Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4xd8B67ujAw40WiUXUvTmaq2oww.roa
File: 4xd8B67ujAw40WiUXUvTmaq2oww.roa (raw, json)
Hash identifier: J+CgjPsaURsdqkKU29Kme4leTlPhE4rvOZ+aI9XMGy0=
Subject key identifier: E3:17:7C:07:AE:EE:8C:0C:38:D1:68:94:5D:4B:D3:99:AA:B6:A3:0C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 549E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4xd8B67ujAw40WiUXUvTmaq2oww.roa
Signing time: Sat 11 May 2024 09:54:02 +0000
ROA not before: Sat 11 May 2024 09:54:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21662 (0x549e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 09:54:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E3177C07AEEE8C0C38D168945D4BD399AAB6A30C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8f:e2:f7:ef:18:46:ab:9b:93:95:22:42:d3:
92:b8:26:a2:8a:4b:e7:05:2f:61:f9:7c:c4:d5:39:
43:9a:ce:06:6d:83:a1:da:eb:dc:c4:70:64:3c:9a:
37:6a:d9:9a:58:1d:d9:e0:76:b1:40:4b:6f:45:6c:
38:0a:39:5d:f8:c6:db:24:7a:8e:ea:07:89:a7:2d:
e1:7f:b0:24:aa:90:68:16:24:26:82:81:bc:97:47:
6f:4f:df:64:5a:e3:3e:81:6b:86:3f:02:8b:90:8c:
a0:0d:36:6c:f9:34:43:18:e1:ab:ee:63:b6:ef:b3:
f3:db:da:ea:08:75:f9:95:88:00:bd:b5:20:f6:9e:
3d:31:b6:13:f2:06:b7:0b:bc:79:ae:05:50:25:c7:
b1:f1:e0:d3:e8:7e:7b:4a:95:a4:10:cc:02:58:e6:
c2:7c:2c:4c:74:d4:84:1e:d6:95:3d:a5:59:aa:0e:
c1:f6:24:35:eb:d3:26:21:03:80:3d:fc:9c:54:f4:
26:e9:a9:6b:52:99:f0:8c:5f:64:bc:9c:b4:ad:b2:
f7:56:4a:d2:53:9f:09:75:47:a1:00:e8:a8:36:ea:
03:69:a2:fd:2f:af:f4:a8:64:3d:d2:83:34:07:6e:
9b:dc:f0:62:2e:1c:7a:73:b1:f4:23:57:b1:4f:52:
11:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:17:7C:07:AE:EE:8C:0C:38:D1:68:94:5D:4B:D3:99:AA:B6:A3:0C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4xd8B67ujAw40WiUXUvTmaq2oww.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:16:74:0f:42:a2:ea:8c:2c:90:56:7e:a8:ed:41:de:86:54:
f6:dc:2e:74:32:fa:e5:f0:7b:82:66:31:fb:c3:ee:61:1e:17:
a8:42:e7:b0:02:c0:b7:59:fb:bd:b7:eb:35:4c:a4:de:19:91:
5c:35:14:b0:2c:8f:51:39:3d:fd:02:40:bf:89:31:03:96:e2:
9a:2e:7f:db:67:a3:12:a4:e9:cb:3d:33:34:c4:dd:51:b4:d9:
c1:6e:3e:fb:65:d2:6c:6f:24:81:0b:c5:2c:a1:dd:cc:7d:71:
00:31:35:98:7f:86:6e:36:17:fa:f6:b4:9b:0e:70:88:d9:df:
93:2e:97:36:1e:07:6c:7b:4f:46:21:02:7e:fe:72:1c:83:d5:
f1:c0:53:60:fe:78:7a:10:15:12:64:33:83:27:75:66:44:b7:
17:a6:5c:7f:ea:ce:ae:4a:23:3b:68:e4:44:cf:63:87:02:15:
72:bc:bd:01:d0:1c:09:ae:a8:4d:c8:81:08:ca:bf:a9:24:72:
0f:08:5e:c0:f8:99:65:a6:72:ac:f8:cd:ed:68:51:35:b1:19:
2d:49:55:09:39:b0:dd:f5:c1:82:99:c3:75:0b:40:e3:80:41:
1c:e1:62:5b:b8:55:36:02:e8:9b:5c:03:b3:9f:ba:93:bf:2c:
db:29:06:b4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEw
OTU0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUzMTc3QzA3QUVFRThD
MEMzOEQxNjg5NDVENEJEMzk5QUFCNkEzMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcj+L37xhGq5uTlSJC05K4JqKKS+cFL2H5fMTVOUOazgZtg6Ha
69zEcGQ8mjdq2ZpYHdngdrFAS29FbDgKOV34xtskeo7qB4mnLeF/sCSqkGgWJCaC
gbyXR29P32Ra4z6Ba4Y/AouQjKANNmz5NEMY4avuY7bvs/Pb2uoIdfmViAC9tSD2
nj0xthPyBrcLvHmuBVAlx7Hx4NPofntKlaQQzAJY5sJ8LEx01IQe1pU9pVmqDsH2
JDXr0yYhA4A9/JxU9CbpqWtSmfCMX2S8nLStsvdWStJTnwl1R6EA6Kg26gNpov0v
r/SoZD3SgzQHbpvc8GIuHHpzsfQjV7FPUhFBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU4xd8B67ujAw40WiUXUvTmaq2owwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzR4ZDhCNjd1akF3NDBX
aVVYVXZUbWFxMm93dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEATBZ0D0Ki6owskFZ+qO1B3oZU9twudDL6
5fB7gmYx+8PuYR4XqELnsALAt1n7vbfrNUyk3hmRXDUUsCyPUTk9/QJAv4kxA5bi
mi5/22ejEqTpyz0zNMTdUbTZwW4++2XSbG8kgQvFLKHdzH1xADE1mH+GbjYX+va0
mw5wiNnfky6XNh4HbHtPRiECfv5yHIPV8cBTYP54ehAVEmQzgyd1ZkS3F6Zcf+rO
rkojO2jkRM9jhwIVcry9AdAcCa6oTciBCMq/qSRyDwhewPiZZaZyrPjN7WhRNbEZ
LUlVCTmw3fXBgpnDdQtA44BBHOFiW7hVNgLom1wDs5+6k78s2ykGtA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:06 2024 by rpki-client on console-fra.rpki-client.org