Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/9r8JXxsQ1g9oFcMVCgiziZ6hcdQ.roa
File: 9r8JXxsQ1g9oFcMVCgiziZ6hcdQ.roa (raw, json)
Hash identifier: 7Npd897Jv80KYuMJs6NLZsXflrtQE6sRG237SEQ52IU=
Subject key identifier: F6:BF:09:5F:1B:10:D6:0F:68:15:C3:15:0A:08:B3:89:9E:A1:71:D4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47B2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9r8JXxsQ1g9oFcMVCgiziZ6hcdQ.roa
Signing time: Wed 24 Apr 2024 04:23:22 +0000
ROA not before: Wed 24 Apr 2024 04:23:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18354 (0x47b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 04:23:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F6BF095F1B10D60F6815C3150A08B3899EA171D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:37:7f:9e:b3:04:4f:cc:ad:8c:de:7d:3c:ec:
e0:7b:0f:22:f8:55:80:cd:e3:70:25:19:14:37:20:
f7:9a:f6:a0:28:39:a5:6c:08:34:9b:d2:be:8f:be:
51:72:a0:3c:25:13:80:e1:9f:37:8b:48:f8:23:27:
6f:aa:27:58:27:74:8f:93:ea:39:83:63:2e:ee:70:
b0:f2:11:71:8d:fc:ac:16:1b:8b:6d:41:59:a5:05:
86:3b:10:5d:03:45:a8:a8:3d:bf:c0:a7:b5:f6:6c:
69:d4:cb:e1:89:da:d8:29:e5:66:5b:b6:6e:2a:f3:
f4:a4:5a:21:95:c7:b1:fd:66:fc:fb:3d:e7:8d:f5:
87:b4:1e:c8:ab:6c:dd:98:25:c7:39:1a:57:da:47:
58:ee:91:9e:3c:5b:42:49:a8:69:97:26:81:9d:26:
af:ea:36:40:5a:52:69:70:41:ab:b7:1e:63:18:12:
7c:d1:5a:f6:bb:bd:3e:43:3b:5d:35:c0:63:7d:d4:
be:f8:34:83:16:92:7f:f3:fa:77:e7:61:96:be:7a:
1d:f0:28:ac:4e:16:78:b9:bf:f6:e6:8e:e7:43:06:
da:e9:e0:3c:6a:6c:0c:bb:d4:0b:cb:8e:03:74:fa:
91:c6:9d:7c:b0:08:a6:84:bc:3a:ae:9f:88:80:7f:
48:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:BF:09:5F:1B:10:D6:0F:68:15:C3:15:0A:08:B3:89:9E:A1:71:D4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9r8JXxsQ1g9oFcMVCgiziZ6hcdQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:61:33:8a:8a:0e:3b:fc:05:8c:d8:c0:da:73:29:1f:43:e5:
1f:49:0b:c8:48:c4:d9:39:0c:19:68:bd:c1:37:5b:e9:0b:dc:
4f:5f:42:f8:f2:8c:e0:a5:ce:94:77:1f:03:43:f8:52:39:b5:
f9:14:d1:b3:9f:fd:93:1f:65:ca:2b:f7:df:80:04:c7:f1:ca:
15:a0:43:23:2c:30:38:d9:dd:18:61:15:e3:ab:a7:0d:e8:d0:
20:0a:8c:52:a3:05:37:c3:3c:e8:fb:de:96:fa:24:c0:58:4f:
44:d0:67:7e:9e:2c:44:9c:ad:c8:4a:bb:be:d9:cf:89:5f:bd:
fa:81:02:62:24:04:07:2c:d7:1a:7a:7a:b4:bb:28:90:79:72:
81:49:2b:bb:08:c7:7b:a6:06:da:31:25:59:46:b3:fa:b4:ff:
d0:f9:1c:c2:43:b0:01:39:7e:a1:01:83:d5:ea:79:c0:9c:f7:
09:2b:49:d4:ee:16:e7:42:b0:d4:13:ea:bf:41:e1:ad:25:03:
e7:19:db:39:32:70:3c:f5:c4:d2:d7:62:0b:a9:8d:54:a1:61:
96:22:74:c7:c8:6e:29:34:f8:ec:e6:20:09:76:b8:3c:ec:21:
20:5e:e8:e5:15:8c:c4:d0:29:8b:77:32:c1:cd:06:e5:16:a4:
d7:eb:a2:a6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR7IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
NDIzMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY2QkYwOTVGMUIxMEQ2
MEY2ODE1QzMxNTBBMDhCMzg5OUVBMTcxRDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkN3+eswRPzK2M3n087OB7DyL4VYDN43AlGRQ3IPea9qAoOaVs
CDSb0r6PvlFyoDwlE4DhnzeLSPgjJ2+qJ1gndI+T6jmDYy7ucLDyEXGN/KwWG4tt
QVmlBYY7EF0DRaioPb/Ap7X2bGnUy+GJ2tgp5WZbtm4q8/SkWiGVx7H9Zvz7PeeN
9Ye0HsirbN2YJcc5GlfaR1jukZ48W0JJqGmXJoGdJq/qNkBaUmlwQau3HmMYEnzR
Wva7vT5DO101wGN91L74NIMWkn/z+nfnYZa+eh3wKKxOFni5v/bmjudDBtrp4Dxq
bAy71AvLjgN0+pHGnXywCKaEvDqun4iAf0iJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9r8JXxsQ1g9oFcMVCgiziZ6hcdQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzlyOEpYeHNRMWc5b0Zj
TVZDZ2l6aVo2aGNkUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEACGEziooOO/wFjNjA2nMpH0PlH0kLyEjE
2TkMGWi9wTdb6QvcT19C+PKM4KXOlHcfA0P4Ujm1+RTRs5/9kx9lyiv334AEx/HK
FaBDIywwONndGGEV46unDejQIAqMUqMFN8M86PvelvokwFhPRNBnfp4sRJytyEq7
vtnPiV+9+oECYiQEByzXGnp6tLsokHlygUkruwjHe6YG2jElWUaz+rT/0PkcwkOw
ATl+oQGD1ep5wJz3CStJ1O4W50Kw1BPqv0HhrSUD5xnbOTJwPPXE0tdiC6mNVKFh
liJ0x8huKTT47OYgCXa4POwhIF7o5RWMxNApi3cywc0G5Rak1+uipg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:10 2024 by rpki-client on console-fra.rpki-client.org