Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3wxKBiBEE2zHXx54rdpHDdyMros.roa
File: 3wxKBiBEE2zHXx54rdpHDdyMros.roa (raw, json)
Hash identifier: Z+f0qoEtX9bWME+YRr7qm5sWkp/LJOKj5/oiHRq2Pno=
Subject key identifier: DF:0C:4A:06:20:44:13:6C:C7:5F:1E:78:AD:DA:47:0D:DC:8C:AE:8B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D42
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3wxKBiBEE2zHXx54rdpHDdyMros.roa
Signing time: Wed 10 Apr 2024 06:22:38 +0000
ROA not before: Wed 10 Apr 2024 06:22:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15682 (0x3d42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 06:22:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DF0C4A062044136CC75F1E78ADDA470DDC8CAE8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:28:c1:89:31:e3:27:18:b6:a3:85:5a:49:a5:
5c:a3:9f:93:df:26:21:4c:47:e0:fb:85:71:15:e0:
1f:ae:13:7b:cc:b8:91:61:06:da:e2:fb:9d:aa:b3:
8f:a8:73:c9:9e:ae:70:c8:88:33:5b:b5:d2:5c:65:
2a:49:17:84:8d:40:a9:7b:cb:bf:dc:1c:e4:d7:09:
24:64:3b:a6:27:ee:57:d1:29:d2:29:41:74:96:96:
56:b3:44:8b:ff:ca:96:64:fc:bf:ed:fb:02:d7:b3:
07:5a:45:77:b2:0b:9d:d9:25:cc:5d:0b:fc:0c:20:
cb:67:7f:ac:75:11:b0:2f:c0:41:33:21:6d:8c:ee:
98:e2:b4:91:55:e8:ff:12:d5:4c:ff:0b:a2:ba:23:
32:c0:c3:cb:48:3a:e8:08:b0:67:9a:7e:30:92:1d:
7d:30:c7:7d:4f:2d:e4:92:2e:b0:95:59:cb:e0:80:
0a:61:05:ff:b8:69:59:aa:e1:6b:9b:40:d3:36:92:
07:1f:e6:71:e3:54:73:45:b8:3f:2f:f1:3c:8a:8e:
7b:dc:69:9b:a7:7d:fa:dd:aa:60:86:19:f9:2d:f8:
00:94:83:e6:96:6b:f5:9c:b9:e0:68:64:08:12:8a:
eb:e8:49:4a:c9:4f:11:f6:c8:d1:64:ff:42:d5:4a:
44:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:0C:4A:06:20:44:13:6C:C7:5F:1E:78:AD:DA:47:0D:DC:8C:AE:8B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3wxKBiBEE2zHXx54rdpHDdyMros.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:88:c8:10:c3:72:9e:2f:e2:7f:e2:5b:c6:74:51:8c:ae:a8:
1c:89:c5:34:82:7d:a1:02:a6:03:0d:44:d7:b3:83:87:d4:54:
2d:a1:eb:13:de:73:39:a6:92:42:0d:50:8b:8c:fb:b0:9b:8f:
88:e0:c0:76:eb:71:94:02:87:2b:1b:88:9c:41:47:3d:b3:d4:
75:95:e2:c4:1a:4b:43:cf:92:0f:71:af:cb:7c:65:bf:9f:4d:
cd:f7:cd:68:84:5f:39:f9:12:44:68:2d:2d:9d:71:d3:a2:b6:
4e:c1:5f:c3:bd:9d:4b:57:8a:13:5c:c8:94:6e:95:d7:b1:79:
d8:4f:b7:b4:c2:f4:30:90:57:61:ed:a1:ef:6d:1b:5f:d0:18:
91:59:c6:31:f9:d9:10:4d:fe:84:e3:34:ee:02:b9:66:95:b2:
ff:6f:8e:64:fa:88:8b:18:b6:e9:51:70:80:0d:79:09:50:a4:
06:03:b1:00:d0:0e:e1:4f:32:8c:aa:61:6e:59:66:f4:ee:0e:
72:79:98:9a:07:4b:69:00:df:46:35:4d:60:0d:32:89:66:c8:
43:ad:51:e8:6b:b0:b0:a1:84:9f:d2:92:04:72:5e:1c:48:7c:
51:cb:3f:53:c5:5a:09:56:04:2c:57:3e:f2:03:72:56:d8:3c:
d5:53:1b:4b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPUIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
NjIyMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERGMEM0QTA2MjA0NDEz
NkNDNzVGMUU3OEFEREE0NzBEREM4Q0FFOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZKMGJMeMnGLajhVpJpVyjn5PfJiFMR+D7hXEV4B+uE3vMuJFh
Btri+52qs4+oc8mernDIiDNbtdJcZSpJF4SNQKl7y7/cHOTXCSRkO6Yn7lfRKdIp
QXSWllazRIv/ypZk/L/t+wLXswdaRXeyC53ZJcxdC/wMIMtnf6x1EbAvwEEzIW2M
7pjitJFV6P8S1Uz/C6K6IzLAw8tIOugIsGeafjCSHX0wx31PLeSSLrCVWcvggAph
Bf+4aVmq4WubQNM2kgcf5nHjVHNFuD8v8TyKjnvcaZunffrdqmCGGfkt+ACUg+aW
a/WcueBoZAgSiuvoSUrJTxH2yNFk/0LVSkRNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU3wxKBiBEE2zHXx54rdpHDdyMroswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzN3eEtCaUJFRTJ6SFh4
NTRyZHBIRGR5TXJvcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAfYjIEMNyni/if+JbxnRRjK6oHInFNIJ9
oQKmAw1E17ODh9RULaHrE95zOaaSQg1Qi4z7sJuPiODAdutxlAKHKxuInEFHPbPU
dZXixBpLQ8+SD3Gvy3xlv59NzffNaIRfOfkSRGgtLZ1x06K2TsFfw72dS1eKE1zI
lG6V17F52E+3tML0MJBXYe2h720bX9AYkVnGMfnZEE3+hOM07gK5ZpWy/2+OZPqI
ixi26VFwgA15CVCkBgOxANAO4U8yjKphbllm9O4OcnmYmgdLaQDfRjVNYA0yiWbI
Q61R6GuwsKGEn9KSBHJeHEh8Ucs/U8VaCVYELFc+8gNyVtg81VMbSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:05 2024 by rpki-client on console-fra.rpki-client.org