Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7gnV2yjvJGnYejSNh6OfcHnfdgs.roa
File: 7gnV2yjvJGnYejSNh6OfcHnfdgs.roa (raw, json)
Hash identifier: W3ykEUQSDeijrxRU/HFt8t1LY8V9pxqI5J8MjtvOIFw=
Subject key identifier: EE:09:D5:DB:28:EF:24:69:D8:7A:34:8D:87:A3:9F:70:79:DF:76:0B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4492
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7gnV2yjvJGnYejSNh6OfcHnfdgs.roa
Signing time: Sat 20 Apr 2024 00:23:03 +0000
ROA not before: Sat 20 Apr 2024 00:23:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17554 (0x4492)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 00:23:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EE09D5DB28EF2469D87A348D87A39F7079DF760B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:86:9c:ba:9b:f8:4b:af:df:31:d7:87:58:c0:
5c:ef:bc:ff:c5:e6:e0:87:a7:fb:42:2d:a2:e3:72:
a2:e5:53:0a:2f:09:27:d3:b4:b6:f2:29:99:60:04:
50:69:b3:c8:98:0a:b3:e4:89:c5:21:9c:59:eb:0b:
95:cc:81:75:37:df:7b:79:ba:8b:2c:3e:08:5e:ce:
16:04:25:6b:c9:ff:b9:34:2f:57:0a:5c:a9:99:86:
25:fc:ac:48:56:80:fa:2a:39:00:f3:06:65:21:76:
93:7e:b0:29:21:79:5b:5f:3e:b0:c0:5b:fb:90:9a:
fb:45:c3:d7:01:70:5f:1c:f1:a6:f8:66:8b:8d:ba:
06:c1:50:5c:46:58:f1:68:6f:9f:7e:62:df:a8:9f:
4c:54:6a:a6:32:61:7f:ef:27:fe:c0:cd:c9:da:39:
d4:fc:7d:2f:14:c1:7e:90:cd:8d:23:05:be:99:fd:
43:92:66:43:1b:27:d1:c4:b4:f0:24:68:e6:f8:be:
4f:73:21:22:24:88:90:46:3b:84:20:d4:11:84:d7:
c5:6f:61:1d:3d:8d:a7:19:2b:81:86:8a:5c:59:d5:
88:0f:93:4a:9f:74:45:ed:38:c8:cb:5c:00:5e:a4:
90:b8:92:8e:75:1c:cb:01:02:07:c6:35:8a:17:69:
ef:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:09:D5:DB:28:EF:24:69:D8:7A:34:8D:87:A3:9F:70:79:DF:76:0B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7gnV2yjvJGnYejSNh6OfcHnfdgs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a3:10:50:9b:f3:df:91:95:8b:ec:a0:5b:25:4f:80:69:cb:ed:
02:ae:d3:34:4d:de:2c:1f:75:7b:b7:bf:7f:99:7b:71:b7:e1:
aa:1e:eb:94:90:be:e4:16:91:9c:02:f2:0a:43:c7:a2:26:91:
c9:b1:28:22:30:ba:99:e8:06:ee:22:2e:cd:1d:0c:43:78:3f:
1c:b5:24:de:1f:74:b8:83:15:9f:8a:59:ac:a6:f5:13:34:20:
9e:f9:a9:9e:07:1d:09:4c:21:0c:aa:63:15:50:18:af:d8:65:
ca:22:ec:44:c4:f0:2c:b4:ba:1d:ed:c5:9e:e1:5e:3c:0b:61:
a6:14:19:1c:1e:a9:21:14:bf:d9:35:ad:ce:79:c0:a4:04:a7:
2d:d8:f6:2b:0e:ac:bb:f0:7a:85:25:ca:82:92:2a:db:a0:e5:
a1:4d:96:64:ac:81:aa:47:eb:f0:b3:88:cb:96:4f:c4:03:5a:
7f:ef:1f:40:06:43:e3:11:12:69:bf:fa:11:c8:ca:d6:34:95:
38:fe:04:6c:ec:d3:39:8e:13:6a:f7:f4:73:c4:88:ae:aa:3e:
95:e8:17:0e:f2:33:c6:68:e0:04:eb:a6:26:fe:f9:ec:a8:68:
40:c7:65:52:d7:f8:9e:d3:48:ce:c4:28:4a:c8:9b:99:3a:c6:
65:1e:ca:a8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRJIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
MDIzMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVFMDlENURCMjhFRjI0
NjlEODdBMzQ4RDg3QTM5RjcwNzlERjc2MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5hpy6m/hLr98x14dYwFzvvP/F5uCHp/tCLaLjcqLlUwovCSfT
tLbyKZlgBFBps8iYCrPkicUhnFnrC5XMgXU333t5uossPghezhYEJWvJ/7k0L1cK
XKmZhiX8rEhWgPoqOQDzBmUhdpN+sCkheVtfPrDAW/uQmvtFw9cBcF8c8ab4ZouN
ugbBUFxGWPFob59+Yt+on0xUaqYyYX/vJ/7AzcnaOdT8fS8UwX6QzY0jBb6Z/UOS
ZkMbJ9HEtPAkaOb4vk9zISIkiJBGO4Qg1BGE18VvYR09jacZK4GGilxZ1YgPk0qf
dEXtOMjLXABepJC4ko51HMsBAgfGNYoXae/xAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU7gnV2yjvJGnYejSNh6OfcHnfdgswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdnblYyeWp2SkduWWVq
U05oNk9mY0huZmRncy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAoxBQm/PfkZWL7KBbJU+AacvtAq7TNE3e
LB91e7e/f5l7cbfhqh7rlJC+5BaRnALyCkPHoiaRybEoIjC6megG7iIuzR0MQ3g/
HLUk3h90uIMVn4pZrKb1EzQgnvmpngcdCUwhDKpjFVAYr9hlyiLsRMTwLLS6He3F
nuFePAthphQZHB6pIRS/2TWtznnApASnLdj2Kw6su/B6hSXKgpIq26DloU2WZKyB
qkfr8LOIy5ZPxANaf+8fQAZD4xESab/6EcjK1jSVOP4EbOzTOY4Tavf0c8SIrqo+
legXDvIzxmjgBOumJv757KhoQMdlUtf4ntNIzsQoSsibmTrGZR7KqA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:08 2024 by rpki-client on console-fra.rpki-client.org