Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CITfvGFH-9AfGEXNENmfRrYOyfA.roa
File: CITfvGFH-9AfGEXNENmfRrYOyfA.roa (raw, json)
Hash identifier: 2sFjlfFcqQlTkJuIt0Xwkxzekyy8hQLGhOpvIG5WOKA=
Subject key identifier: 08:84:DF:BC:61:47:FB:D0:1F:18:45:CD:10:D9:9F:46:B6:0E:C9:F0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40D6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CITfvGFH-9AfGEXNENmfRrYOyfA.roa
Signing time: Mon 15 Apr 2024 00:53:00 +0000
ROA not before: Mon 15 Apr 2024 00:53:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16598 (0x40d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 00:53:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0884DFBC6147FBD01F1845CD10D99F46B60EC9F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:17:ef:28:62:50:a8:e0:c1:88:7c:eb:8c:c5:
50:c4:d9:72:0e:4d:97:27:43:5a:48:b5:05:a9:75:
1f:a9:07:84:30:4c:fe:34:fb:88:47:45:17:f7:da:
7d:a2:86:26:89:60:ed:2e:84:14:c1:f0:26:04:99:
1f:6d:45:07:a7:ae:1c:23:40:3f:41:83:40:7f:96:
27:0a:64:fe:6e:cf:c1:95:7b:dd:19:d1:b0:21:59:
3d:ca:25:2a:cb:9b:e4:2c:81:2e:13:e1:d0:45:9e:
9c:35:80:b4:54:ea:05:36:6c:16:20:2a:23:3f:75:
bc:01:2f:26:68:11:95:2c:ad:22:57:93:29:6e:2e:
b4:04:44:a3:ed:f9:e5:18:80:e0:7d:2a:7f:c3:11:
af:ff:5d:94:1e:8c:06:4b:52:66:71:e2:4c:a9:fe:
54:77:8a:c4:40:e9:31:fb:8c:9e:ee:da:b5:32:0f:
c8:f8:44:d2:26:cd:b4:cc:a6:0e:64:ef:d7:5a:25:
7a:23:48:29:bb:b2:9a:2d:d6:20:a6:ba:ec:f9:4e:
51:19:07:de:58:8a:14:81:b7:6f:81:7d:8f:8a:7c:
e9:d3:63:2a:bc:56:00:90:8b:a1:87:30:19:52:1d:
75:e6:3e:67:6d:fc:09:c5:71:cd:21:ee:76:90:52:
f7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:84:DF:BC:61:47:FB:D0:1F:18:45:CD:10:D9:9F:46:B6:0E:C9:F0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CITfvGFH-9AfGEXNENmfRrYOyfA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a3:aa:17:7b:72:83:a4:ee:d6:70:2a:dd:eb:ac:78:85:96:15:
5e:08:2a:95:ff:9a:fe:8b:a4:91:85:f2:31:02:7d:ad:66:1a:
6d:55:40:0e:41:5d:26:c2:83:aa:a2:e8:d2:8c:db:98:0e:07:
99:13:ff:bb:6b:2d:57:dc:c3:d6:95:71:4a:55:bf:f2:39:25:
7f:35:da:88:5b:3c:c2:da:2a:fb:98:a3:e5:0f:02:51:36:80:
ef:b7:1e:5d:16:f3:ed:e7:ba:11:03:bf:6f:a5:91:89:52:c2:
bf:11:47:24:04:56:1f:7e:c3:1a:06:c0:99:ba:3b:b0:fc:13:
bd:86:1b:a1:88:56:03:51:c7:94:fc:62:67:0b:a5:0c:7c:e5:
7b:db:70:76:6e:2b:c6:61:62:7e:5e:aa:58:61:37:8b:23:c2:
df:34:c4:76:82:c5:03:cb:70:c7:92:bb:de:2c:91:1a:d9:af:
9a:53:48:88:65:1e:d2:8b:f4:3b:8c:8f:cf:c3:45:e7:49:bc:
54:be:5f:43:2a:a0:74:20:20:2a:fc:49:94:ea:40:a2:e6:97:
70:b5:98:08:0c:19:a5:73:3f:d2:c3:60:b7:fa:c0:ae:0b:0b:
d7:35:37:52:62:3b:53:29:55:e9:8d:8e:d4:e9:fa:45:96:ee:
9b:7d:a3:cd
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQNYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
MDUzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA4ODRERkJDNjE0N0ZC
RDAxRjE4NDVDRDEwRDk5RjQ2QjYwRUM5RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNF+8oYlCo4MGIfOuMxVDE2XIOTZcnQ1pItQWpdR+pB4QwTP40
+4hHRRf32n2ihiaJYO0uhBTB8CYEmR9tRQenrhwjQD9Bg0B/licKZP5uz8GVe90Z
0bAhWT3KJSrLm+QsgS4T4dBFnpw1gLRU6gU2bBYgKiM/dbwBLyZoEZUsrSJXkylu
LrQERKPt+eUYgOB9Kn/DEa//XZQejAZLUmZx4kyp/lR3isRA6TH7jJ7u2rUyD8j4
RNImzbTMpg5k79daJXojSCm7spot1iCmuuz5TlEZB95YihSBt2+BfY+KfOnTYyq8
VgCQi6GHMBlSHXXmPmdt/AnFcc0h7naQUvfTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCITfvGFH+9AfGEXNENmfRrYOyfAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NJVGZ2R0ZILTlBZkdF
WE5FTm1mUnJZT3lmQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAo6oXe3KDpO7WcCrd66x4hZYVXggqlf+a
/oukkYXyMQJ9rWYabVVADkFdJsKDqqLo0ozbmA4HmRP/u2stV9zD1pVxSlW/8jkl
fzXaiFs8wtoq+5ij5Q8CUTaA77ceXRbz7ee6EQO/b6WRiVLCvxFHJARWH37DGgbA
mbo7sPwTvYYboYhWA1HHlPxiZwulDHzle9twdm4rxmFifl6qWGE3iyPC3zTEdoLF
A8twx5K73iyRGtmvmlNIiGUe0ov0O4yPz8NF50m8VL5fQyqgdCAgKvxJlOpAouaX
cLWYCAwZpXM/0sNgt/rArgsL1zU3UmI7UylV6Y2O1On6RZbum32jzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:13 2024 by rpki-client on console-fra.rpki-client.org