Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4wWArM3YLe7635DysvS5Rh7_WZk.roa
File: 4wWArM3YLe7635DysvS5Rh7_WZk.roa (raw, json)
Hash identifier: cvkSSfAiLdutUMbduulqtxCRtxyoSqHPxx2qqq2QIFA=
Subject key identifier: E3:05:80:AC:CD:D8:2D:EE:FA:DF:90:F2:B2:F4:B9:46:1E:FF:59:99
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DB2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4wWArM3YLe7635DysvS5Rh7_WZk.roa
Signing time: Wed 10 Apr 2024 20:22:43 +0000
ROA not before: Wed 10 Apr 2024 20:22:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15794 (0x3db2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 20:22:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E30580ACCDD82DEEFADF90F2B2F4B9461EFF5999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:53:40:27:7c:4a:28:b8:81:8a:ac:55:dc:1d:
1c:51:1d:85:66:92:15:99:46:43:ae:1a:5a:e9:59:
dc:6a:86:fb:bc:dd:86:a4:27:8d:ac:49:5d:9e:53:
8e:d7:60:68:59:f6:c3:fc:02:57:ba:ce:60:86:1b:
54:8d:e8:a5:98:77:81:67:49:70:94:5b:9a:5d:79:
01:bf:c7:91:84:bb:d6:36:d8:ad:fe:16:3d:88:74:
4e:cb:12:62:4b:20:b8:e2:b6:db:fd:ed:b3:64:d6:
38:a8:9b:7e:f2:38:c7:c9:47:7c:79:9e:2a:ab:2f:
5a:3e:d4:20:11:1d:7b:3a:e0:fa:10:a1:2d:4a:61:
4a:4e:2a:0b:5a:af:ee:ac:3b:86:19:17:67:c4:97:
c6:bb:8e:ea:6f:37:8f:63:b1:ea:3b:a0:05:46:e8:
f2:e0:dc:03:eb:d5:ab:7e:fb:e3:f7:15:2d:39:d7:
44:4b:40:be:c5:08:f7:94:a7:85:f0:61:bd:0d:b0:
8d:c1:ae:64:06:a2:e1:57:23:6d:a0:77:39:3e:bd:
eb:01:f6:4a:b0:8e:b9:1f:d8:f9:4a:d1:71:a9:cc:
0f:53:c3:96:64:7e:d7:5e:3b:ff:a9:05:ee:ab:f5:
39:b4:a4:7d:2f:4d:67:6b:20:91:ab:fe:3b:dc:c7:
50:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:05:80:AC:CD:D8:2D:EE:FA:DF:90:F2:B2:F4:B9:46:1E:FF:59:99
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4wWArM3YLe7635DysvS5Rh7_WZk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
67:0a:b2:fe:20:04:b1:d0:f1:8a:4a:92:5c:9d:5b:59:01:18:
34:a2:ef:2c:78:ed:29:f6:63:7f:5a:ff:df:a1:13:67:2a:fb:
45:dd:b2:b9:56:10:6f:91:6d:8b:c3:18:c5:6a:0e:42:48:52:
1b:29:18:30:36:58:ed:70:bd:fd:cb:21:b8:30:10:2e:a0:f0:
1b:b9:f0:2d:a7:8d:a8:c6:8d:a6:ae:23:97:64:11:07:f1:a2:
79:b5:aa:21:b2:d4:41:ae:4c:1a:4a:bb:7e:d6:40:b6:6b:be:
1b:25:a8:1c:14:bd:3a:50:c8:95:d5:83:5c:70:1f:41:e9:f3:
df:3d:53:5f:18:53:cc:b9:b6:a0:3c:39:58:c4:f5:33:43:18:
4c:20:0e:76:de:3e:eb:17:68:cb:90:9e:8f:97:bf:87:00:f5:
e8:75:bb:cb:8d:ee:ff:2e:8a:cf:5a:a0:6c:5d:6d:36:77:ae:
47:d0:78:42:bc:f8:3d:3a:c1:cf:69:49:2b:83:42:bf:33:30:
2e:25:7a:25:3d:0a:4c:2d:c1:ce:e0:32:7b:39:97:03:37:7e:
38:c3:dc:61:bf:82:eb:b8:19:01:1e:0f:4c:9c:c9:d3:7a:ed:
22:95:52:f0:e7:cd:9f:f9:54:86:72:df:b6:88:8e:52:b7:a5:
ef:91:02:dc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPbIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAy
MDIyNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUzMDU4MEFDQ0REODJE
RUVGQURGOTBGMkIyRjRCOTQ2MUVGRjU5OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCU0AnfEoouIGKrFXcHRxRHYVmkhWZRkOuGlrpWdxqhvu83Yak
J42sSV2eU47XYGhZ9sP8Ale6zmCGG1SN6KWYd4FnSXCUW5pdeQG/x5GEu9Y22K3+
Fj2IdE7LEmJLILjittv97bNk1jiom37yOMfJR3x5niqrL1o+1CARHXs64PoQoS1K
YUpOKgtar+6sO4YZF2fEl8a7jupvN49jseo7oAVG6PLg3APr1at+++P3FS0510RL
QL7FCPeUp4XwYb0NsI3BrmQGouFXI22gdzk+vesB9kqwjrkf2PlK0XGpzA9Tw5Zk
ftdeO/+pBe6r9Tm0pH0vTWdrIJGr/jvcx1A3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU4wWArM3YLe7635DysvS5Rh7/WZkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzR3V0FyTTNZTGU3NjM1
RHlzdlM1Umg3X1daay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAZwqy/iAEsdDxikqSXJ1bWQEYNKLvLHjt
KfZjf1r/36ETZyr7Rd2yuVYQb5Fti8MYxWoOQkhSGykYMDZY7XC9/cshuDAQLqDw
G7nwLaeNqMaNpq4jl2QRB/GiebWqIbLUQa5MGkq7ftZAtmu+GyWoHBS9OlDIldWD
XHAfQenz3z1TXxhTzLm2oDw5WMT1M0MYTCAOdt4+6xdoy5Cej5e/hwD16HW7y43u
/y6Kz1qgbF1tNneuR9B4Qrz4PTrBz2lJK4NCvzMwLiV6JT0KTC3BzuAyezmXAzd+
OMPcYb+C67gZAR4PTJzJ03rtIpVS8OfNn/lUhnLftoiOUrel75EC3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:14 2024 by rpki-client on console-ams.rpki-client.org