Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6o4vM20FNP4XxIy7OacVwsZdeYg.roa
File: 6o4vM20FNP4XxIy7OacVwsZdeYg.roa (raw, json)
Hash identifier: moiKxX2iE4jaXa6qB3eb84wOvHdldipR1i3AU/cDZyw=
Subject key identifier: EA:8E:2F:33:6D:05:34:FE:17:C4:8C:BB:39:A7:15:C2:C6:5D:79:88
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4042
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6o4vM20FNP4XxIy7OacVwsZdeYg.roa
Signing time: Sun 14 Apr 2024 06:23:22 +0000
ROA not before: Sun 14 Apr 2024 06:23:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16450 (0x4042)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 06:23:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EA8E2F336D0534FE17C48CBB39A715C2C65D7988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:67:c8:37:d2:94:5b:91:73:14:0b:03:87:6e:
44:3b:bf:4f:65:f4:77:b8:62:8c:e3:c9:3a:d1:5e:
de:a2:ef:f7:25:cc:d1:23:38:90:42:07:0a:30:e9:
73:c8:3b:0a:c6:f5:50:c7:32:22:1c:37:1e:67:a7:
fd:e6:e2:ed:c2:e6:61:c7:01:7d:6f:12:67:b9:a5:
8a:73:37:da:44:1f:07:d6:3d:b9:0c:af:ed:17:0f:
07:4b:dd:05:e6:58:5f:fa:a0:1b:4b:40:26:88:df:
9c:f9:8c:53:40:32:fa:0d:63:92:2e:7b:d0:6b:bb:
ab:57:b0:80:f5:04:52:2b:4d:ed:f3:bc:95:e5:13:
32:c6:c3:2d:89:88:bd:79:86:c2:e3:36:df:ff:9c:
87:8e:76:96:51:b5:ea:f8:32:43:76:d2:83:f4:20:
69:8b:80:9d:41:d2:33:0b:54:c7:de:12:fb:c9:00:
3c:d7:37:b9:77:1f:3a:5b:d6:0d:eb:42:d5:97:f2:
04:20:9c:b7:3e:aa:7c:43:b9:52:41:e8:0f:a2:54:
11:6e:d2:2a:af:30:8f:5d:50:ce:35:ae:0e:01:68:
b8:b7:b4:b6:f7:d4:bc:e0:60:8f:9a:e1:20:f4:28:
f1:c7:4f:1f:0b:5a:74:b6:82:cf:49:13:14:63:af:
e0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:8E:2F:33:6D:05:34:FE:17:C4:8C:BB:39:A7:15:C2:C6:5D:79:88
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6o4vM20FNP4XxIy7OacVwsZdeYg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8f:8f:76:04:35:8f:d9:07:14:79:ff:b8:15:b8:87:6c:c5:3a:
12:74:a7:01:ee:01:2e:e8:9e:de:3e:de:ce:02:c9:17:df:99:
b7:8b:30:4c:e0:ab:a6:32:6a:90:8b:97:4b:a2:e4:17:64:b6:
ad:ff:89:bf:c0:cc:c7:22:c0:94:0d:16:0c:1b:7e:8c:a6:69:
01:97:41:46:bc:d4:a6:74:71:6c:a2:3f:8f:1a:dc:a1:f8:d4:
7b:11:15:79:31:45:aa:6b:e7:26:be:18:de:8e:d6:f4:20:08:
01:8c:68:79:44:41:20:8a:cb:12:dc:05:0c:33:13:f9:4a:f7:
bb:00:f3:cc:20:09:3a:89:b8:42:c5:e9:2a:c0:f8:2c:c4:00:
c4:bc:f9:4a:ed:ca:1f:d9:d3:aa:51:3a:9f:a8:3f:11:55:19:
15:cc:01:a0:c0:80:a9:5a:b5:f0:d1:72:ba:b7:2c:bd:61:73:
4f:f5:a9:d0:77:be:c5:7d:16:2d:a1:10:73:16:c0:f3:2c:ae:
1f:fb:a9:4e:cf:29:2b:f7:9e:b5:14:5d:1d:d1:4d:e3:cc:ba:
c5:61:5a:88:cb:8d:72:90:87:46:96:85:8e:7f:6e:c0:ef:fc:
f1:81:b5:e4:65:69:dd:38:8c:83:60:5a:69:1e:b9:a8:e4:6d:
a9:79:3b:fc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQEIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
NjIzMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVBOEUyRjMzNkQwNTM0
RkUxN0M0OENCQjM5QTcxNUMyQzY1RDc5ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+Z8g30pRbkXMUCwOHbkQ7v09l9He4YozjyTrRXt6i7/clzNEj
OJBCBwow6XPIOwrG9VDHMiIcNx5np/3m4u3C5mHHAX1vEme5pYpzN9pEHwfWPbkM
r+0XDwdL3QXmWF/6oBtLQCaI35z5jFNAMvoNY5Iue9Bru6tXsID1BFIrTe3zvJXl
EzLGwy2JiL15hsLjNt//nIeOdpZRter4MkN20oP0IGmLgJ1B0jMLVMfeEvvJADzX
N7l3Hzpb1g3rQtWX8gQgnLc+qnxDuVJB6A+iVBFu0iqvMI9dUM41rg4BaLi3tLb3
1LzgYI+a4SD0KPHHTx8LWnS2gs9JExRjr+C9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU6o4vM20FNP4XxIy7OacVwsZdeYgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZvNHZNMjBGTlA0WHhJ
eTdPYWNWd3NaZGVZZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAj492BDWP2QcUef+4FbiHbMU6EnSnAe4B
Luie3j7ezgLJF9+Zt4swTOCrpjJqkIuXS6LkF2S2rf+Jv8DMxyLAlA0WDBt+jKZp
AZdBRrzUpnRxbKI/jxrcofjUexEVeTFFqmvnJr4Y3o7W9CAIAYxoeURBIIrLEtwF
DDMT+Ur3uwDzzCAJOom4QsXpKsD4LMQAxLz5Su3KH9nTqlE6n6g/EVUZFcwBoMCA
qVq18NFyurcsvWFzT/Wp0He+xX0WLaEQcxbA8yyuH/upTs8pK/eetRRdHdFN48y6
xWFaiMuNcpCHRpaFjn9uwO/88YG15GVp3TiMg2BaaR65qORtqXk7/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:17 2024 by rpki-client on console-ams.rpki-client.org