Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CylGHaacVCJJqMsqae52hKHaeqw.roa
File: CylGHaacVCJJqMsqae52hKHaeqw.roa (raw, json)
Hash identifier: 8hSMmbcc48Qo+I91ouR+QJUMFn20xNK6bL/XkYagurI=
Subject key identifier: 0B:29:46:1D:A6:9C:54:22:49:A8:CB:2A:69:EE:76:84:A1:DA:7A:AC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F3E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CylGHaacVCJJqMsqae52hKHaeqw.roa
Signing time: Fri 12 Apr 2024 21:52:50 +0000
ROA not before: Fri 12 Apr 2024 21:52:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16190 (0x3f3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 21:52:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0B29461DA69C542249A8CB2A69EE7684A1DA7AAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:cf:de:e7:43:01:24:7a:c7:5b:ea:d8:04:f7:
97:02:0c:2d:dd:c7:f3:60:b4:ab:6f:ac:10:49:f4:
f1:fd:78:59:34:7a:cc:8f:f3:75:fc:a1:97:ee:68:
e5:6a:3e:49:e3:a7:4a:e5:42:64:57:86:aa:b8:fb:
d1:71:d1:8c:47:72:25:35:a7:24:02:0f:6b:95:00:
d6:7d:ab:0a:74:64:f9:58:7a:40:88:fa:83:60:9b:
be:99:3f:53:95:80:82:f6:fe:ee:c9:37:7e:b6:d9:
7f:7c:6d:ba:12:71:f9:90:44:e4:c3:67:84:c9:5c:
d1:d8:23:e6:6f:d2:a0:6b:62:9e:7f:67:a9:62:d2:
07:cb:b5:37:fe:74:0a:89:f3:fb:87:98:a7:7d:2a:
43:bf:73:b9:c2:39:a4:25:63:77:9f:b4:ca:7f:f9:
69:02:d6:d8:04:1e:8d:aa:7a:60:c2:0e:28:4d:09:
22:35:c3:f7:70:a3:bd:05:52:e7:27:38:92:52:84:
3c:97:3f:35:35:b3:ff:3e:82:cc:83:41:ae:c3:0f:
59:9c:f1:65:b8:4c:fa:25:73:12:5d:6a:a1:85:61:
bd:f2:d4:1c:0c:e6:a2:a9:7a:bf:dc:f1:9c:c7:3a:
d9:f2:f7:cd:71:fa:3d:5c:5d:f0:20:94:66:61:60:
7b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:29:46:1D:A6:9C:54:22:49:A8:CB:2A:69:EE:76:84:A1:DA:7A:AC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CylGHaacVCJJqMsqae52hKHaeqw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:1e:a9:74:fb:c7:b6:57:b6:cb:6e:89:93:ab:4b:18:c3:e2:
0b:fb:d5:1a:df:8b:5e:6b:33:ac:9e:2e:aa:b9:0b:0f:3d:2b:
55:83:ef:c1:f2:13:27:3d:fa:ac:1b:dc:fc:02:64:e1:92:6d:
ea:1e:1f:f7:30:53:41:e4:46:da:71:67:72:92:f3:c8:84:48:
0c:dd:ae:c3:e5:59:45:08:d3:a8:b7:c5:44:2b:fa:04:2a:4e:
9e:85:44:f7:55:39:6a:25:3d:58:ab:10:9b:93:8b:27:07:ab:
cb:f7:fe:4f:41:33:93:9e:06:4d:fa:ab:89:ee:be:27:dd:77:
7e:83:24:75:d3:33:f2:c2:41:34:1b:3a:8b:61:b0:70:64:6b:
12:5a:9a:56:72:e4:5a:5e:2c:6d:26:51:64:a9:56:38:04:82:
73:e0:4b:b8:c1:cf:91:af:1e:40:ec:64:b9:a9:85:87:e3:43:
fd:7f:9f:d6:85:36:1a:dd:c9:29:51:19:37:8b:38:ce:2c:f4:
9b:64:37:1b:c5:48:73:4a:e5:3c:25:56:30:d4:d9:26:1d:08:
f4:76:7e:3a:bb:b2:03:db:19:3c:83:f1:3f:5d:48:2f:a2:24:
47:28:b9:79:1b:fa:12:ae:05:87:c5:a7:50:07:51:70:b9:c3:
be:e8:80:45
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPz4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIy
MTUyNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBCMjk0NjFEQTY5QzU0
MjI0OUE4Q0IyQTY5RUU3Njg0QTFEQTdBQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQz97nQwEkesdb6tgE95cCDC3dx/NgtKtvrBBJ9PH9eFk0esyP
83X8oZfuaOVqPknjp0rlQmRXhqq4+9Fx0YxHciU1pyQCD2uVANZ9qwp0ZPlYekCI
+oNgm76ZP1OVgIL2/u7JN3622X98bboScfmQROTDZ4TJXNHYI+Zv0qBrYp5/Z6li
0gfLtTf+dAqJ8/uHmKd9KkO/c7nCOaQlY3eftMp/+WkC1tgEHo2qemDCDihNCSI1
w/dwo70FUucnOJJShDyXPzU1s/8+gsyDQa7DD1mc8WW4TPolcxJdaqGFYb3y1BwM
5qKper/c8ZzHOtny981x+j1cXfAglGZhYHs/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCylGHaacVCJJqMsqae52hKHaeqwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0N5bEdIYWFjVkNKSnFN
c3FhZTUyaEtIYWVxdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAeB6pdPvHtle2y26Jk6tLGMPiC/vVGt+L
XmszrJ4uqrkLDz0rVYPvwfITJz36rBvc/AJk4ZJt6h4f9zBTQeRG2nFncpLzyIRI
DN2uw+VZRQjTqLfFRCv6BCpOnoVE91U5aiU9WKsQm5OLJwery/f+T0Ezk54GTfqr
ie6+J913foMkddMz8sJBNBs6i2GwcGRrElqaVnLkWl4sbSZRZKlWOASCc+BLuMHP
ka8eQOxkuamFh+ND/X+f1oU2Gt3JKVEZN4s4ziz0m2Q3G8VIc0rlPCVWMNTZJh0I
9HZ+OruyA9sZPIPxP11IL6IkRyi5eRv6Eq4Fh8WnUAdRcLnDvuiARQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:24 2024 by rpki-client on console-ams.rpki-client.org