Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/76vyF2lxyMcfWdUunnDHOcvEmec.roa
File: 76vyF2lxyMcfWdUunnDHOcvEmec.roa (raw, json)
Hash identifier: CxSFnHisrTZxmDnTIDZVtGLqRRmcjqGLIOc+Vb1eYLA=
Subject key identifier: EF:AB:F2:17:69:71:C8:C7:1F:59:D5:2E:9E:70:C7:39:CB:C4:99:E7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 50EA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/76vyF2lxyMcfWdUunnDHOcvEmec.roa
Signing time: Mon 06 May 2024 11:23:51 +0000
ROA not before: Mon 06 May 2024 11:23:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20714 (0x50ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 11:23:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EFABF2176971C8C71F59D52E9E70C739CBC499E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e1:af:ae:a1:c6:20:4d:22:b4:4d:dc:58:8c:
8c:bd:21:7a:82:4b:6b:e6:a9:1d:0b:10:1d:2a:14:
72:b9:b8:22:9a:0b:fb:37:26:52:ff:f5:2e:78:bf:
a8:b5:3a:c0:e2:24:a6:e0:b3:ad:1c:46:f9:d4:13:
59:d7:c3:8d:45:f7:0a:01:3e:6e:4e:a9:fa:eb:ca:
bc:36:18:89:a2:35:08:f3:84:23:b6:4b:0d:17:6b:
66:ff:4e:87:e6:61:80:1d:77:88:4e:f8:49:6c:cd:
86:50:0d:20:70:e4:50:16:a0:ad:6c:43:9c:0f:10:
0b:97:ab:05:64:7a:01:66:e7:da:8f:d5:f7:72:8d:
81:01:48:26:3a:bb:cf:d1:f9:53:4e:6a:07:7d:2f:
41:ba:16:cd:06:3b:2b:c2:0a:e4:20:d8:9e:66:2d:
61:87:03:90:d6:d6:f8:b6:fd:63:c5:39:48:d8:d6:
ea:a3:a3:8e:66:70:57:10:74:63:fe:65:c6:ff:28:
da:b4:ec:92:83:51:76:8e:32:79:fd:ef:2b:52:87:
80:9a:a0:ee:8c:d1:70:ce:fc:d2:c1:d9:ba:03:9b:
4e:3d:8a:ac:dd:0a:45:d2:e9:5f:e2:b0:4b:60:26:
56:83:21:58:bb:2a:fa:b5:13:58:39:aa:d3:3c:43:
8d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:AB:F2:17:69:71:C8:C7:1F:59:D5:2E:9E:70:C7:39:CB:C4:99:E7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/76vyF2lxyMcfWdUunnDHOcvEmec.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:ba:88:88:bc:42:3f:5f:43:d8:cc:62:31:fa:18:cc:af:30:
36:fc:b7:3c:58:72:d2:5a:b4:f1:cf:54:b6:d3:08:88:41:63:
11:fb:f5:04:a1:0e:10:49:15:04:0b:11:d3:b1:4e:fd:6c:70:
85:cb:3c:1d:12:cc:9f:70:d8:00:c2:b2:0d:b2:ef:0d:1c:ac:
b2:d3:5e:65:9f:f1:ca:f5:11:92:91:47:88:ca:95:3e:ef:3e:
e9:97:4e:46:7f:c1:5c:47:8a:ad:2f:a3:d7:cf:3c:d5:45:07:
5b:85:75:ef:09:54:a6:f5:7b:d6:75:80:f4:da:c6:fd:39:1c:
d2:7a:14:90:06:fc:8e:c1:06:34:56:dc:0e:bc:ad:70:20:77:
c2:8b:b7:a0:5c:cf:07:ed:3b:6a:b8:8f:32:5c:6e:74:80:a8:
92:75:3d:59:22:e6:7a:bb:68:2c:06:f7:d5:89:22:6f:d1:66:
b8:22:c5:0f:d8:81:4e:fb:4d:6d:07:0f:27:39:25:4e:91:de:
f0:dc:0a:24:e7:84:4a:fb:e1:a8:3b:96:eb:d7:8e:40:ab:81:
a3:5b:f7:b5:68:8d:4f:9d:82:53:fb:8d:f8:37:da:e0:0f:38:
f3:86:24:4f:5c:c8:94:50:9a:0a:40:95:f2:ee:76:b6:71:67:
36:40:bd:b6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUOowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYx
MTIzNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVGQUJGMjE3Njk3MUM4
QzcxRjU5RDUyRTlFNzBDNzM5Q0JDNDk5RTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCk4a+uocYgTSK0TdxYjIy9IXqCS2vmqR0LEB0qFHK5uCKaC/s3
JlL/9S54v6i1OsDiJKbgs60cRvnUE1nXw41F9woBPm5Oqfrryrw2GImiNQjzhCO2
Sw0Xa2b/TofmYYAdd4hO+ElszYZQDSBw5FAWoK1sQ5wPEAuXqwVkegFm59qP1fdy
jYEBSCY6u8/R+VNOagd9L0G6Fs0GOyvCCuQg2J5mLWGHA5DW1vi2/WPFOUjY1uqj
o45mcFcQdGP+Zcb/KNq07JKDUXaOMnn97ytSh4CaoO6M0XDO/NLB2boDm049iqzd
CkXS6V/isEtgJlaDIVi7Kvq1E1g5qtM8Q41tAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU76vyF2lxyMcfWdUunnDHOcvEmecwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Lzc2dnlGMmx4eU1jZldk
VXVubkRIT2N2RW1lYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAeLqIiLxCP19D2MxiMfoYzK8wNvy3PFhy
0lq08c9UttMIiEFjEfv1BKEOEEkVBAsR07FO/Wxwhcs8HRLMn3DYAMKyDbLvDRys
stNeZZ/xyvURkpFHiMqVPu8+6ZdORn/BXEeKrS+j18881UUHW4V17wlUpvV71nWA
9NrG/Tkc0noUkAb8jsEGNFbcDrytcCB3wou3oFzPB+07ariPMlxudICoknU9WSLm
ertoLAb31Ykib9FmuCLFD9iBTvtNbQcPJzklTpHe8NwKJOeESvvhqDuW69eOQKuB
o1v3tWiNT52CU/uN+Dfa4A8484YkT1zIlFCaCkCV8u52tnFnNkC9tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:08 2024 by rpki-client on console-fra.rpki-client.org