Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7YVJToscJ8bVXZB85vSYxN3MF6o.roa
File: 7YVJToscJ8bVXZB85vSYxN3MF6o.roa (raw, json)
Hash identifier: nZHDvuZJazJWY7HAEJW5QnzbsB1HyzcZ0SgJfxniVE4=
Subject key identifier: ED:85:49:4E:8B:1C:27:C6:D5:5D:90:7C:E6:F4:98:C4:DD:CC:17:AA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 516A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7YVJToscJ8bVXZB85vSYxN3MF6o.roa
Signing time: Tue 07 May 2024 03:24:01 +0000
ROA not before: Tue 07 May 2024 03:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20842 (0x516a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 03:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ED85494E8B1C27C6D55D907CE6F498C4DDCC17AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:66:bd:e0:b4:d4:87:88:b9:0d:27:9f:fe:b5:
8a:13:48:17:74:0d:77:e8:35:c8:7f:09:9a:c0:11:
32:96:2c:61:c1:66:c9:3a:24:7a:99:8e:8c:fb:f6:
8d:b9:6b:dc:d1:c7:ad:64:d4:bd:2a:04:42:b9:82:
2e:1e:0f:ae:da:90:9e:5c:cd:c4:e6:d4:be:7c:0c:
98:03:9f:be:3c:17:c4:1f:0a:48:1c:65:bc:44:24:
e7:8c:12:d9:58:96:bd:c2:32:29:98:e2:ac:20:22:
85:bd:00:73:d0:37:44:5a:f9:70:69:86:15:1b:82:
a3:95:e6:3b:0d:cd:d2:88:34:80:94:ce:f7:3e:e5:
94:f7:b0:74:f0:d7:38:45:ac:b4:8b:79:59:45:c9:
c4:f9:06:48:11:75:32:e4:8d:f2:d5:70:f0:9c:a2:
71:3c:e1:0b:29:81:c1:17:9d:5f:32:3c:45:5d:ee:
5d:d3:e9:98:66:a4:a4:e5:bc:7c:de:fc:4c:04:86:
b8:85:11:fa:de:7a:c1:41:ac:70:fb:53:7d:f9:1a:
45:2d:09:0e:bd:65:9d:61:f1:54:e1:b0:3f:36:d7:
eb:ae:cd:4f:5d:d1:a5:97:37:58:57:4a:0f:46:6a:
bc:66:1b:64:5b:68:9f:5f:7f:35:18:f6:ae:a0:6c:
34:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:85:49:4E:8B:1C:27:C6:D5:5D:90:7C:E6:F4:98:C4:DD:CC:17:AA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7YVJToscJ8bVXZB85vSYxN3MF6o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:d1:30:d2:87:2c:03:21:73:39:b9:7e:63:88:04:0c:f0:6c:
ef:22:81:26:5e:78:f2:1b:c4:ca:40:fe:4b:86:37:85:69:df:
ab:e5:b2:28:d6:83:49:52:7b:86:06:c8:4d:13:6c:92:f1:18:
ab:24:13:61:13:16:57:a5:27:14:ab:a8:38:fc:86:ba:36:c1:
df:97:22:56:f0:b1:df:75:1d:d1:7c:7f:a5:57:93:2f:14:bb:
a9:e9:e4:75:33:56:10:39:e6:b8:e8:38:02:b2:69:38:fe:cf:
b9:9a:14:76:28:4d:ad:eb:c5:96:df:b5:b1:f8:c2:0a:ce:4a:
56:bf:46:3f:6b:de:20:05:fe:6a:b1:22:a1:86:21:9f:51:45:
79:96:f5:6b:68:a8:82:5c:71:63:be:ea:4b:f4:ee:5c:f2:39:
60:cc:d2:95:11:ea:a1:77:af:80:ad:92:fb:18:2c:44:a1:6a:
00:88:f7:30:22:2f:1d:94:9f:80:e2:51:a2:19:da:a2:f2:3e:
7e:06:43:cc:a5:fc:d3:cd:c5:a5:dc:ec:87:20:ea:a0:c7:10:
96:20:28:06:fe:03:4e:b4:42:f3:f0:d8:5e:e8:60:03:88:32:
57:75:56:70:21:2e:7b:46:b2:08:fd:d9:28:fe:e6:b7:20:15:
dc:cb:1a:03
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUWowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcw
MzI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVEODU0OTRFOEIxQzI3
QzZENTVEOTA3Q0U2RjQ5OEM0RERDQzE3QUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/Zr3gtNSHiLkNJ5/+tYoTSBd0DXfoNch/CZrAETKWLGHBZsk6
JHqZjoz79o25a9zRx61k1L0qBEK5gi4eD67akJ5czcTm1L58DJgDn748F8QfCkgc
ZbxEJOeMEtlYlr3CMimY4qwgIoW9AHPQN0Ra+XBphhUbgqOV5jsNzdKINICUzvc+
5ZT3sHTw1zhFrLSLeVlFycT5BkgRdTLkjfLVcPCconE84QspgcEXnV8yPEVd7l3T
6ZhmpKTlvHze/EwEhriFEfreesFBrHD7U335GkUtCQ69ZZ1h8VThsD821+uuzU9d
0aWXN1hXSg9GarxmG2RbaJ9ffzUY9q6gbDRzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU7YVJToscJ8bVXZB85vSYxN3MF6owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdZVkpUb3NjSjhiVlha
Qjg1dlNZeE4zTUY2by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAgNEw0ocsAyFzObl+Y4gEDPBs7yKBJl54
8hvEykD+S4Y3hWnfq+WyKNaDSVJ7hgbITRNskvEYqyQTYRMWV6UnFKuoOPyGujbB
35ciVvCx33Ud0Xx/pVeTLxS7qenkdTNWEDnmuOg4ArJpOP7PuZoUdihNrevFlt+1
sfjCCs5KVr9GP2veIAX+arEioYYhn1FFeZb1a2ioglxxY77qS/TuXPI5YMzSlRHq
oXevgK2S+xgsRKFqAIj3MCIvHZSfgOJRohnaovI+fgZDzKX8083FpdzshyDqoMcQ
liAoBv4DTrRC8/DYXuhgA4gyV3VWcCEue0ayCP3ZKP7mtyAV3MsaAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:08 2024 by rpki-client on console-fra.rpki-client.org