Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/A4LXahgc07sMel3Bov0r8hZlFnY.roa
File: A4LXahgc07sMel3Bov0r8hZlFnY.roa (raw, json)
Hash identifier: kt9E4Bw7GyDUWNKctdQZi9ypJnew1HaRphfdm6urgqs=
Subject key identifier: 03:82:D7:6A:18:1C:D3:BB:0C:7A:5D:C1:A2:FD:2B:F2:16:65:16:76
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4312
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/A4LXahgc07sMel3Bov0r8hZlFnY.roa
Signing time: Thu 18 Apr 2024 00:22:59 +0000
ROA not before: Thu 18 Apr 2024 00:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17170 (0x4312)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 00:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0382D76A181CD3BB0C7A5DC1A2FD2BF216651676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a3:95:0e:47:8b:ea:ef:a5:6d:f7:43:d9:68:
7e:00:41:e9:2f:5a:1f:c7:bf:70:03:27:a7:7d:94:
36:de:31:ec:1e:f4:91:25:e1:a3:73:7b:3b:ea:cb:
88:53:3c:90:82:92:90:39:e3:e2:16:e7:1c:c9:02:
7a:04:5a:12:a0:65:62:b5:a1:27:6a:1f:a4:f4:38:
5d:30:aa:be:6c:24:b7:00:be:74:ba:6e:6b:07:f6:
55:ec:49:b0:e6:4b:f3:64:3f:73:06:9d:d6:f4:9b:
2a:0c:20:0f:78:34:0c:a4:82:27:1d:03:58:9f:a4:
08:c3:6a:e1:b0:a5:bc:04:75:3f:33:69:98:ac:be:
d8:14:23:cf:95:97:96:3c:4f:a5:fb:b9:27:86:d4:
5d:4f:74:54:43:9e:cd:21:22:28:e8:a2:c7:e8:42:
a0:80:a3:eb:f2:71:4c:87:63:90:80:35:0a:59:f7:
b6:c7:a1:f5:8a:16:81:35:9d:d2:e0:23:c8:82:af:
0d:f5:8d:41:50:32:68:43:ed:be:ac:84:99:4c:0c:
4d:a9:e4:22:ca:99:e4:62:86:90:ce:e8:be:30:d7:
14:29:7e:fc:9a:a0:c1:de:4d:65:62:23:7c:98:93:
15:2c:81:d8:f9:e9:dd:2a:d0:8d:4c:d9:ae:1c:71:
15:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:82:D7:6A:18:1C:D3:BB:0C:7A:5D:C1:A2:FD:2B:F2:16:65:16:76
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/A4LXahgc07sMel3Bov0r8hZlFnY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:8f:03:bd:7f:ed:b2:19:48:60:60:e7:6d:f6:ad:76:82:7c:
37:2d:fe:7d:9c:72:96:5f:71:b4:76:ce:bc:60:ec:0d:cd:aa:
9f:b8:e8:b5:b9:09:e2:55:cc:0c:74:4b:0c:3f:c5:2d:c5:24:
fe:8c:01:58:3a:43:20:1d:9b:d4:d0:b5:cd:39:17:60:21:da:
9c:91:81:45:ae:00:d1:fe:36:d0:99:1e:eb:ff:61:cc:08:6c:
4b:16:73:25:26:95:07:8e:ae:65:37:5d:16:e7:81:f9:cd:69:
15:ee:28:3d:47:7a:d7:b8:a4:8d:8b:8a:71:fa:b4:04:9b:47:
0b:76:ed:3e:1b:39:52:f4:32:c1:d7:0d:f9:d3:f9:d5:45:d2:
f2:c4:38:8b:25:97:4a:8e:a1:17:19:53:aa:6a:3f:89:b1:c4:
1b:41:5a:16:1c:fa:60:83:b9:0d:ba:9c:e1:4a:a8:7a:a4:4a:
f4:c1:33:3d:a0:d7:1a:59:3c:83:b0:f6:aa:07:59:19:56:95:
08:ba:ed:90:3f:bc:29:66:ac:cb:d1:7f:d4:ca:1f:24:0a:a7:
cb:04:97:91:05:c5:8f:92:0c:d6:6c:3b:55:7c:e6:8c:a7:8d:
7c:a3:95:9e:fc:61:b1:69:7a:a6:d8:d4:34:f7:f4:20:a8:b4:
3f:9e:85:36
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQxIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgw
MDIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAzODJENzZBMTgxQ0Qz
QkIwQzdBNURDMUEyRkQyQkYyMTY2NTE2NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDo5UOR4vq76Vt90PZaH4AQekvWh/Hv3ADJ6d9lDbeMewe9JEl
4aNzezvqy4hTPJCCkpA54+IW5xzJAnoEWhKgZWK1oSdqH6T0OF0wqr5sJLcAvnS6
bmsH9lXsSbDmS/NkP3MGndb0myoMIA94NAykgicdA1ifpAjDauGwpbwEdT8zaZis
vtgUI8+Vl5Y8T6X7uSeG1F1PdFRDns0hIijoosfoQqCAo+vycUyHY5CANQpZ97bH
ofWKFoE1ndLgI8iCrw31jUFQMmhD7b6shJlMDE2p5CLKmeRihpDO6L4w1xQpfvya
oMHeTWViI3yYkxUsgdj56d0q0I1M2a4ccRXHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUA4LXahgc07sMel3Bov0r8hZlFnYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0E0TFhhaGdjMDdzTWVs
M0JvdjByOGhabEZuWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAOI8DvX/tshlIYGDnbfatdoJ8Ny3+fZxy
ll9xtHbOvGDsDc2qn7jotbkJ4lXMDHRLDD/FLcUk/owBWDpDIB2b1NC1zTkXYCHa
nJGBRa4A0f420Jke6/9hzAhsSxZzJSaVB46uZTddFueB+c1pFe4oPUd617ikjYuK
cfq0BJtHC3btPhs5UvQywdcN+dP51UXS8sQ4iyWXSo6hFxlTqmo/ibHEG0FaFhz6
YIO5Dbqc4UqoeqRK9MEzPaDXGlk8g7D2qgdZGVaVCLrtkD+8KWasy9F/1MofJAqn
ywSXkQXFj5IM1mw7VXzmjKeNfKOVnvxhsWl6ptjUNPf0IKi0P56FNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:10 2024 by rpki-client on console-fra.rpki-client.org