Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2qwuri_y4USHjk4mB1LjMglVzCM.roa
File: 2qwuri_y4USHjk4mB1LjMglVzCM.roa (raw, json)
Hash identifier: FOQAGYBpaTxoB3RdrleD/vmKnviB2DzW4fV4e0KqH4g=
Subject key identifier: DA:AC:2E:AE:2F:F2:E1:44:87:8E:4E:26:07:52:E3:32:09:55:CC:23
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 351E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2qwuri_y4USHjk4mB1LjMglVzCM.roa
Signing time: Sat 30 Mar 2024 09:52:06 +0000
ROA not before: Sat 30 Mar 2024 09:52:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13598 (0x351e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 09:52:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DAAC2EAE2FF2E144878E4E260752E3320955CC23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c2:37:12:9a:76:6d:82:c9:d8:3c:90:c5:b3:
e0:6c:c3:ff:8c:15:a9:cd:c1:5d:f5:b9:46:39:3b:
fc:76:57:56:f0:cb:56:fd:81:d0:39:45:39:d0:db:
e3:82:2f:4b:e4:a9:2c:f8:1f:0b:cf:17:e3:fd:23:
25:e4:73:06:bc:92:78:28:d5:fb:ac:8d:a1:cf:d3:
ba:4a:d2:c4:a3:a7:e6:dc:e3:3f:d7:f9:1c:80:2b:
4a:f1:92:ef:e1:d1:5c:35:a5:62:97:1e:8c:07:89:
84:bc:9b:2d:f0:4e:10:d8:b2:e2:ea:e5:85:ef:88:
80:11:98:0a:e7:83:2a:f5:e0:9b:d7:e3:cb:d5:b9:
4c:9d:7a:ca:07:1d:1c:bd:83:c7:f7:89:44:86:59:
65:63:28:b6:fa:63:95:e8:67:25:16:78:f6:27:c3:
13:f1:4b:a4:f3:f8:4a:aa:75:6f:ed:56:ee:6c:ed:
a8:7a:e2:83:02:67:ce:86:f3:0a:04:79:d6:03:7c:
31:71:f5:ac:a0:9d:02:2c:d2:fd:cd:01:0f:27:cd:
73:dc:04:26:83:9c:b6:a6:a0:41:2f:49:93:ac:a5:
b7:f6:e7:2b:38:18:40:81:c4:33:39:e9:fc:8c:a9:
84:e2:15:82:02:6f:b3:90:59:f7:3b:31:31:4d:b2:
ad:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AC:2E:AE:2F:F2:E1:44:87:8E:4E:26:07:52:E3:32:09:55:CC:23
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2qwuri_y4USHjk4mB1LjMglVzCM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:88:40:f0:f2:dc:fa:30:c3:49:2c:e2:e9:17:26:ba:b2:44:
0c:b0:7d:f6:e8:93:5e:d8:f4:a9:86:62:b4:3f:12:61:bd:61:
ec:cc:32:89:d4:5c:e2:46:fd:1e:25:16:81:40:01:ec:55:65:
f5:ff:99:b6:bb:2e:48:3c:d3:f9:17:26:82:fb:aa:cd:39:4c:
74:2d:d8:ae:45:2f:7d:bb:0c:2c:93:15:49:dd:44:7e:58:5a:
79:12:89:4d:f0:ce:1e:98:5c:5f:37:b9:b3:0c:1c:b9:9b:91:
3e:63:ff:b4:4b:92:8e:30:c1:c8:33:06:21:f8:3a:20:e7:26:
27:7d:15:62:83:64:ca:b7:96:e7:35:1f:88:f5:d6:1c:65:39:
a1:a7:df:a6:d0:c4:67:c7:b3:86:5e:34:fe:cc:e5:dd:9c:f0:
22:9c:6d:94:84:e3:cf:de:ac:c3:3f:f8:e3:a8:47:56:d2:67:
a6:64:97:50:37:65:48:89:83:5c:fc:c6:78:6e:e8:a8:ef:25:
ce:a8:55:8c:a8:cf:28:17:84:b3:68:d3:fd:5c:7f:57:35:ab:
ff:ce:d1:6d:a4:10:54:4d:2f:fc:ca:57:3f:5f:ed:5a:68:49:
21:3c:ae:bc:2b:18:ae:71:01:11:bc:53:f6:e2:3a:02:b5:99:
07:fa:73:0a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNR4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
OTUyMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBQUMyRUFFMkZGMkUx
NDQ4NzhFNEUyNjA3NTJFMzMyMDk1NUNDMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3wjcSmnZtgsnYPJDFs+Bsw/+MFanNwV31uUY5O/x2V1bwy1b9
gdA5RTnQ2+OCL0vkqSz4HwvPF+P9IyXkcwa8kngo1fusjaHP07pK0sSjp+bc4z/X
+RyAK0rxku/h0Vw1pWKXHowHiYS8my3wThDYsuLq5YXviIARmArngyr14JvX48vV
uUydesoHHRy9g8f3iUSGWWVjKLb6Y5XoZyUWePYnwxPxS6Tz+EqqdW/tVu5s7ah6
4oMCZ86G8woEedYDfDFx9aygnQIs0v3NAQ8nzXPcBCaDnLamoEEvSZOspbf25ys4
GECBxDM56fyMqYTiFYICb7OQWfc7MTFNsq2NAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2qwuri/y4USHjk4mB1LjMglVzCMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJxd3VyaV95NFVTSGpr
NG1CMUxqTWdsVnpDTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAVIhA8PLc+jDDSSzi6RcmurJEDLB99uiT
Xtj0qYZitD8SYb1h7MwyidRc4kb9HiUWgUAB7FVl9f+ZtrsuSDzT+RcmgvuqzTlM
dC3YrkUvfbsMLJMVSd1EflhaeRKJTfDOHphcXze5swwcuZuRPmP/tEuSjjDByDMG
Ifg6IOcmJ30VYoNkyreW5zUfiPXWHGU5oaffptDEZ8ezhl40/szl3ZzwIpxtlITj
z96swz/446hHVtJnpmSXUDdlSImDXPzGeG7oqO8lzqhVjKjPKBeEs2jT/Vx/VzWr
/87RbaQQVE0v/MpXP1/tWmhJITyuvCsYrnEBEbxT9uI6ArWZB/pzCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:12 2024 by rpki-client on console-ams.rpki-client.org