Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/52Ffs2lRWMhFaS773UDPPGE1jpc.roa
File: 52Ffs2lRWMhFaS773UDPPGE1jpc.roa (raw, json)
Hash identifier: w3NiIr5LnTeoBf4HuDi3SnNke1lxxwrHS927frQHuHU=
Subject key identifier: E7:61:5F:B3:69:51:58:C8:45:69:2E:FB:DD:40:CF:3C:61:35:8E:97
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4066
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/52Ffs2lRWMhFaS773UDPPGE1jpc.roa
Signing time: Sun 14 Apr 2024 10:53:24 +0000
ROA not before: Sun 14 Apr 2024 10:53:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16486 (0x4066)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 10:53:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E7615FB3695158C845692EFBDD40CF3C61358E97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:3d:f7:0b:2e:c6:03:8b:21:b1:33:4d:8b:17:
42:c3:df:57:2a:3a:0e:ca:2d:29:09:02:03:96:8b:
8a:cd:1d:c2:57:54:2f:c5:8c:ff:39:6d:86:e8:d7:
c6:ef:7b:aa:7d:9e:d5:a0:c5:3e:5a:5a:59:56:74:
a5:8a:ba:d3:dd:22:ab:7f:ca:f6:ce:06:6e:50:72:
57:97:02:1b:52:07:d7:cd:f6:b7:5a:6b:65:fb:23:
71:83:1c:cc:53:13:57:a3:cd:0e:d5:59:0a:1b:c5:
1b:46:0b:c2:71:3e:ad:fe:d1:ef:aa:5e:7a:40:b5:
f2:09:87:e6:b3:4e:56:f7:c5:d6:dc:16:69:10:d2:
78:00:ec:45:c2:5b:26:1d:75:6f:ee:f0:f3:8e:f9:
06:81:8e:98:66:19:c2:1a:43:91:2b:68:8f:09:f3:
33:3a:b5:b2:b8:92:d8:cd:17:47:9b:4b:dc:6e:83:
a2:ab:cb:96:83:46:01:71:50:eb:a4:49:ff:83:e7:
34:d0:a2:42:48:a0:cc:29:41:35:7c:7b:07:a7:79:
6a:cd:b4:25:04:87:5d:a1:97:8b:f4:a1:94:f0:85:
d7:46:3f:af:87:b1:28:db:4c:d9:04:1d:86:bc:6c:
32:79:41:0a:01:61:be:07:03:0d:c1:fe:69:15:25:
27:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:61:5F:B3:69:51:58:C8:45:69:2E:FB:DD:40:CF:3C:61:35:8E:97
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/52Ffs2lRWMhFaS773UDPPGE1jpc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:93:32:12:ce:dd:72:96:20:3d:87:d4:9a:df:b1:0b:f9:61:
56:87:6e:46:88:81:7d:ae:e2:ad:3e:80:c8:48:31:10:b7:78:
1d:a7:97:78:49:75:83:f5:a2:f0:a8:d2:b9:d2:1e:84:d2:de:
b7:58:99:b8:fb:63:b3:43:76:d7:02:df:74:38:7b:8b:43:cb:
35:0b:4b:64:da:96:30:58:3c:b2:70:e5:ca:41:c5:53:69:56:
3c:11:e7:48:fa:58:61:a6:88:2b:23:ce:d4:bf:93:20:25:ca:
ee:86:92:f3:c6:4d:f7:f7:93:d5:d2:bd:44:36:35:8f:ab:88:
0f:86:dc:1d:ca:00:95:3a:86:5a:65:60:2c:ca:3d:0d:6b:43:
5c:d0:a1:2e:fc:f3:c4:aa:eb:24:7b:3b:da:68:a2:6a:7f:ba:
bf:e4:95:e5:fd:a2:d9:15:dd:af:aa:8c:a7:db:a2:71:fd:2b:
69:25:ed:9a:3b:f7:90:22:94:ef:bf:b2:0d:04:d7:ce:dd:1f:
65:11:37:1d:6d:66:09:d5:0f:4f:b5:00:73:62:0f:c0:ed:a2:
76:5c:d5:ec:98:ee:08:7f:b2:90:30:6b:17:ab:7b:48:4d:d0:
07:9d:b4:ef:62:64:7f:5b:06:e2:12:32:d0:60:24:a6:78:89:
c2:07:60:d9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
MDUzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU3NjE1RkIzNjk1MTU4
Qzg0NTY5MkVGQkRENDBDRjNDNjEzNThFOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUPfcLLsYDiyGxM02LF0LD31cqOg7KLSkJAgOWi4rNHcJXVC/F
jP85bYbo18bve6p9ntWgxT5aWllWdKWKutPdIqt/yvbOBm5QcleXAhtSB9fN9rda
a2X7I3GDHMxTE1ejzQ7VWQobxRtGC8JxPq3+0e+qXnpAtfIJh+azTlb3xdbcFmkQ
0ngA7EXCWyYddW/u8POO+QaBjphmGcIaQ5EraI8J8zM6tbK4ktjNF0ebS9xug6Kr
y5aDRgFxUOukSf+D5zTQokJIoMwpQTV8eweneWrNtCUEh12hl4v0oZTwhddGP6+H
sSjbTNkEHYa8bDJ5QQoBYb4HAw3B/mkVJScnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU52Ffs2lRWMhFaS773UDPPGE1jpcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzUyRmZzMmxSV01oRmFT
NzczVURQUEdFMWpwYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAIZMyEs7dcpYgPYfUmt+xC/lhVoduRoiB
fa7irT6AyEgxELd4HaeXeEl1g/Wi8KjSudIehNLet1iZuPtjs0N21wLfdDh7i0PL
NQtLZNqWMFg8snDlykHFU2lWPBHnSPpYYaaIKyPO1L+TICXK7oaS88ZN9/eT1dK9
RDY1j6uID4bcHcoAlTqGWmVgLMo9DWtDXNChLvzzxKrrJHs72miian+6v+SV5f2i
2RXdr6qMp9uicf0raSXtmjv3kCKU77+yDQTXzt0fZRE3HW1mCdUPT7UAc2IPwO2i
dlzV7JjuCH+ykDBrF6t7SE3QB52072Jkf1sG4hIy0GAkpniJwgdg2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:06 2024 by rpki-client on console-fra.rpki-client.org