Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CacON-ntwucLcDxIwxybvmnHkek.roa
File: CacON-ntwucLcDxIwxybvmnHkek.roa (raw, json)
Hash identifier: MafpmFZRxQAhgl9oGlEgbSfHpsS+if+wZQvJXzHNxeE=
Subject key identifier: 09:A7:0E:37:E9:ED:C2:E7:0B:70:3C:48:C3:1C:9B:BE:69:C7:91:E9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33E6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CacON-ntwucLcDxIwxybvmnHkek.roa
Signing time: Thu 28 Mar 2024 18:52:02 +0000
ROA not before: Thu 28 Mar 2024 18:52:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13286 (0x33e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 18:52:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=09A70E37E9EDC2E70B703C48C31C9BBE69C791E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:12:23:3c:ed:20:4b:56:c7:07:0b:38:37:3e:
7c:fa:3e:a5:ee:bf:63:69:4e:5a:fd:64:80:41:99:
f8:f9:7e:5d:3a:e3:d6:09:67:0d:fd:c8:d0:72:a7:
10:f7:5c:a5:88:f1:0d:3e:b1:37:5a:ef:87:2e:37:
25:1a:b5:52:ba:ed:fc:e9:e0:fb:45:95:49:28:da:
c5:79:94:0c:24:8e:01:78:7f:52:a8:14:b0:40:d4:
cd:a4:77:4b:53:72:61:ed:93:17:25:0e:f2:a5:0f:
13:ae:56:c7:d2:79:56:dc:c0:40:c7:90:66:60:13:
e2:b0:ea:d4:d7:12:32:b4:f8:47:72:a1:5f:12:a5:
cc:e5:a8:e2:a6:b8:40:1a:38:a5:82:c3:c7:a7:6e:
af:aa:5d:b1:38:80:eb:3d:d6:e7:ca:7c:22:0a:79:
85:70:05:3a:7b:e1:06:ef:a6:c8:6c:00:d9:2c:9e:
16:75:e7:c1:b4:38:ae:c9:c7:e6:15:eb:91:00:6a:
1b:b7:57:c2:7b:c6:45:d3:0d:27:e8:82:6d:ca:b4:
12:81:da:5d:ca:ef:d1:02:78:35:68:30:76:09:37:
f4:04:87:ab:53:5e:93:c8:5b:5c:b4:8f:2c:fc:48:
b5:70:cb:28:94:a2:c0:86:62:d0:c6:62:37:a8:2f:
0e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A7:0E:37:E9:ED:C2:E7:0B:70:3C:48:C3:1C:9B:BE:69:C7:91:E9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CacON-ntwucLcDxIwxybvmnHkek.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:35:ab:9c:a4:75:fa:f3:4f:ce:b4:d8:07:59:b1:10:4d:ae:
c8:30:20:4a:1b:08:f0:6e:be:5b:db:87:b4:6d:fa:ee:3c:7e:
08:02:f0:b2:56:30:a5:34:ef:21:02:bd:68:96:4e:1c:a2:6b:
2c:b3:3b:90:4a:bc:da:c0:a7:d8:6e:50:1c:04:8a:50:33:d5:
49:95:49:c3:87:7a:f2:20:24:27:3c:85:89:4f:90:0f:6a:6f:
98:1c:40:c2:c8:d6:f5:76:3f:e3:cd:b1:54:91:b5:3c:f0:b2:
f9:45:c0:3f:53:28:74:c7:37:76:3a:d7:f4:3d:de:28:5e:d1:
ac:41:35:d8:94:61:ca:60:b6:cf:d3:05:3d:a3:c1:a2:7e:5d:
d5:bc:d5:50:51:d9:8a:de:9c:b5:1e:e9:e1:9e:64:e7:f0:5f:
8f:6b:ba:a9:54:ac:4b:67:19:60:4d:d7:33:90:27:9d:ac:31:
46:1a:d4:fe:8e:db:fd:19:04:06:19:23:21:92:88:00:64:8f:
7e:f5:2b:0e:50:d9:08:d7:3b:ae:60:66:ee:50:81:a1:88:a7:
bd:ed:bb:77:c4:21:4e:21:d4:5b:ba:fe:38:44:89:89:b8:84:
b9:aa:4c:1d:cb:b2:3f:d8:57:18:de:55:5b:80:45:39:29:79:
ed:3e:0e:00
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICM+YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgx
ODUyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA5QTcwRTM3RTlFREMy
RTcwQjcwM0M0OEMzMUM5QkJFNjlDNzkxRTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGEiM87SBLVscHCzg3Pnz6PqXuv2NpTlr9ZIBBmfj5fl0649YJ
Zw39yNBypxD3XKWI8Q0+sTda74cuNyUatVK67fzp4PtFlUko2sV5lAwkjgF4f1Ko
FLBA1M2kd0tTcmHtkxclDvKlDxOuVsfSeVbcwEDHkGZgE+Kw6tTXEjK0+EdyoV8S
pczlqOKmuEAaOKWCw8enbq+qXbE4gOs91ufKfCIKeYVwBTp74QbvpshsANksnhZ1
58G0OK7Jx+YV65EAahu3V8J7xkXTDSfogm3KtBKB2l3K79ECeDVoMHYJN/QEh6tT
XpPIW1y0jyz8SLVwyyiUosCGYtDGYjeoLw4DAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCacON+ntwucLcDxIwxybvmnHkekwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NhY09OLW50d3VjTGNE
eEl3eHlidm1uSGtlay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAYjWrnKR1+vNPzrTYB1mxEE2uyDAgShsI
8G6+W9uHtG367jx+CALwslYwpTTvIQK9aJZOHKJrLLM7kEq82sCn2G5QHASKUDPV
SZVJw4d68iAkJzyFiU+QD2pvmBxAwsjW9XY/482xVJG1PPCy+UXAP1ModMc3djrX
9D3eKF7RrEE12JRhymC2z9MFPaPBon5d1bzVUFHZit6ctR7p4Z5k5/Bfj2u6qVSs
S2cZYE3XM5AnnawxRhrU/o7b/RkEBhkjIZKIAGSPfvUrDlDZCNc7rmBm7lCBoYin
ve27d8QhTiHUW7r+OESJibiEuapMHcuyP9hXGN5VW4BFOSl57T4OAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:13 2024 by rpki-client on console-fra.rpki-client.org