Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2vsRjlIsCEQA9w70ziCYtD0MeNs.roa
File: 2vsRjlIsCEQA9w70ziCYtD0MeNs.roa (raw, json)
Hash identifier: sBxAv3/QBvGMnUf0tRY4rwMeuYeukV6bwgKwMOOW1GI=
Subject key identifier: DA:FB:11:8E:52:2C:08:44:00:F7:0E:F4:CE:20:98:B4:3D:0C:78:DB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 38A2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2vsRjlIsCEQA9w70ziCYtD0MeNs.roa
Signing time: Thu 04 Apr 2024 02:22:20 +0000
ROA not before: Thu 04 Apr 2024 02:22:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14498 (0x38a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 02:22:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DAFB118E522C084400F70EF4CE2098B43D0C78DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f9:27:fc:9d:d2:58:16:37:94:cf:91:b4:b9:
29:46:22:1b:d5:8d:91:8b:b1:a5:95:f1:c3:21:50:
aa:88:ff:7b:cc:ed:1f:f2:f1:3d:ae:9d:80:5e:ab:
f9:49:1e:ec:d3:d4:fb:fd:6c:69:d0:34:ee:d6:4e:
bb:a8:52:f0:1b:d0:16:1d:f5:9a:fc:4d:9d:53:ae:
6d:5e:9e:97:ab:73:e2:be:75:09:c9:53:7c:ea:84:
3d:89:d4:49:6b:a6:f8:49:b6:d7:7f:6b:ca:e2:d3:
fc:c3:70:91:79:65:66:21:78:47:36:54:4c:c0:8e:
f8:02:50:ce:46:1a:cb:39:c4:db:15:04:4f:13:d9:
57:0d:b0:77:87:c3:3f:95:ba:cd:ec:fd:61:d4:67:
58:07:93:f3:70:9f:80:fc:54:14:ff:2b:86:58:46:
80:21:15:a9:bf:d9:22:db:51:56:17:6a:3f:f5:cb:
19:16:80:97:39:66:34:43:d4:7e:f6:ae:df:d7:1d:
bf:76:43:5c:16:63:9f:ff:d9:4f:31:be:e7:86:f5:
05:26:97:ba:f7:3f:ac:7d:e7:c8:c1:8c:d7:50:64:
e3:a7:10:cc:f5:81:b8:b8:6b:6b:ef:87:5b:46:6e:
17:33:54:41:50:af:d1:d1:a0:33:49:aa:cd:af:2c:
3e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:FB:11:8E:52:2C:08:44:00:F7:0E:F4:CE:20:98:B4:3D:0C:78:DB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2vsRjlIsCEQA9w70ziCYtD0MeNs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:ff:26:5b:d6:48:6f:d4:3c:dd:ce:05:26:9c:ec:43:12:89:
5f:c4:a3:84:9f:f2:06:6e:f0:38:9d:04:73:2e:26:02:95:e4:
ad:f3:83:9b:a0:31:9b:b3:79:ac:80:8c:f9:3a:f3:5e:f0:f0:
99:52:a2:b5:63:36:93:2c:3a:9f:1e:28:33:8c:73:b9:88:1b:
0d:c9:7b:85:a4:c6:0d:0e:70:5a:30:76:4a:6a:1d:0d:e0:5f:
5f:48:90:74:cb:3b:55:98:f0:dc:58:4a:b4:6e:e9:cf:12:a1:
c0:57:57:f1:00:04:fb:34:37:5c:1a:d0:32:58:ac:0c:ae:c5:
a0:72:f8:fd:1d:29:f8:76:fd:bf:79:37:52:a8:82:94:50:8a:
0d:e3:9c:a1:66:46:26:da:42:6c:7b:cc:93:8d:cd:e1:ca:e1:
4c:cd:63:cd:64:41:c8:dc:44:30:3e:d1:9e:65:fe:67:9e:4f:
ef:70:5b:c9:3f:59:f6:6d:1a:6b:87:80:33:a4:57:67:81:ea:
c4:2d:71:45:68:6d:1d:2d:62:6e:06:cf:04:e8:06:13:3e:0e:
ea:06:e2:6b:e0:79:4d:58:e7:7e:83:65:8b:95:c6:0d:19:c7:
2a:32:21:89:f4:74:a4:e9:d0:99:56:ab:48:e3:11:81:45:a2:
b9:04:e0:1b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQw
MjIyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBRkIxMThFNTIyQzA4
NDQwMEY3MEVGNENFMjA5OEI0M0QwQzc4REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU+Sf8ndJYFjeUz5G0uSlGIhvVjZGLsaWV8cMhUKqI/3vM7R/y
8T2unYBeq/lJHuzT1Pv9bGnQNO7WTruoUvAb0BYd9Zr8TZ1Trm1enperc+K+dQnJ
U3zqhD2J1ElrpvhJttd/a8ri0/zDcJF5ZWYheEc2VEzAjvgCUM5GGss5xNsVBE8T
2VcNsHeHwz+Vus3s/WHUZ1gHk/Nwn4D8VBT/K4ZYRoAhFam/2SLbUVYXaj/1yxkW
gJc5ZjRD1H72rt/XHb92Q1wWY5//2U8xvueG9QUml7r3P6x958jBjNdQZOOnEMz1
gbi4a2vvh1tGbhczVEFQr9HRoDNJqs2vLD4LAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2vsRjlIsCEQA9w70ziCYtD0MeNswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJ2c1JqbElzQ0VRQTl3
NzB6aUNZdEQwTWVOcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAAv8mW9ZIb9Q83c4FJpzsQxKJX8SjhJ/y
Bm7wOJ0Ecy4mApXkrfODm6Axm7N5rICM+TrzXvDwmVKitWM2kyw6nx4oM4xzuYgb
Dcl7haTGDQ5wWjB2SmodDeBfX0iQdMs7VZjw3FhKtG7pzxKhwFdX8QAE+zQ3XBrQ
MlisDK7FoHL4/R0p+Hb9v3k3UqiClFCKDeOcoWZGJtpCbHvMk43N4crhTM1jzWRB
yNxEMD7RnmX+Z55P73BbyT9Z9m0aa4eAM6RXZ4HqxC1xRWhtHS1ibgbPBOgGEz4O
6gbia+B5TVjnfoNli5XGDRnHKjIhifR0pOnQmVarSOMRgUWiuQTgGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:04 2024 by rpki-client on console-fra.rpki-client.org