Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AvlzMwXj-Ao0Zgw1TrcOWcR-m7Y.roa
File: AvlzMwXj-Ao0Zgw1TrcOWcR-m7Y.roa (raw, json)
Hash identifier: L1qzWkySSSJvxelbQlen9P8xnk3f19k3IMJTcuhTyuM=
Subject key identifier: 02:F9:73:33:05:E3:F8:0A:34:66:0C:35:4E:B7:0E:59:C4:7E:9B:B6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 389A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AvlzMwXj-Ao0Zgw1TrcOWcR-m7Y.roa
Signing time: Thu 04 Apr 2024 01:22:23 +0000
ROA not before: Thu 04 Apr 2024 01:22:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14490 (0x389a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 01:22:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=02F9733305E3F80A34660C354EB70E59C47E9BB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:22:c1:de:54:ba:d7:4e:19:58:0a:d9:c5:2d:
da:e3:8e:02:13:05:89:2f:cf:9f:29:b5:2e:48:f5:
fe:c0:a7:99:f5:0a:e5:55:01:9a:55:c6:76:83:3c:
ca:6d:d5:e4:2e:6a:32:fd:7c:54:43:5b:58:7b:aa:
bf:6c:71:06:80:27:32:52:b6:e1:b9:ec:77:e9:b9:
25:e8:04:d4:d9:dc:59:7c:7e:3d:bd:b4:c8:89:fa:
50:cb:aa:c6:8b:2a:96:98:36:56:7b:dd:df:ba:6a:
83:c2:38:ba:72:63:d2:e3:98:7b:19:35:dc:f9:14:
ad:c2:3f:c6:a4:1f:5a:8d:4d:25:c7:2d:c8:be:d0:
3f:aa:47:b2:9c:cd:0a:7e:21:97:6b:ca:7d:86:d8:
09:fd:d0:83:b7:8f:28:7a:b7:cf:35:61:bb:8e:01:
51:f2:04:c8:42:be:9f:43:58:d4:9a:b8:a1:7f:25:
87:8e:eb:cb:29:7d:c0:8e:56:78:4f:05:c2:ef:bb:
dc:78:85:69:d5:fb:01:88:bc:8d:d2:e9:aa:4c:99:
2f:d6:da:c8:27:9e:e7:76:fe:e8:ae:f4:bf:98:f2:
7a:9f:ae:ca:27:d3:fc:73:51:f1:00:b6:b2:1b:cd:
7e:92:f9:b4:f8:39:30:6d:83:3a:90:fd:f7:df:8e:
48:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F9:73:33:05:E3:F8:0A:34:66:0C:35:4E:B7:0E:59:C4:7E:9B:B6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AvlzMwXj-Ao0Zgw1TrcOWcR-m7Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:74:f3:9d:a1:ee:ae:39:86:f4:bc:d9:7c:d7:12:92:6a:a0:
92:d8:4e:71:20:de:49:34:72:60:e2:d6:5a:ea:ff:ed:3b:11:
f4:be:13:e2:98:2a:b8:27:d5:07:34:64:62:08:5c:c0:63:d6:
2d:17:72:a8:2c:11:18:46:e2:e4:a6:d0:cf:98:bf:60:0b:9d:
4e:71:ab:fe:72:57:b1:42:2d:88:75:65:0b:8c:4c:c6:44:a9:
34:0b:43:02:85:1a:1e:04:b2:b3:27:08:bb:3f:e6:1e:2b:ed:
6f:33:d3:65:d4:8a:ac:66:48:c2:58:4d:f6:90:b6:42:42:ad:
45:98:de:fd:a0:8b:0b:b7:c1:8a:09:ca:ca:e3:34:74:bf:d4:
84:b2:41:74:4f:18:49:06:0e:f9:72:cf:4b:37:a8:07:3a:b4:
c1:1c:16:f9:cf:12:c0:27:d4:c3:47:b3:22:23:b0:d5:d0:2d:
9a:8c:68:e9:d4:bd:fd:f1:f9:fb:95:d5:c4:4b:6d:b8:8d:17:
0b:5c:07:d7:5f:ba:d5:15:2d:c0:07:3d:28:07:7a:5c:6c:b6:
92:4d:65:0a:c0:ca:42:70:ac:31:11:cf:44:fe:6e:bd:96:72:
cd:69:0b:12:b6:8d:ea:43:7b:c3:01:83:84:b4:9f:77:b3:6e:
b2:33:3c:56
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQw
MTIyMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAyRjk3MzMzMDVFM0Y4
MEEzNDY2MEMzNTRFQjcwRTU5QzQ3RTlCQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjIsHeVLrXThlYCtnFLdrjjgITBYkvz58ptS5I9f7Ap5n1CuVV
AZpVxnaDPMpt1eQuajL9fFRDW1h7qr9scQaAJzJStuG57HfpuSXoBNTZ3Fl8fj29
tMiJ+lDLqsaLKpaYNlZ73d+6aoPCOLpyY9LjmHsZNdz5FK3CP8akH1qNTSXHLci+
0D+qR7KczQp+IZdryn2G2An90IO3jyh6t881YbuOAVHyBMhCvp9DWNSauKF/JYeO
68spfcCOVnhPBcLvu9x4hWnV+wGIvI3S6apMmS/W2sgnnud2/uiu9L+Y8nqfrson
0/xzUfEAtrIbzX6S+bT4OTBtgzqQ/fffjkjDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUAvlzMwXj+Ao0Zgw1TrcOWcR+m7YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0F2bHpNd1hqLUFvMFpn
dzFUcmNPV2NSLW03WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEArXTznaHurjmG9LzZfNcSkmqgkthOcSDe
STRyYOLWWur/7TsR9L4T4pgquCfVBzRkYghcwGPWLRdyqCwRGEbi5KbQz5i/YAud
TnGr/nJXsUItiHVlC4xMxkSpNAtDAoUaHgSysycIuz/mHivtbzPTZdSKrGZIwlhN
9pC2QkKtRZje/aCLC7fBignKyuM0dL/UhLJBdE8YSQYO+XLPSzeoBzq0wRwW+c8S
wCfUw0ezIiOw1dAtmoxo6dS9/fH5+5XVxEttuI0XC1wH11+61RUtwAc9KAd6XGy2
kk1lCsDKQnCsMRHPRP5uvZZyzWkLEraN6kN7wwGDhLSfd7NusjM8Vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:22 2024 by rpki-client on console-ams.rpki-client.org