Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3kn826FVKdg149y8QqsRbBcIbuw.roa
File: 3kn826FVKdg149y8QqsRbBcIbuw.roa (raw, json)
Hash identifier: XxQrUcOMnPJljhfsXBHsDVhAUxxp3AmQFIbEqRrJgeo=
Subject key identifier: DE:49:FC:DB:A1:55:29:D8:35:E3:DC:BC:42:AB:11:6C:17:08:6E:EC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D7E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3kn826FVKdg149y8QqsRbBcIbuw.roa
Signing time: Wed 10 Apr 2024 13:52:46 +0000
ROA not before: Wed 10 Apr 2024 13:52:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15742 (0x3d7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 13:52:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DE49FCDBA15529D835E3DCBC42AB116C17086EEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:dd:c0:22:cd:3f:26:30:c5:a9:5b:f6:d6:ac:
79:a9:27:fa:10:5c:cd:4a:2c:aa:8a:5a:97:97:65:
1e:b5:6c:b2:90:76:e4:41:0d:6f:8d:f6:90:f3:c1:
5a:c4:70:97:9f:29:70:7e:a9:00:66:8f:b0:db:63:
a3:e8:c8:d8:91:e7:05:c0:e5:32:31:cd:ed:a8:47:
c7:f9:e8:f1:48:73:1a:f8:a8:05:0c:0c:73:5f:2d:
a6:f6:9e:82:34:c6:d5:92:ed:7b:9a:7f:00:23:b9:
87:3f:f8:6c:66:f2:4f:64:e2:f6:1b:20:09:1e:78:
98:a4:16:38:d7:4e:e2:bb:46:61:1e:80:69:d7:61:
c4:c8:2a:ae:24:87:27:3b:9e:68:7b:20:d3:4e:6c:
55:38:85:32:5c:38:94:8a:a4:09:6d:82:25:e9:b1:
c5:c4:f0:44:95:78:51:ba:23:31:8a:a3:6e:55:ae:
b6:2c:15:76:28:2a:ad:3e:06:23:1a:de:db:48:66:
99:f5:24:59:94:26:7e:1d:3e:81:3e:e7:da:bd:58:
1f:6d:b6:62:0f:c6:ef:fd:19:88:3c:85:67:9f:44:
58:dc:08:46:9e:93:ce:f5:b0:40:91:36:13:2b:6a:
f1:e7:26:04:81:d0:0e:36:9d:a1:80:7b:64:27:a7:
a6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:49:FC:DB:A1:55:29:D8:35:E3:DC:BC:42:AB:11:6C:17:08:6E:EC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3kn826FVKdg149y8QqsRbBcIbuw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:ba:83:2e:46:2d:bc:54:66:c7:06:3a:c5:81:21:01:55:f2:
f3:4c:47:35:1b:1f:cc:90:50:57:be:83:77:b6:2d:ca:39:cf:
ce:34:f6:4b:8e:e9:ef:26:54:05:c0:ef:30:c0:21:f6:fa:0e:
42:a0:70:cf:43:32:b5:8f:02:69:3a:e2:7b:d8:a6:8c:8e:53:
64:e0:a0:f1:df:0b:f1:80:b3:74:7c:eb:4d:b9:26:10:6b:cc:
70:6e:5c:16:30:74:e7:ea:6c:9f:19:c9:43:d4:72:79:5c:56:
b1:2b:64:15:40:95:b3:76:45:20:af:c3:6e:87:3a:4f:78:3f:
20:99:f3:8f:08:b4:2c:cb:b3:ff:f6:1e:be:f7:0c:cd:0f:a7:
5d:af:80:ee:54:21:a0:8b:99:c4:0f:64:cf:89:67:e4:e8:ac:
76:f4:7a:c9:64:c6:04:16:dc:bd:0c:ce:19:4c:c4:f9:f6:03:
c6:b0:c5:c5:39:7f:c9:ec:b1:30:fa:d6:69:3d:69:33:3a:27:
55:52:53:28:28:7e:83:88:bf:ad:25:0f:c9:8c:b2:b9:e5:89:
36:4c:80:3a:8b:69:ec:d4:8f:55:ce:a6:e6:e4:cd:cf:4c:b2:
a6:bb:b9:87:97:3f:93:bb:ef:50:70:f1:a2:a4:5b:ff:3a:25:
2b:c6:7e:0b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPX4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAx
MzUyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERFNDlGQ0RCQTE1NTI5
RDgzNUUzRENCQzQyQUIxMTZDMTcwODZFRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo3cAizT8mMMWpW/bWrHmpJ/oQXM1KLKqKWpeXZR61bLKQduRB
DW+N9pDzwVrEcJefKXB+qQBmj7DbY6PoyNiR5wXA5TIxze2oR8f56PFIcxr4qAUM
DHNfLab2noI0xtWS7XuafwAjuYc/+Gxm8k9k4vYbIAkeeJikFjjXTuK7RmEegGnX
YcTIKq4khyc7nmh7INNObFU4hTJcOJSKpAltgiXpscXE8ESVeFG6IzGKo25VrrYs
FXYoKq0+BiMa3ttIZpn1JFmUJn4dPoE+59q9WB9ttmIPxu/9GYg8hWefRFjcCEae
k871sECRNhMravHnJgSB0A42naGAe2Qnp6ZzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU3kn826FVKdg149y8QqsRbBcIbuwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNrbjgyNkZWS2RnMTQ5
eThRcXNSYkJjSWJ1dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAFrqDLkYtvFRmxwY6xYEhAVXy80xHNRsf
zJBQV76Dd7YtyjnPzjT2S47p7yZUBcDvMMAh9voOQqBwz0MytY8CaTrie9imjI5T
ZOCg8d8L8YCzdHzrTbkmEGvMcG5cFjB05+psnxnJQ9RyeVxWsStkFUCVs3ZFIK/D
boc6T3g/IJnzjwi0LMuz//YevvcMzQ+nXa+A7lQhoIuZxA9kz4ln5OisdvR6yWTG
BBbcvQzOGUzE+fYDxrDFxTl/yeyxMPrWaT1pMzonVVJTKCh+g4i/rSUPyYyyueWJ
NkyAOotp7NSPVc6m5uTNz0yypru5h5c/k7vvUHDxoqRb/zolK8Z+Cw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:05 2024 by rpki-client on console-fra.rpki-client.org