Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4DTbIyKwdjhJ5CgVciLTSLhR3KQ.roa
File: 4DTbIyKwdjhJ5CgVciLTSLhR3KQ.roa (raw, json)
Hash identifier: mxzdajuZm11IDjfYxmdGAi66TWKUtnNwVpg/h2FJVyo=
Subject key identifier: E0:34:DB:23:22:B0:76:38:49:E4:28:15:72:22:D3:48:B8:51:DC:A4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43D6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4DTbIyKwdjhJ5CgVciLTSLhR3KQ.roa
Signing time: Fri 19 Apr 2024 00:53:01 +0000
ROA not before: Fri 19 Apr 2024 00:53:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17366 (0x43d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 00:53:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E034DB2322B0763849E428157222D348B851DCA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f2:ae:b3:91:a2:3f:9b:24:0b:2b:49:71:76:
95:b6:d3:47:0c:a2:65:ee:de:45:cc:d2:99:a2:b7:
91:ca:f9:db:ea:40:ea:63:90:af:43:dd:50:c0:89:
a8:c8:0a:22:6f:01:f4:de:0c:16:37:75:0f:a3:83:
13:b3:91:2b:0c:e6:65:2e:cd:bb:bd:e2:62:64:ae:
c7:cd:dc:49:bf:08:44:a0:b8:34:dd:0e:3d:78:ee:
2d:ce:3e:c4:b1:da:1f:86:5f:d9:f2:b5:dc:7c:8a:
e0:1d:e3:98:c1:de:15:ed:7a:35:1b:81:bf:f8:b1:
f7:fb:90:e8:1d:77:e4:36:d2:c0:31:38:41:ad:79:
ff:de:98:a6:4e:c6:22:6d:74:c1:64:d7:36:d2:eb:
05:d2:58:3d:0d:58:7b:0a:8a:0c:02:40:f6:ec:7b:
70:4e:3c:9d:b7:b3:8a:0c:03:ff:b8:65:c5:99:99:
6a:85:ec:86:3a:69:05:fc:ec:34:3a:2b:5d:05:77:
ec:1c:c4:a3:39:91:35:7c:ae:32:c9:8e:91:a0:80:
c4:4f:75:d8:10:69:5f:52:cb:cc:c2:de:45:a8:a7:
88:4b:eb:57:7a:32:7e:97:7b:a8:91:10:f1:08:f0:
e1:44:7b:33:67:f1:09:cd:cf:ff:e9:0e:f3:24:34:
90:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:34:DB:23:22:B0:76:38:49:E4:28:15:72:22:D3:48:B8:51:DC:A4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4DTbIyKwdjhJ5CgVciLTSLhR3KQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:e2:b0:34:cb:f9:60:68:89:a2:72:21:5f:bd:41:b6:34:9e:
48:33:f6:b7:26:6a:94:91:68:34:a9:5a:79:92:91:91:5f:29:
3d:96:c9:ef:3e:61:15:87:5c:8b:f7:d8:95:27:5a:dd:52:03:
8c:28:82:95:2f:26:22:59:ea:c0:32:5a:ef:c7:c8:aa:c1:62:
d1:7c:ef:07:a4:43:47:6f:b5:be:50:c9:fb:48:99:1e:22:26:
ed:ed:71:a8:ac:ab:55:fe:71:93:9f:8e:fe:8a:0a:67:33:d8:
a4:9c:9e:ee:cf:c9:72:88:bc:99:6e:c5:16:82:5c:9c:89:f7:
fe:6b:3f:9d:1f:06:a9:58:3a:43:42:04:d7:e9:48:98:a2:b0:
45:46:3b:8f:3e:1c:6f:f2:20:67:f7:fa:60:6b:ac:31:8d:c9:
aa:8b:a7:2d:5c:e6:dd:ff:21:53:89:7d:56:90:53:71:94:2c:
50:f9:1e:90:30:72:a0:aa:00:fc:ee:9b:3f:b8:8c:78:7a:d1:
a2:a4:6e:13:86:a5:dd:3c:d8:de:b3:bb:e4:16:c9:26:fd:8e:
d9:30:76:a7:b8:27:8f:4c:39:f6:a0:0b:9b:f9:10:75:6b:ff:
91:b4:df:82:54:a4:71:7b:f5:99:b4:0f:cf:7b:45:1a:02:5c:
83:bf:80:8b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ9YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
MDUzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUwMzREQjIzMjJCMDc2
Mzg0OUU0MjgxNTcyMjJEMzQ4Qjg1MURDQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC48q6zkaI/myQLK0lxdpW200cMomXu3kXM0pmit5HK+dvqQOpj
kK9D3VDAiajICiJvAfTeDBY3dQ+jgxOzkSsM5mUuzbu94mJkrsfN3Em/CESguDTd
Dj147i3OPsSx2h+GX9nytdx8iuAd45jB3hXtejUbgb/4sff7kOgdd+Q20sAxOEGt
ef/emKZOxiJtdMFk1zbS6wXSWD0NWHsKigwCQPbse3BOPJ23s4oMA/+4ZcWZmWqF
7IY6aQX87DQ6K10Fd+wcxKM5kTV8rjLJjpGggMRPddgQaV9Sy8zC3kWop4hL61d6
Mn6Xe6iREPEI8OFEezNn8QnNz//pDvMkNJB5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU4DTbIyKwdjhJ5CgVciLTSLhR3KQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzREVGJJeUt3ZGpoSjVD
Z1ZjaUxUU0xoUjNLUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAjOKwNMv5YGiJonIhX71BtjSeSDP2tyZq
lJFoNKlaeZKRkV8pPZbJ7z5hFYdci/fYlSda3VIDjCiClS8mIlnqwDJa78fIqsFi
0XzvB6RDR2+1vlDJ+0iZHiIm7e1xqKyrVf5xk5+O/ooKZzPYpJye7s/Jcoi8mW7F
FoJcnIn3/ms/nR8GqVg6Q0IE1+lImKKwRUY7jz4cb/IgZ/f6YGusMY3JqounLVzm
3f8hU4l9VpBTcZQsUPkekDByoKoA/O6bP7iMeHrRoqRuE4al3TzY3rO75BbJJv2O
2TB2p7gnj0w59qALm/kQdWv/kbTfglSkcXv1mbQPz3tFGgJcg7+Aiw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:13 2024 by rpki-client on console-ams.rpki-client.org