Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/99EJLyAiZ5rgy7Ijc9nfKReASqo.roa
File: 99EJLyAiZ5rgy7Ijc9nfKReASqo.roa (raw, json)
Hash identifier: SKGAcgY05t1xsVx2HkzASAwWQqhTlJlcYHwTz2O0NBI=
Subject key identifier: F7:D1:09:2F:20:22:67:9A:E0:CB:B2:23:73:D9:DF:29:17:80:4A:AA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3782
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/99EJLyAiZ5rgy7Ijc9nfKReASqo.roa
Signing time: Tue 02 Apr 2024 14:22:14 +0000
ROA not before: Tue 02 Apr 2024 14:22:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14210 (0x3782)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 14:22:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F7D1092F2022679AE0CBB22373D9DF2917804AAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7c:4f:2b:ee:68:df:50:63:87:dc:ba:51:fb:
89:74:82:ba:bb:2f:e8:59:c8:63:1d:c4:e1:90:58:
cf:d5:ac:7d:ff:72:fd:81:0f:66:aa:5f:fa:00:86:
00:90:c2:50:ff:48:9d:bd:a9:44:2e:10:20:d6:0b:
45:38:63:3b:25:f6:27:d4:62:2f:58:bd:fa:4d:06:
f6:ef:1a:1d:f1:19:a5:89:01:3c:9e:9f:2b:63:34:
e3:12:6b:fa:f5:6d:95:33:f9:5b:b9:e1:db:6b:78:
ea:ac:59:0c:ad:6f:a8:c7:5e:ed:ed:15:1f:9b:73:
a7:51:1d:c2:98:40:4c:15:dc:86:7b:06:e2:a2:a8:
22:dd:cb:24:74:a3:2a:f5:c4:a4:9f:04:e2:1b:35:
f3:51:17:9e:8f:db:e2:21:e2:33:b0:cc:98:41:70:
0a:df:d2:a1:f5:dd:e9:ab:8b:1d:7d:7f:3a:4d:5e:
59:b8:13:21:34:75:79:b3:e1:40:40:ee:ea:7e:a9:
27:12:6c:97:5b:22:e1:a3:b6:ab:12:28:56:fa:ea:
df:d4:8d:22:6a:89:2c:db:1b:8f:68:bc:99:e1:e0:
36:25:17:8b:1c:11:81:b6:95:a9:bf:bb:d8:8d:83:
52:0b:cc:df:b8:a3:aa:38:af:5d:8f:5d:ed:76:9a:
83:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D1:09:2F:20:22:67:9A:E0:CB:B2:23:73:D9:DF:29:17:80:4A:AA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/99EJLyAiZ5rgy7Ijc9nfKReASqo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:48:18:88:2d:08:6b:9c:19:b1:9e:a3:db:c5:34:55:54:69:
20:21:66:57:ac:fc:33:a8:1f:80:39:7a:60:8d:53:c7:c9:b5:
26:54:2a:43:cf:35:24:88:d3:42:8c:ef:f7:b2:8a:ef:4e:66:
d7:97:9a:1e:1a:37:00:ed:fe:43:b0:06:8e:92:fa:5d:a5:72:
44:9d:c8:1a:ec:90:5e:b4:80:82:cf:5e:88:ee:fa:e1:68:23:
14:eb:19:c9:3e:9c:e7:66:df:bc:c8:ca:46:a0:28:24:e0:e9:
9e:9e:5e:49:73:6e:c3:7b:2c:7a:ca:85:20:bd:33:9c:d7:ba:
83:61:9e:f0:dd:5c:a3:ba:87:4b:8c:20:8e:b8:93:86:37:8f:
9c:7a:6b:ee:e3:d1:a9:82:d9:24:c3:a7:2e:5b:9c:f7:06:f2:
85:a9:19:fd:b8:90:00:35:f9:b6:f1:fc:6a:6d:9c:eb:0a:2b:
32:1c:ab:1c:d3:0b:0c:a2:9a:37:87:ad:43:d3:3c:ae:07:12:
bf:6a:d5:e6:d4:0d:f4:79:a3:e8:d8:34:88:87:94:fd:e1:14:
77:9d:7b:98:c7:d3:f0:1a:17:40:93:a8:7f:43:6f:90:d3:86:
32:c3:b7:ca:af:0b:96:8b:a4:38:fa:a3:06:b5:f6:b8:92:63:
34:ec:c2:05
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICN4IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIx
NDIyMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY3RDEwOTJGMjAyMjY3
OUFFMENCQjIyMzczRDlERjI5MTc4MDRBQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZfE8r7mjfUGOH3LpR+4l0grq7L+hZyGMdxOGQWM/VrH3/cv2B
D2aqX/oAhgCQwlD/SJ29qUQuECDWC0U4Yzsl9ifUYi9YvfpNBvbvGh3xGaWJATye
nytjNOMSa/r1bZUz+Vu54dtreOqsWQytb6jHXu3tFR+bc6dRHcKYQEwV3IZ7BuKi
qCLdyyR0oyr1xKSfBOIbNfNRF56P2+Ih4jOwzJhBcArf0qH13emrix19fzpNXlm4
EyE0dXmz4UBA7up+qScSbJdbIuGjtqsSKFb66t/UjSJqiSzbG49ovJnh4DYlF4sc
EYG2lam/u9iNg1ILzN+4o6o4r12PXe12moOnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU99EJLyAiZ5rgy7Ijc9nfKReASqowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Lzk5RUpMeUFpWjVyZ3k3
SWpjOW5mS1JlQVNxby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAFkgYiC0Ia5wZsZ6j28U0VVRpICFmV6z8
M6gfgDl6YI1Tx8m1JlQqQ881JIjTQozv97KK705m15eaHho3AO3+Q7AGjpL6XaVy
RJ3IGuyQXrSAgs9eiO764WgjFOsZyT6c52bfvMjKRqAoJODpnp5eSXNuw3ssesqF
IL0znNe6g2Ge8N1co7qHS4wgjriThjePnHpr7uPRqYLZJMOnLluc9wbyhakZ/biQ
ADX5tvH8am2c6worMhyrHNMLDKKaN4etQ9M8rgcSv2rV5tQN9Hmj6Ng0iIeU/eEU
d517mMfT8BoXQJOof0NvkNOGMsO3yq8LloukOPqjBrX2uJJjNOzCBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:10 2024 by rpki-client on console-fra.rpki-client.org