Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AOP00UQ6sGca_a_ZDn4A6B2hr2Y.roa
File: AOP00UQ6sGca_a_ZDn4A6B2hr2Y.roa (raw, json)
Hash identifier: yrFZAK9cEkGb4SKvcrK8zTduDW6PmaU5oHvvNJkOSIw=
Subject key identifier: 00:E3:F4:D1:44:3A:B0:67:1A:FD:AF:D9:0E:7E:00:E8:1D:A1:AF:66
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 566E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AOP00UQ6sGca_a_ZDn4A6B2hr2Y.roa
Signing time: Mon 13 May 2024 19:54:07 +0000
ROA not before: Mon 13 May 2024 19:54:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22126 (0x566e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 19:54:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=00E3F4D1443AB0671AFDAFD90E7E00E81DA1AF66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b4:7c:91:8b:ae:b0:25:b4:ba:01:44:64:fc:
d0:2c:41:e5:eb:9a:8e:48:94:19:ab:25:0a:f0:42:
a9:23:13:63:cb:ab:70:05:61:8d:09:b4:18:47:8b:
24:2b:1f:92:65:e4:a1:7e:ae:46:7e:97:fe:c6:0d:
c8:63:ae:8f:08:f3:c4:79:c1:54:af:84:b1:98:35:
f4:a7:0c:df:36:fb:bc:27:6d:13:71:d4:e1:c5:46:
dc:a4:23:43:5c:b3:97:8d:0a:19:05:2c:4a:02:91:
9d:6e:2a:e8:e1:33:45:e6:3f:4f:99:a5:91:5c:3d:
6d:02:e0:6a:be:4e:77:39:04:83:21:a3:98:56:4d:
9f:0a:0c:59:e1:ff:c8:b9:89:18:1b:8f:f2:c2:7a:
bd:1b:32:9e:8a:6c:50:25:b6:5a:7b:44:40:f6:4a:
11:a3:d0:d9:83:e0:91:e4:f3:63:9f:82:2f:cf:1f:
b8:17:99:ac:d7:17:b3:dd:d6:2b:60:54:6c:4b:fb:
4a:ae:9b:03:8d:27:78:bc:26:64:33:b0:af:da:74:
e7:41:98:2a:93:fe:f0:db:ed:57:31:c7:75:6e:1d:
24:62:27:11:3d:56:41:b3:a5:c1:55:de:ff:3a:90:
f3:ba:c6:e9:a6:b2:ba:44:aa:ad:c0:ca:da:46:6a:
d3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E3:F4:D1:44:3A:B0:67:1A:FD:AF:D9:0E:7E:00:E8:1D:A1:AF:66
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AOP00UQ6sGca_a_ZDn4A6B2hr2Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6c:41:8f:d3:41:b0:83:09:05:c2:45:ff:75:7a:b8:64:b9:b1:
0d:1f:80:13:f3:f2:33:31:47:ab:77:d6:b6:cb:70:81:ad:4c:
ee:f9:72:2a:1f:1b:72:5d:0e:7c:55:6c:1f:37:d6:07:77:65:
02:bd:13:1b:53:f9:4d:b9:18:f3:e3:7e:e5:d2:b8:20:0b:64:
73:28:3d:33:62:3d:9f:35:44:46:8d:36:3b:82:e8:b5:56:27:
f7:3d:5e:44:e4:cd:ff:d9:28:24:f6:68:ed:d1:4f:b1:79:b0:
05:d7:3d:9a:27:4b:21:8b:74:21:c0:a1:b3:7f:6d:ce:47:f8:
28:97:a0:50:b3:c4:cf:ce:a1:3b:2d:b8:0a:df:1c:8e:7c:96:
74:22:37:86:58:ef:b6:43:cd:79:44:f4:cd:82:fc:59:f0:40:
86:c8:db:92:69:da:8b:8e:76:1b:82:4c:cd:50:17:45:85:8c:
f8:c8:50:a8:22:85:44:ad:21:d1:42:aa:98:df:6e:e0:51:a0:
2b:fc:3f:db:d9:0f:e7:9d:9e:64:67:c1:6b:15:69:49:3f:13:
0b:db:b9:0f:34:cd:e5:cc:cd:ed:ea:e1:a2:4d:0e:81:54:c9:
c4:b8:f0:6b:e5:3c:93:24:a0:77:ff:9d:1b:db:2e:76:a1:35:
7b:94:3b:7c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVm4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMx
OTU0MDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAwRTNGNEQxNDQzQUIw
NjcxQUZEQUZEOTBFN0UwMEU4MURBMUFGNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCtHyRi66wJbS6AURk/NAsQeXrmo5IlBmrJQrwQqkjE2PLq3AF
YY0JtBhHiyQrH5Jl5KF+rkZ+l/7GDchjro8I88R5wVSvhLGYNfSnDN82+7wnbRNx
1OHFRtykI0Ncs5eNChkFLEoCkZ1uKujhM0XmP0+ZpZFcPW0C4Gq+Tnc5BIMho5hW
TZ8KDFnh/8i5iRgbj/LCer0bMp6KbFAltlp7RED2ShGj0NmD4JHk82Ofgi/PH7gX
mazXF7Pd1itgVGxL+0qumwONJ3i8JmQzsK/adOdBmCqT/vDb7Vcxx3VuHSRiJxE9
VkGzpcFV3v86kPO6xummsrpEqq3AytpGatNdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUAOP00UQ6sGca/a/ZDn4A6B2hr2YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FPUDAwVVE2c0djYV9h
X1pEbjRBNkIyaHIyWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAbEGP00GwgwkFwkX/dXq4ZLmxDR+AE/Py
MzFHq3fWtstwga1M7vlyKh8bcl0OfFVsHzfWB3dlAr0TG1P5TbkY8+N+5dK4IAtk
cyg9M2I9nzVERo02O4LotVYn9z1eROTN/9koJPZo7dFPsXmwBdc9midLIYt0IcCh
s39tzkf4KJegULPEz86hOy24Ct8cjnyWdCI3hljvtkPNeUT0zYL8WfBAhsjbkmna
i452G4JMzVAXRYWM+MhQqCKFRK0h0UKqmN9u4FGgK/w/29kP552eZGfBaxVpST8T
C9u5DzTN5czN7erhok0OgVTJxLjwa+U8kySgd/+dG9sudqE1e5Q7fA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:11 2024 by rpki-client on console-fra.rpki-client.org