Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/A3JOuZcQdQxNlag_syRW9OCu4UI.roa
File: A3JOuZcQdQxNlag_syRW9OCu4UI.roa (raw, json)
Hash identifier: vTRgW44bH5TENfsBZZvfTifWN7iehYh/HfiVAlkRWcY=
Subject key identifier: 03:72:4E:B9:97:10:75:0C:4D:95:A8:3F:B3:24:56:F4:E0:AE:E1:42
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 433A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/A3JOuZcQdQxNlag_syRW9OCu4UI.roa
Signing time: Thu 18 Apr 2024 05:22:59 +0000
ROA not before: Thu 18 Apr 2024 05:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17210 (0x433a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 05:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=03724EB99710750C4D95A83FB32456F4E0AEE142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:cc:4f:b5:bb:ac:2d:64:dc:53:21:b3:db:29:
2e:36:2e:7c:dc:3d:1b:cc:5d:9f:35:07:22:46:f8:
c9:5a:2c:1f:8f:ea:04:a9:63:90:85:0b:d3:e6:7a:
93:85:db:4d:a2:dc:72:02:de:67:b5:72:74:d5:47:
35:86:f5:bb:ef:38:7c:5c:45:59:11:76:9c:b8:5a:
b8:a1:25:3a:6c:31:a1:c5:e8:b4:21:dd:e6:7c:c4:
58:f2:d2:9c:c7:1c:93:56:ed:97:b3:7f:26:c5:42:
f3:9b:5e:08:17:5e:90:70:c2:06:30:7c:0c:db:09:
03:55:45:21:16:f9:5e:08:c7:81:30:2e:4e:70:6d:
60:e2:85:9d:37:cc:be:81:15:b6:b7:a6:43:a0:73:
54:b4:e4:ba:4c:c0:b7:3b:fe:b8:b1:fe:4d:30:3c:
36:0a:7f:f7:32:c4:94:37:a9:de:02:23:15:8d:82:
6e:2b:0c:de:f5:cc:08:db:7a:64:14:fa:87:55:87:
c8:43:ee:af:58:e9:94:98:52:a2:19:43:54:8a:c3:
3a:55:1b:c2:39:ac:b8:79:6b:dd:79:90:c0:59:b5:
bb:dc:55:f8:c9:11:1e:e4:62:99:e5:7c:ff:67:84:
42:df:34:40:ce:67:df:62:57:0f:c9:a7:40:e4:a3:
ff:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:72:4E:B9:97:10:75:0C:4D:95:A8:3F:B3:24:56:F4:E0:AE:E1:42
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/A3JOuZcQdQxNlag_syRW9OCu4UI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:ad:95:13:95:fb:9d:c2:8d:ce:c7:92:17:8b:d6:f5:b8:3f:
7f:b5:3f:6e:fd:4f:68:5d:4f:8c:cf:d2:46:88:5a:26:c1:2b:
ac:1e:14:88:40:bf:0b:af:cd:96:9d:18:94:52:69:d4:08:94:
57:d6:9a:63:dd:42:f3:81:6e:11:e0:5e:a9:58:a3:72:a9:5d:
4c:70:ba:77:7f:ab:56:92:d8:5e:e4:e6:62:19:9c:ee:2e:d9:
2f:02:9b:6e:05:df:e0:7d:df:6a:c9:11:1f:d2:5c:1e:aa:a6:
9c:d3:5d:88:18:67:74:a5:46:46:31:ab:cc:8d:df:ac:b3:cf:
03:f2:99:c9:2e:da:99:53:92:96:32:c1:59:ed:f6:5b:9a:d7:
51:ee:65:66:58:68:95:11:2c:e2:5d:d2:0e:4f:b5:46:cc:de:
68:e9:9b:4d:97:21:31:72:5e:39:c1:90:8a:4b:c6:ab:84:90:
fe:e5:ac:ea:72:8f:f4:b3:21:30:f7:a0:78:c2:40:da:b6:3a:
43:0d:e1:e8:b1:0f:97:26:0c:3a:cb:a7:52:1b:52:ad:15:29:
6b:cf:8c:0a:21:76:74:5a:71:90:74:fd:5d:54:c6:d8:f4:ed:
f1:a1:4c:54:0d:20:54:76:6a:a8:05:ae:13:47:34:98:67:48:
5c:8c:d9:cc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQzowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgw
NTIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAzNzI0RUI5OTcxMDc1
MEM0RDk1QTgzRkIzMjQ1NkY0RTBBRUUxNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuzE+1u6wtZNxTIbPbKS42LnzcPRvMXZ81ByJG+MlaLB+P6gSp
Y5CFC9PmepOF202i3HIC3me1cnTVRzWG9bvvOHxcRVkRdpy4WrihJTpsMaHF6LQh
3eZ8xFjy0pzHHJNW7ZezfybFQvObXggXXpBwwgYwfAzbCQNVRSEW+V4Ix4EwLk5w
bWDihZ03zL6BFba3pkOgc1S05LpMwLc7/rix/k0wPDYKf/cyxJQ3qd4CIxWNgm4r
DN71zAjbemQU+odVh8hD7q9Y6ZSYUqIZQ1SKwzpVG8I5rLh5a915kMBZtbvcVfjJ
ER7kYpnlfP9nhELfNEDOZ99iVw/Jp0Dko/+1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUA3JOuZcQdQxNlag/syRW9OCu4UIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0EzSk91WmNRZFF4Tmxh
Z19zeVJXOU9DdTRVSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEACa2VE5X7ncKNzseSF4vW9bg/f7U/bv1P
aF1PjM/SRohaJsErrB4UiEC/C6/Nlp0YlFJp1AiUV9aaY91C84FuEeBeqVijcqld
THC6d3+rVpLYXuTmYhmc7i7ZLwKbbgXf4H3faskRH9JcHqqmnNNdiBhndKVGRjGr
zI3frLPPA/KZyS7amVOSljLBWe32W5rXUe5lZlholREs4l3SDk+1RszeaOmbTZch
MXJeOcGQikvGq4SQ/uWs6nKP9LMhMPegeMJA2rY6Qw3h6LEPlyYMOsunUhtSrRUp
a8+MCiF2dFpxkHT9XVTG2PTt8aFMVA0gVHZqqAWuE0c0mGdIXIzZzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:10 2024 by rpki-client on console-fra.rpki-client.org