Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/57KI8SP-Hquz_z7nExnYQBmYrsI.roa
File: 57KI8SP-Hquz_z7nExnYQBmYrsI.roa (raw, json)
Hash identifier: svNDE+q5maZf0D/iXXjEveU42Thnjp7DrLoIUqRZTQo=
Subject key identifier: E7:B2:88:F1:23:FE:1E:AB:B3:FF:3E:E7:13:19:D8:40:19:98:AE:C2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FD2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/57KI8SP-Hquz_z7nExnYQBmYrsI.roa
Signing time: Sat 13 Apr 2024 16:22:49 +0000
ROA not before: Sat 13 Apr 2024 16:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16338 (0x3fd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 16:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E7B288F123FE1EABB3FF3EE71319D8401998AEC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a7:1a:5c:60:d3:40:1a:13:03:3f:36:88:0e:
c8:e6:52:57:3b:2e:10:c6:8b:27:28:0f:5d:09:69:
01:21:e6:1d:fc:23:4b:87:84:84:6b:91:6e:bc:ad:
86:c9:fe:92:23:07:67:ae:9a:7b:dd:57:45:6e:83:
82:b3:f0:df:e2:75:fe:3b:31:74:ab:0a:6b:52:0c:
e7:ea:f5:76:c6:01:d1:d1:6b:9a:c1:ed:b8:18:db:
84:60:08:1c:96:2d:4d:83:06:c3:d9:95:7f:e8:26:
b8:19:23:44:3b:e6:d8:ad:4a:65:6d:7b:3a:e6:ce:
1f:01:c3:c7:98:af:44:f1:97:f0:ed:8b:b7:06:7d:
70:da:5f:5d:d0:2c:72:53:b5:d5:55:68:c8:ba:72:
17:54:b5:14:ce:ff:26:5b:39:d0:62:0e:b9:db:8d:
e5:ad:0f:a8:4e:8a:e4:a9:c2:41:39:33:cd:e4:ce:
b9:81:b2:d2:11:51:33:36:ba:47:29:40:d0:17:13:
92:43:ca:a0:0c:f9:c7:1b:bb:90:a4:7d:f1:13:9d:
e7:36:14:22:74:fb:cf:04:fd:da:27:91:ea:0a:6a:
e5:a4:86:ef:b1:f4:34:de:05:b4:39:d5:12:b4:14:
59:a9:dd:89:2f:34:de:79:41:00:82:aa:23:9d:82:
04:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B2:88:F1:23:FE:1E:AB:B3:FF:3E:E7:13:19:D8:40:19:98:AE:C2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/57KI8SP-Hquz_z7nExnYQBmYrsI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
57:19:b8:2f:01:1d:6c:23:c4:6c:aa:2e:be:3d:f4:e6:cc:b8:
2e:88:fc:03:d5:32:d3:8a:38:45:7d:87:47:a9:ca:1e:98:57:
15:d4:27:b5:1b:b2:89:9d:a8:e4:28:39:9e:27:17:c9:86:38:
3c:53:2c:4b:47:c7:ef:da:4e:57:b9:c3:3b:80:66:ea:06:cc:
6c:cd:48:94:2f:00:5f:78:e9:cb:79:43:7a:de:c1:70:f3:03:
5b:ef:30:82:0f:e1:c7:0d:f5:ab:26:e6:5a:56:42:60:9a:6e:
54:86:a6:fd:a7:8c:f6:50:17:c8:0d:2b:c9:65:bf:11:54:a4:
f4:94:28:e4:ab:87:a1:60:f7:02:76:99:08:c7:fc:e0:92:ff:
36:61:7a:44:41:b7:c3:94:4e:ab:92:63:c9:17:ac:30:a5:ef:
bd:a0:84:03:1c:0d:e2:8d:ae:f2:0e:50:3c:a4:b9:6b:0e:34:
21:6b:2c:3d:1e:07:92:8b:8f:7f:de:e6:81:08:3b:87:38:f7:
c0:f5:84:3a:76:bd:76:d9:40:c3:1b:b9:d2:96:aa:64:cf:24:
0f:7a:a7:3d:bd:1e:8b:96:93:33:31:9e:7d:88:4a:04:51:6d:
1a:15:a4:d9:3b:86:19:f2:7b:79:81:ae:fc:45:01:02:8e:4b:
27:8d:8b:2b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP9IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
NjIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU3QjI4OEYxMjNGRTFF
QUJCM0ZGM0VFNzEzMTlEODQwMTk5OEFFQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkpxpcYNNAGhMDPzaIDsjmUlc7LhDGiycoD10JaQEh5h38I0uH
hIRrkW68rYbJ/pIjB2eumnvdV0Vug4Kz8N/idf47MXSrCmtSDOfq9XbGAdHRa5rB
7bgY24RgCByWLU2DBsPZlX/oJrgZI0Q75titSmVtezrmzh8Bw8eYr0Txl/Dti7cG
fXDaX13QLHJTtdVVaMi6chdUtRTO/yZbOdBiDrnbjeWtD6hOiuSpwkE5M83kzrmB
stIRUTM2ukcpQNAXE5JDyqAM+ccbu5CkffETnec2FCJ0+88E/donkeoKauWkhu+x
9DTeBbQ51RK0FFmp3YkvNN55QQCCqiOdggRhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU57KI8SP+Hquz/z7nExnYQBmYrsIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzU3S0k4U1AtSHF1el96
N25FeG5ZUUJtWXJzSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAVxm4LwEdbCPEbKouvj305sy4Loj8A9Uy
04o4RX2HR6nKHphXFdQntRuyiZ2o5Cg5nicXyYY4PFMsS0fH79pOV7nDO4Bm6gbM
bM1IlC8AX3jpy3lDet7BcPMDW+8wgg/hxw31qybmWlZCYJpuVIam/aeM9lAXyA0r
yWW/EVSk9JQo5KuHoWD3AnaZCMf84JL/NmF6REG3w5ROq5JjyResMKXvvaCEAxwN
4o2u8g5QPKS5aw40IWssPR4HkouPf97mgQg7hzj3wPWEOna9dtlAwxu50paqZM8k
D3qnPb0ei5aTMzGefYhKBFFtGhWk2TuGGfJ7eYGu/EUBAo5LJ42LKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:06 2024 by rpki-client on console-fra.rpki-client.org