Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2h59K2BhJ61jkWSirFn_GYqG8C4.roa
File: 2h59K2BhJ61jkWSirFn_GYqG8C4.roa (raw, json)
Hash identifier: 3WgBGXf5fPsQVdpdPJl+NOmLw7ztnbaR3bwaY/G558M=
Subject key identifier: DA:1E:7D:2B:60:61:27:AD:63:91:64:A2:AC:59:FF:19:8A:86:F0:2E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4186
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2h59K2BhJ61jkWSirFn_GYqG8C4.roa
Signing time: Mon 15 Apr 2024 22:52:55 +0000
ROA not before: Mon 15 Apr 2024 22:52:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16774 (0x4186)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 22:52:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DA1E7D2B606127AD639164A2AC59FF198A86F02E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e7:9e:58:c9:ce:f4:21:ab:c2:dc:01:12:f0:
63:9e:9f:26:51:05:13:51:b5:32:4c:e1:c6:71:57:
11:79:b2:59:c2:91:74:55:48:f6:26:85:bb:c6:25:
82:98:80:6f:30:77:16:db:3b:30:37:0a:73:f8:67:
f0:fa:8c:63:94:b0:02:fc:9e:ed:a3:08:ea:4f:60:
2c:80:b3:12:b4:e2:98:1c:40:0a:10:fb:b7:e7:6c:
fd:ad:a2:15:26:39:a2:4e:a9:2d:b3:43:fa:4e:b7:
28:7b:12:91:e2:ef:2c:33:88:15:13:2b:9f:ff:38:
bd:a5:52:be:6c:6b:98:96:d5:58:72:ef:5b:1c:72:
e0:56:05:c9:79:0f:3c:43:3a:38:c0:e8:fa:a9:b3:
e9:41:bf:86:89:93:b0:dc:55:63:e1:cc:55:eb:f5:
60:bd:b5:51:80:cf:73:cb:2e:df:31:e0:02:a5:a0:
28:fa:2c:95:cd:a4:f0:f1:14:9f:b7:24:49:af:43:
b7:d9:37:30:4d:e8:e9:0d:fe:ec:40:1e:ba:f8:e1:
de:57:7c:cf:ce:06:58:de:ab:9b:70:c5:b8:f2:97:
33:ed:95:7e:a9:d2:05:e0:04:51:11:70:b3:0b:7f:
48:4c:00:e4:58:b3:0a:fc:54:ae:8e:c9:85:46:bd:
23:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1E:7D:2B:60:61:27:AD:63:91:64:A2:AC:59:FF:19:8A:86:F0:2E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2h59K2BhJ61jkWSirFn_GYqG8C4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:b4:10:95:50:2f:d8:64:15:fc:b1:da:bc:44:f1:55:cf:39:
71:9e:c1:4a:a8:26:31:60:8e:1a:55:e7:20:92:f6:b7:28:b8:
a5:04:69:3d:88:cf:c9:85:d6:01:2c:4e:b0:7d:49:89:01:57:
18:d0:1f:ca:9f:3f:a0:23:5a:8d:1f:8b:c7:6c:b7:90:b3:7e:
12:43:ec:a0:cc:51:26:2f:03:ef:d9:87:25:85:97:87:7a:fc:
01:c3:92:94:e1:32:7a:f5:30:06:8f:93:79:48:d5:d5:ab:dc:
fd:56:52:78:69:05:56:74:97:0a:74:92:50:4b:49:92:b2:8b:
e8:82:bb:35:4d:f5:50:84:50:75:66:95:6f:0b:30:e8:b7:63:
57:a9:1d:12:1d:39:0c:a4:31:67:f3:4b:6b:ff:89:e1:ba:17:
12:c9:2e:9c:17:a8:1b:3f:a4:68:1d:c6:99:da:ff:b9:7e:9e:
88:a4:30:fd:ba:74:d3:4a:0f:3a:a4:9b:43:25:0e:6d:4d:2a:
d2:ad:12:e6:f2:03:0f:c9:ad:28:a8:d2:16:c5:14:60:a2:81:
38:fd:3e:6e:d0:c8:bf:45:e5:cc:e9:02:f2:cb:c7:44:de:15:
50:5c:67:f6:c0:15:59:11:a0:15:86:df:6c:d5:07:17:2b:24:
ce:b6:a3:0e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQYYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUy
MjUyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBMUU3RDJCNjA2MTI3
QUQ2MzkxNjRBMkFDNTlGRjE5OEE4NkYwMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN555Yyc70IavC3AES8GOenyZRBRNRtTJM4cZxVxF5slnCkXRV
SPYmhbvGJYKYgG8wdxbbOzA3CnP4Z/D6jGOUsAL8nu2jCOpPYCyAsxK04pgcQAoQ
+7fnbP2tohUmOaJOqS2zQ/pOtyh7EpHi7ywziBUTK5//OL2lUr5sa5iW1Vhy71sc
cuBWBcl5DzxDOjjA6Pqps+lBv4aJk7DcVWPhzFXr9WC9tVGAz3PLLt8x4AKloCj6
LJXNpPDxFJ+3JEmvQ7fZNzBN6OkN/uxAHrr44d5XfM/OBljeq5twxbjylzPtlX6p
0gXgBFERcLMLf0hMAORYswr8VK6OyYVGvSPRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2h59K2BhJ61jkWSirFn/GYqG8C4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJoNTlLMkJoSjYxamtX
U2lyRm5fR1lxRzhDNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAXbQQlVAv2GQV/LHavETxVc85cZ7BSqgm
MWCOGlXnIJL2tyi4pQRpPYjPyYXWASxOsH1JiQFXGNAfyp8/oCNajR+Lx2y3kLN+
EkPsoMxRJi8D79mHJYWXh3r8AcOSlOEyevUwBo+TeUjV1avc/VZSeGkFVnSXCnSS
UEtJkrKL6IK7NU31UIRQdWaVbwsw6LdjV6kdEh05DKQxZ/NLa/+J4boXEskunBeo
Gz+kaB3Gmdr/uX6eiKQw/bp000oPOqSbQyUObU0q0q0S5vIDD8mtKKjSFsUUYKKB
OP0+btDIv0XlzOkC8svHRN4VUFxn9sAVWRGgFYbfbNUHFyskzrajDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:04 2024 by rpki-client on console-fra.rpki-client.org