Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DRH9sBbtNmbbdFLgelaQBtOExXY.roa
File: DRH9sBbtNmbbdFLgelaQBtOExXY.roa (raw, json)
Hash identifier: 6cBhjlChe5S2dBKtN/w26AlHu8kLxwnDWrst6dgIwtY=
Subject key identifier: 0D:11:FD:B0:16:ED:36:66:DB:74:52:E0:7A:56:90:06:D3:84:C5:76
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B7E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DRH9sBbtNmbbdFLgelaQBtOExXY.roa
Signing time: Sun 07 Apr 2024 21:52:32 +0000
ROA not before: Sun 07 Apr 2024 21:52:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15230 (0x3b7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 21:52:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0D11FDB016ED3666DB7452E07A569006D384C576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5c:66:cf:db:54:af:2a:b5:6e:7f:20:64:c9:
23:a1:de:db:14:54:1a:d4:fc:e5:68:18:42:36:62:
60:45:d0:61:93:55:ee:51:df:b6:1f:0b:00:79:18:
30:cc:1e:19:20:0c:10:85:d0:d7:0f:12:95:af:94:
19:07:96:c5:bc:42:c6:99:75:e5:4e:d2:18:0e:ab:
3a:ab:f0:5a:2d:19:b5:6b:48:d2:6f:c5:3e:b1:11:
33:76:04:a6:d9:d9:d3:88:5d:a5:a1:ed:32:52:6f:
3a:02:2a:b5:03:2d:92:d1:ec:ff:e9:f3:e8:29:d7:
8d:fc:5a:c4:5a:d5:82:be:8c:eb:e6:ee:c6:30:29:
bf:8d:18:be:7d:c1:5f:41:c7:ed:da:01:d2:5e:28:
32:86:5e:3d:c8:af:98:f5:80:ba:bd:f4:30:52:06:
4e:68:8c:df:83:22:f8:b2:3e:7c:2e:d2:f5:63:28:
63:17:99:43:9f:a4:e1:35:e1:fb:26:60:42:e3:ca:
39:05:57:46:4c:91:f9:9c:60:60:e8:3c:ff:1e:a7:
c5:66:84:fd:b1:72:a0:ee:5d:d0:eb:a0:b1:dc:99:
0a:9b:23:58:fd:15:fd:47:30:6a:45:36:ea:f4:ce:
5d:b4:2f:11:af:dd:e0:93:4e:3d:01:98:6c:43:73:
25:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:11:FD:B0:16:ED:36:66:DB:74:52:E0:7A:56:90:06:D3:84:C5:76
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DRH9sBbtNmbbdFLgelaQBtOExXY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:be:8c:c0:e6:71:55:8f:b4:2c:33:c8:d0:41:6e:9b:1f:7b:
72:48:d6:1a:bc:d0:f8:2a:7e:ea:4d:f1:68:a3:fa:5e:d4:ef:
3b:5f:d8:cd:a5:f1:c4:04:8c:5b:2c:7e:a6:5a:f1:e0:65:5a:
ef:23:04:46:af:f9:95:c9:fa:f6:65:00:df:ad:23:6d:00:80:
9f:13:8d:4e:f3:fe:b5:c6:d7:22:24:e6:9a:23:5c:08:b8:72:
59:e4:47:61:52:d2:c4:49:7e:c9:cd:73:55:bf:04:cd:fb:f0:
65:49:d3:2c:83:0b:95:9f:f9:c8:b0:62:ce:9d:ae:04:35:cb:
d3:a5:7d:16:6c:6b:f0:45:29:9a:55:68:6f:f1:b1:90:4c:28:
3e:7c:99:ac:0c:94:c9:bc:f6:d7:73:7e:91:8e:12:f5:7a:74:
73:cd:34:c9:03:d4:09:ef:b3:d2:23:52:e1:8b:d0:6e:de:86:
7e:1b:f6:d0:66:10:0f:a1:b0:61:b0:7e:d3:70:9d:35:02:4c:
50:c9:e2:ed:c4:4a:ff:f8:14:aa:93:59:13:99:96:49:b1:89:
2b:9e:c7:f9:91:3c:cc:26:b6:85:42:a1:65:6a:74:a9:e7:4d:
12:9a:e1:9a:bb:8f:01:1a:5a:5e:f9:77:cb:e8:7f:2b:9e:d8:
51:3d:23:eb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICO34wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcy
MTUyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBEMTFGREIwMTZFRDM2
NjZEQjc0NTJFMDdBNTY5MDA2RDM4NEM1NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtXGbP21SvKrVufyBkySOh3tsUVBrU/OVoGEI2YmBF0GGTVe5R
37YfCwB5GDDMHhkgDBCF0NcPEpWvlBkHlsW8QsaZdeVO0hgOqzqr8FotGbVrSNJv
xT6xETN2BKbZ2dOIXaWh7TJSbzoCKrUDLZLR7P/p8+gp1438WsRa1YK+jOvm7sYw
Kb+NGL59wV9Bx+3aAdJeKDKGXj3Ir5j1gLq99DBSBk5ojN+DIviyPnwu0vVjKGMX
mUOfpOE14fsmYELjyjkFV0ZMkfmcYGDoPP8ep8VmhP2xcqDuXdDroLHcmQqbI1j9
Ff1HMGpFNur0zl20LxGv3eCTTj0BmGxDcyXrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUDRH9sBbtNmbbdFLgelaQBtOExXYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RSSDlzQmJ0Tm1iYmRG
TGdlbGFRQnRPRXhYWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEALL6MwOZxVY+0LDPI0EFumx97ckjWGrzQ
+Cp+6k3xaKP6XtTvO1/YzaXxxASMWyx+plrx4GVa7yMERq/5lcn69mUA360jbQCA
nxONTvP+tcbXIiTmmiNcCLhyWeRHYVLSxEl+yc1zVb8EzfvwZUnTLIMLlZ/5yLBi
zp2uBDXL06V9Fmxr8EUpmlVob/GxkEwoPnyZrAyUybz213N+kY4S9Xp0c800yQPU
Ce+z0iNS4YvQbt6Gfhv20GYQD6GwYbB+03CdNQJMUMni7cRK//gUqpNZE5mWSbGJ
K57H+ZE8zCa2hUKhZWp0qedNEprhmruPARpaXvl3y+h/K57YUT0j6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:24 2024 by rpki-client on console-ams.rpki-client.org