Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6Di1I0RDWqjJBFdmVmEz3AMLLjw.roa
File: 6Di1I0RDWqjJBFdmVmEz3AMLLjw.roa (raw, json)
Hash identifier: qIbMPLo6ZVt21VLvyjtXx688TefkvY8o4zdYy4itwj0=
Subject key identifier: E8:38:B5:23:44:43:5A:A8:C9:04:57:66:56:61:33:DC:03:0B:2E:3C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 454E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6Di1I0RDWqjJBFdmVmEz3AMLLjw.roa
Signing time: Sat 20 Apr 2024 23:53:28 +0000
ROA not before: Sat 20 Apr 2024 23:53:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17742 (0x454e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 23:53:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E838B52344435AA8C9045766566133DC030B2E3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cd:d3:8c:e5:cd:a6:ba:a0:e4:ba:62:23:fe:
8c:0c:b3:ac:e6:4e:4e:54:a1:b8:a5:0e:7f:d5:b5:
f4:59:9d:9f:9a:7a:36:79:af:be:f6:bc:62:e7:94:
16:29:7e:62:a4:f1:b2:d6:72:8e:65:07:76:3a:fd:
f1:77:1f:60:7a:1b:eb:eb:93:15:9b:99:3d:00:f2:
eb:5b:be:9d:83:36:c4:c3:f8:32:a5:35:68:06:b7:
27:28:a4:40:d7:35:b9:56:d7:86:2d:8c:ae:a1:0c:
e9:43:63:07:8a:27:d8:49:13:fb:0b:10:16:ad:ac:
c2:26:22:61:7e:6f:fa:ee:31:ec:a1:10:b2:04:84:
d1:b0:de:f7:4f:92:04:fb:cc:42:3e:ec:c5:ce:d6:
8b:a4:17:39:8a:4f:3f:b1:51:9d:d1:fb:df:c5:05:
4d:e8:7f:09:2c:69:eb:97:d4:ee:a7:22:59:a1:97:
18:5d:ce:14:f2:93:83:e1:19:ce:b0:79:ed:ed:07:
ef:78:70:b3:f9:03:7f:72:44:7b:1d:9c:3c:70:03:
fd:1c:87:3e:ce:ec:f5:b6:2a:78:7e:3d:8e:a1:bd:
c9:ef:b3:0b:20:b0:8d:4b:00:6e:5a:d7:32:b7:ab:
5d:b6:56:0b:3c:a6:e2:a3:bd:bc:8e:69:a9:d7:45:
7f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:38:B5:23:44:43:5A:A8:C9:04:57:66:56:61:33:DC:03:0B:2E:3C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6Di1I0RDWqjJBFdmVmEz3AMLLjw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:aa:8a:59:ba:0e:4c:ae:bd:21:52:12:0a:b5:4a:37:5c:9a:
b2:9e:a3:c9:56:24:f3:48:a8:4d:5c:8a:84:f3:d2:06:82:7c:
5d:db:10:d9:3a:3e:65:7d:28:16:4b:c4:76:5d:48:39:d4:01:
69:76:f1:af:3b:bc:f5:55:e3:20:f4:9e:5f:cd:2c:b5:8b:14:
59:39:da:71:4d:55:2a:6f:ed:e0:39:e8:b6:5c:6e:f9:e1:21:
61:5b:1c:3f:55:84:25:0f:57:1b:81:b2:be:eb:ad:46:52:e3:
6c:ff:7b:01:34:5d:16:ec:c5:03:c4:42:4b:c4:6e:8c:2f:73:
2b:cd:47:7e:78:2b:4c:f1:a2:b3:a2:5b:dc:b0:a8:4c:df:b7:
96:a5:e0:34:89:b9:2c:85:76:a8:2a:9a:fe:22:ca:5f:57:32:
eb:b0:a0:8b:5f:f9:c4:fd:b8:49:09:36:96:31:67:04:dc:1c:
63:6e:dc:99:00:26:5f:35:f3:aa:bd:d7:b1:60:b3:6a:f7:55:
de:d1:6f:09:44:99:63:11:16:41:c7:a8:6e:1b:95:c1:b2:86:
c7:63:21:e5:a9:34:8a:cc:1d:4f:2a:fc:2c:cc:53:3f:bf:8d:
70:3f:5f:45:1f:05:3f:c1:99:d3:93:87:04:bc:8e:73:0f:d9:
63:ad:b6:ea
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRU4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAy
MzUzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU4MzhCNTIzNDQ0MzVB
QThDOTA0NTc2NjU2NjEzM0RDMDMwQjJFM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6zdOM5c2muqDkumIj/owMs6zmTk5UobilDn/VtfRZnZ+aejZ5
r772vGLnlBYpfmKk8bLWco5lB3Y6/fF3H2B6G+vrkxWbmT0A8utbvp2DNsTD+DKl
NWgGtycopEDXNblW14YtjK6hDOlDYweKJ9hJE/sLEBatrMImImF+b/ruMeyhELIE
hNGw3vdPkgT7zEI+7MXO1oukFzmKTz+xUZ3R+9/FBU3ofwksaeuX1O6nIlmhlxhd
zhTyk4PhGc6wee3tB+94cLP5A39yRHsdnDxwA/0chz7O7PW2Knh+PY6hvcnvswsg
sI1LAG5a1zK3q122Vgs8puKjvbyOaanXRX/5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU6Di1I0RDWqjJBFdmVmEz3AMLLjwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZEaTFJMFJEV3FqSkJG
ZG1WbUV6M0FNTExqdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEATaqKWboOTK69IVISCrVKN1yasp6jyVYk
80ioTVyKhPPSBoJ8XdsQ2To+ZX0oFkvEdl1IOdQBaXbxrzu89VXjIPSeX80stYsU
WTnacU1VKm/t4Dnotlxu+eEhYVscP1WEJQ9XG4GyvuutRlLjbP97ATRdFuzFA8RC
S8RujC9zK81HfngrTPGis6Jb3LCoTN+3lqXgNIm5LIV2qCqa/iLKX1cy67Cgi1/5
xP24SQk2ljFnBNwcY27cmQAmXzXzqr3XsWCzavdV3tFvCUSZYxEWQceobhuVwbKG
x2Mh5ak0iswdTyr8LMxTP7+NcD9fRR8FP8GZ05OHBLyOcw/ZY6226g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:07 2024 by rpki-client on console-fra.rpki-client.org