Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/9GjK3Ace9Cw_xuAyDGcHT3aIqCA.roa
File: 9GjK3Ace9Cw_xuAyDGcHT3aIqCA.roa (raw, json)
Hash identifier: n8338E+sK9CIYnjLgtLM0jgk4nPByM+58S7OUDE8QFc=
Subject key identifier: F4:68:CA:DC:07:1E:F4:2C:3F:C6:E0:32:0C:67:07:4F:76:88:A8:20
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 421E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9GjK3Ace9Cw_xuAyDGcHT3aIqCA.roa
Signing time: Tue 16 Apr 2024 17:52:57 +0000
ROA not before: Tue 16 Apr 2024 17:52:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16926 (0x421e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 17:52:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F468CADC071EF42C3FC6E0320C67074F7688A820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:20:5c:36:43:3d:da:0f:f5:5d:24:f3:dd:53:
8a:77:0d:8a:bd:16:16:d0:08:b1:30:88:df:35:f5:
cc:03:42:c2:44:0f:41:bd:6a:a4:b6:85:55:8c:6b:
d3:fe:c5:70:7e:e4:50:c9:a2:6d:26:b8:d7:2c:67:
ef:02:54:26:f0:b8:91:2f:73:ca:e0:ee:6c:3e:61:
bc:42:1e:21:86:0d:f0:6c:36:2d:a4:b2:0e:83:da:
e1:5d:1d:ac:db:ab:a5:93:15:27:38:58:6d:14:38:
39:5d:5c:dc:4e:68:34:7c:0a:d9:3f:b0:2a:48:bf:
a8:5e:74:13:a1:c5:69:fd:4b:38:2b:6d:80:2d:1c:
22:97:70:6b:a0:fc:7c:b3:78:e9:ae:8c:b2:1c:64:
c6:00:9b:92:41:28:ab:28:6d:cb:5a:87:c1:0b:46:
36:12:f5:86:a8:03:87:f6:21:11:2c:c6:15:3f:ab:
72:13:e5:6d:c7:49:73:48:67:da:c8:bd:52:2a:4f:
a0:5c:a6:9f:47:d8:92:18:e4:60:b9:12:f3:ff:91:
ed:b0:02:44:00:dc:e1:22:3c:41:8f:10:15:99:e6:
33:96:7f:31:49:2d:2d:07:7f:61:3e:66:45:2e:ae:
b3:aa:8f:90:89:ec:d4:d0:76:44:83:2e:a6:6c:21:
08:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:68:CA:DC:07:1E:F4:2C:3F:C6:E0:32:0C:67:07:4F:76:88:A8:20
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9GjK3Ace9Cw_xuAyDGcHT3aIqCA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:bd:e7:ac:46:a8:8b:80:6c:f6:cc:18:8b:aa:94:6a:20:8e:
46:75:4a:b3:1a:e4:9e:fa:3d:c5:e9:cf:44:49:67:98:57:ae:
ac:4d:9f:59:48:5d:ee:ec:d3:6f:be:38:dc:58:be:57:a2:f8:
d6:17:22:df:bc:5e:aa:3f:67:7e:ee:d6:34:9a:54:9b:52:ac:
75:d0:6d:0c:a8:bd:12:1d:18:0f:22:1f:69:cf:93:80:4b:e7:
9a:00:ad:a2:67:86:73:59:0f:59:12:24:20:dc:b9:68:33:5d:
53:8a:e5:81:19:9e:f4:06:a1:4e:61:55:93:e9:4e:a3:45:29:
4b:a7:96:94:65:0a:bf:9a:a3:4f:bd:19:cf:f0:53:0e:d3:e0:
dd:2b:27:98:bc:7a:b9:76:06:b5:f6:c3:cd:bc:b6:d7:6e:0f:
12:7d:f2:00:90:7d:a4:1b:da:65:98:65:b5:27:e9:53:7f:e3:
ae:53:25:80:bc:f9:f1:ef:a2:3d:c5:98:7e:76:5c:b3:43:1b:
f7:74:e7:0a:ec:82:c8:e7:44:1e:50:78:11:fc:d0:84:5b:f4:
a1:95:47:dd:e7:3a:1d:d5:4e:df:09:e7:a2:a3:51:e1:64:2d:
6a:1b:1a:f4:5e:b8:59:97:89:ad:d0:b0:eb:8f:d4:c7:b9:a5:
43:89:80:a0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQh4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYx
NzUyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY0NjhDQURDMDcxRUY0
MkMzRkM2RTAzMjBDNjcwNzRGNzY4OEE4MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVIFw2Qz3aD/VdJPPdU4p3DYq9FhbQCLEwiN819cwDQsJED0G9
aqS2hVWMa9P+xXB+5FDJom0muNcsZ+8CVCbwuJEvc8rg7mw+YbxCHiGGDfBsNi2k
sg6D2uFdHazbq6WTFSc4WG0UODldXNxOaDR8Ctk/sCpIv6hedBOhxWn9SzgrbYAt
HCKXcGug/HyzeOmujLIcZMYAm5JBKKsobctah8ELRjYS9YaoA4f2IREsxhU/q3IT
5W3HSXNIZ9rIvVIqT6Bcpp9H2JIY5GC5EvP/ke2wAkQA3OEiPEGPEBWZ5jOWfzFJ
LS0Hf2E+ZkUurrOqj5CJ7NTQdkSDLqZsIQivAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9GjK3Ace9Cw/xuAyDGcHT3aIqCAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzlHakszQWNlOUN3X3h1
QXlER2NIVDNhSXFDQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAH73nrEaoi4Bs9swYi6qUaiCORnVKsxrk
nvo9xenPRElnmFeurE2fWUhd7uzTb7443Fi+V6L41hci37xeqj9nfu7WNJpUm1Ks
ddBtDKi9Eh0YDyIfac+TgEvnmgCtomeGc1kPWRIkINy5aDNdU4rlgRme9AahTmFV
k+lOo0UpS6eWlGUKv5qjT70Zz/BTDtPg3SsnmLx6uXYGtfbDzby2124PEn3yAJB9
pBvaZZhltSfpU3/jrlMlgLz58e+iPcWYfnZcs0Mb93TnCuyCyOdEHlB4EfzQhFv0
oZVH3ec6HdVO3wnnoqNR4WQtahsa9F64WZeJrdCw64/Ux7mlQ4mAoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:10 2024 by rpki-client on console-fra.rpki-client.org