:7d:42:9d:a8:c4:a9:a6:04:ee:
fc:b9:c2:21:04:45:c3:41:d2:a4:de:64:0f:08:a9:3c:4d:d0:
c4:0f:a1:a3:5e:d0:6e:2d:42:6a:15:8f:f5:17:b9:97:c2:fd:
db:72:d7:28:73:48:49:ec:f8:94:74:eb:44:0e:49:99:f5:d3:
0b:18:e3:38:dd:33:31:3e:32:26:ba:99:1d:26:29:2f:9b:84:
fd:8f:99:c7:ae:b0:6b:2c:88:6c:d6:da:3a:e4:bc:b8:09:9f:
22:01:bd:cf:ef:36:df:4e:ed:18:d6:96:17:4e:ca:5c:8e:33:
65:5d:e0:da:cd:7e:62:b9:14:bc:6e:b8:cd:8c:f2:63:41:2d:
14:15:8a:92:f0:b9:c4:15:9f:d4:3c:b1:aa:06:ab:d1:9b:92:
65:b7:87:39:92:54:23:f7:97:17:73:d9:d2:35:21:65:5e:81:
0b:9c:ae:58:b0:f9:d4:01:08:da:a9:c9:65:6d:bf:53:bb:29:
14:8d:c1:ef
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR14wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjMx
NzUzMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBMDAwNzc0NTAxMjgw
Qjk1NzUzNTFFQzBEQkFBRkI3NEMzM0QzOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+nu99BX2TjyhseK8TtMiZrKn2cm2h8iPZGgiHyht1TyDqr14H
4TE6thVYCZSJwbmv+J1v5zTYKdbVuEqYZsfExNopFVGtbtHE6Aw6ReMdroCPgGP8
trq5v6gzNa2MZIcha7cQ6gX4qeerm/yK+eBxDaOUsmifCBr2JHCe5PmAxSJz0La1
wI0ZRxxoNAfapWdlmYR+ujIfFM7o/Qd/5Pzx11V+qSMt8RV7aPOQiP5a+tSBIha+
MtCK7iDeCoE8mMYsO7yksQGbo7pgkotxDDpvMTKsSwqOwXyS8ggJGgwYsioALW23
RjZrt9RpHRI0GLJVlC6nqtk3AQS9kEPBi5eJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2gAHdFASgLlXU1HsDbqvt0wz058wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJnQUhkRkFTZ0xsWFUx
SHNEYnF2dDB3ejA1OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAd89xdHR9YtuIuzOLmzA12WGVLhHIMsJ9
WUuyfmm4s9uEbd5zKVhF6P8Q8YhXYHEWEHsbrZZXjfmf6xPyVQcJfUKdqMSppgTu
/LnCIQRFw0HSpN5kDwipPE3QxA+ho17Qbi1CahWP9Re5l8L923LXKHNISez4lHTr
RA5JmfXTCxjjON0zMT4yJrqZHSYpL5uE/Y+Zx66wayyIbNbaOuS8uAmfIgG9z+82
307tGNaWF07KXI4zZV3g2s1+YrkUvG64zYzyY0EtFBWKkvC5xBWf1Dyxqgar0ZuS
ZbeHOZJUI/eXF3PZ0jUhZV6BC5yuWLD51AEI2qnJZW2/U7spFI3B7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:04 2024 by rpki-client on console-fra.rpki-client.org