Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/76huElbE8dpPD80GAMYTX4CIRgA.roa
File: 76huElbE8dpPD80GAMYTX4CIRgA.roa (raw, json)
Hash identifier: nRolBIJ7HKMyNdWB4+pfAz5opiEIcXqCdZ77LFLqQmM=
Subject key identifier: EF:A8:6E:12:56:C4:F1:DA:4F:0F:CD:06:00:C6:13:5F:80:88:46:00
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F8E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/76huElbE8dpPD80GAMYTX4CIRgA.roa
Signing time: Sat 04 May 2024 15:54:00 +0000
ROA not before: Sat 04 May 2024 15:54:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20366 (0x4f8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 15:54:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EFA86E1256C4F1DA4F0FCD0600C6135F80884600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:79:76:88:0a:ff:54:86:5e:ef:5f:90:d5:cf:
a7:01:bd:18:f6:00:29:25:8e:0e:cf:d3:77:d5:a2:
5d:82:dd:e2:80:29:fd:f8:50:19:f2:c0:1e:77:94:
85:10:1d:12:b4:8c:60:a1:1d:8e:4a:b7:ef:90:23:
53:ec:46:05:24:29:64:24:1b:7a:2f:62:58:4e:96:
ff:c9:93:61:40:60:da:82:cf:60:31:68:67:39:86:
80:5b:e5:e8:84:f1:b4:06:43:d1:f0:29:ae:9d:cc:
64:4e:6e:7b:a3:32:61:4c:2b:b3:03:01:ae:f4:df:
7a:3b:a0:e4:e5:2d:62:50:b4:79:cf:0f:21:e4:e2:
0a:59:84:bf:52:ef:06:92:82:34:7f:5e:3d:3a:48:
f8:33:cd:61:3e:0a:94:51:e8:0f:9d:aa:29:2c:5d:
7a:9f:ba:b5:0d:a8:7f:f4:41:e4:66:70:58:63:b9:
02:b2:f3:8a:d3:90:11:49:6a:b2:bd:e4:48:69:e6:
b9:55:d3:84:61:a4:37:a3:38:4f:ef:1b:ef:1a:00:
3e:5b:30:0a:e2:b5:77:51:b9:c8:01:1b:79:ea:3c:
0e:0f:19:31:65:e7:79:56:d4:ab:fc:fa:32:ba:f8:
26:e6:7c:4d:e8:33:19:4c:59:11:20:1b:4f:54:70:
ea:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:A8:6E:12:56:C4:F1:DA:4F:0F:CD:06:00:C6:13:5F:80:88:46:00
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/76huElbE8dpPD80GAMYTX4CIRgA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:f0:c8:23:30:8b:3c:78:6e:25:81:f3:23:7c:91:d2:79:78:
15:6a:04:bf:52:6f:3a:ce:88:7a:de:46:6e:69:01:98:be:7c:
9e:40:4c:6b:60:a4:6c:2d:0b:cf:fc:2f:2b:a0:73:82:33:c4:
2a:8c:65:1b:7a:51:cc:c3:04:ca:44:ff:82:75:2b:fa:1c:d8:
08:d0:b2:1b:ec:1c:12:3a:2d:26:71:69:4e:e1:a5:82:31:6d:
ba:d2:3d:e6:5e:28:4f:5a:9a:ce:72:c7:42:0f:93:a0:db:6e:
9b:8d:1a:8c:8f:a7:ec:d4:8c:42:e5:ad:93:82:00:e6:a5:cf:
7d:60:50:1f:dc:4d:59:fa:43:44:65:2d:62:12:3a:d7:04:90:
af:6e:b2:34:77:d7:a0:43:63:32:61:24:16:22:9f:6e:fa:78:
82:a1:69:91:8f:cc:58:6e:7f:4a:3d:2f:a2:6e:5c:70:c6:9e:
bf:07:04:31:46:8a:5f:ba:6a:1e:56:eb:97:f9:27:6c:71:d0:
f3:fb:f8:c5:10:39:5b:52:9e:dd:04:82:93:bf:51:05:52:7d:
bd:4b:49:30:f9:b7:9c:d7:ea:57:2b:43:38:16:aa:b6:bc:07:
91:3a:15:16:d0:88:44:8c:01:52:02:de:37:ff:f1:ec:a7:dd:
f2:e0:29:ad
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICT44wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQx
NTU0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVGQTg2RTEyNTZDNEYx
REE0RjBGQ0QwNjAwQzYxMzVGODA4ODQ2MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5eXaICv9Uhl7vX5DVz6cBvRj2ACkljg7P03fVol2C3eKAKf34
UBnywB53lIUQHRK0jGChHY5Kt++QI1PsRgUkKWQkG3ovYlhOlv/Jk2FAYNqCz2Ax
aGc5hoBb5eiE8bQGQ9HwKa6dzGRObnujMmFMK7MDAa7033o7oOTlLWJQtHnPDyHk
4gpZhL9S7waSgjR/Xj06SPgzzWE+CpRR6A+dqiksXXqfurUNqH/0QeRmcFhjuQKy
84rTkBFJarK95Ehp5rlV04RhpDejOE/vG+8aAD5bMAritXdRucgBG3nqPA4PGTFl
53lW1Kv8+jK6+CbmfE3oMxlMWREgG09UcOp9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU76huElbE8dpPD80GAMYTX4CIRgAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Lzc2aHVFbGJFOGRwUEQ4
MEdBTVlUWDRDSVJnQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAVvDIIzCLPHhuJYHzI3yR0nl4FWoEv1Jv
Os6Iet5GbmkBmL58nkBMa2CkbC0Lz/wvK6BzgjPEKoxlG3pRzMMEykT/gnUr+hzY
CNCyG+wcEjotJnFpTuGlgjFtutI95l4oT1qaznLHQg+ToNtum40ajI+n7NSMQuWt
k4IA5qXPfWBQH9xNWfpDRGUtYhI61wSQr26yNHfXoENjMmEkFiKfbvp4gqFpkY/M
WG5/Sj0vom5ccMaevwcEMUaKX7pqHlbrl/knbHHQ8/v4xRA5W1Ke3QSCk79RBVJ9
vUtJMPm3nNfqVytDOBaqtrwHkToVFtCIRIwBUgLeN//x7Kfd8uAprQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:08 2024 by rpki-client on console-fra.rpki-client.org