Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Dd2IGpwAh9BNFsbylAP18z9nPQY.roa
File: Dd2IGpwAh9BNFsbylAP18z9nPQY.roa (raw, json)
Hash identifier: u1YA/5KKTAilzXSxaRdHMpk5XK07sL1ONcwdnSYqbcE=
Subject key identifier: 0D:DD:88:1A:9C:00:87:D0:4D:16:C6:F2:94:03:F5:F3:3F:67:3D:06
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3572
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Dd2IGpwAh9BNFsbylAP18z9nPQY.roa
Signing time: Sat 30 Mar 2024 20:22:12 +0000
ROA not before: Sat 30 Mar 2024 20:22:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13682 (0x3572)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 20:22:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0DDD881A9C0087D04D16C6F29403F5F33F673D06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e5:3b:96:09:3a:a9:ae:47:28:52:4d:d3:25:
71:a0:7d:74:8b:02:c6:21:d6:c2:ca:fd:cc:f5:54:
a1:a5:ab:2e:61:42:d4:30:0e:dd:82:dd:74:ec:cb:
82:8f:9d:dc:ec:d2:0d:4f:65:81:38:a1:17:8b:75:
be:35:ed:51:7e:46:dd:fe:db:ad:46:47:35:a4:79:
72:95:6e:5e:d6:c6:de:92:95:82:03:71:19:d9:4c:
22:00:88:68:39:a6:3c:9b:09:66:5c:c8:ab:0b:4d:
51:af:ed:57:b8:6a:1a:20:fb:16:93:de:af:c4:3f:
04:a6:78:ad:2d:b6:80:93:cf:72:5b:ee:09:c4:0e:
42:88:6b:fb:15:29:5f:ab:6c:f7:d5:a9:b1:3a:06:
f9:53:a5:8f:10:50:1d:ba:60:61:d7:43:b0:d2:49:
81:2b:b1:ff:d0:b1:41:4f:dd:d2:4d:05:85:c4:e1:
97:f2:ed:0d:4c:64:2e:ae:f4:7c:40:dd:2a:08:eb:
9e:28:b7:7a:9d:6d:e4:79:95:13:dd:3f:9d:f9:3b:
8d:c9:ef:26:ab:a8:db:7f:35:22:d7:34:33:67:56:
53:4f:dd:01:87:e5:af:96:a3:55:6d:4d:74:d4:b3:
10:aa:2d:b2:2f:33:7a:fc:23:13:b5:6c:62:1d:2c:
ee:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:DD:88:1A:9C:00:87:D0:4D:16:C6:F2:94:03:F5:F3:3F:67:3D:06
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Dd2IGpwAh9BNFsbylAP18z9nPQY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:9f:a2:01:f9:00:1f:b9:fb:25:44:6c:c4:30:ae:7e:af:7d:
bb:59:ff:b6:9e:a3:4a:de:2f:ea:48:17:4c:f5:6b:a9:c3:35:
e0:e0:a8:9d:30:da:80:dd:76:86:93:3f:c9:66:98:7f:62:6d:
9f:62:8f:ca:de:39:64:35:fb:a3:11:f1:e2:ac:a5:1a:46:ac:
57:f5:63:15:30:c0:0e:25:e4:6f:56:1a:de:85:61:80:f0:9c:
41:7f:94:31:2a:aa:42:5d:3a:89:21:9f:27:54:df:a4:ac:4f:
de:b5:03:14:3e:a9:81:53:c9:42:ad:be:31:bf:5c:a3:d9:f6:
62:20:c9:7a:0c:ab:a1:29:25:8d:0a:af:50:9b:4b:95:0e:85:
68:b0:76:b6:bc:09:77:e6:a1:72:f7:3e:fe:0e:a8:2d:cd:e9:
de:d1:b3:b7:7c:27:79:7a:41:e1:e7:b9:63:14:24:c7:17:c1:
ad:33:73:62:ff:d7:af:1d:43:64:0b:8a:80:e3:7d:aa:03:c3:
71:82:75:81:fb:c5:71:db:79:e7:e1:41:a0:24:9b:e0:e0:41:
ab:a4:55:73:32:81:35:73:41:84:f4:cb:59:6b:23:da:2e:55:
f8:91:d6:f0:a1:a0:eb:75:7b:0f:a6:c6:26:13:ac:87:c3:30:
ff:c0:da:d3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAy
MDIyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBEREQ4ODFBOUMwMDg3
RDA0RDE2QzZGMjk0MDNGNUYzM0Y2NzNEMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX5TuWCTqprkcoUk3TJXGgfXSLAsYh1sLK/cz1VKGlqy5hQtQw
Dt2C3XTsy4KPndzs0g1PZYE4oReLdb417VF+Rt3+261GRzWkeXKVbl7Wxt6SlYID
cRnZTCIAiGg5pjybCWZcyKsLTVGv7Ve4ahog+xaT3q/EPwSmeK0ttoCTz3Jb7gnE
DkKIa/sVKV+rbPfVqbE6BvlTpY8QUB26YGHXQ7DSSYErsf/QsUFP3dJNBYXE4Zfy
7Q1MZC6u9HxA3SoI654ot3qdbeR5lRPdP535O43J7yarqNt/NSLXNDNnVlNP3QGH
5a+Wo1VtTXTUsxCqLbIvM3r8IxO1bGIdLO6vAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUDd2IGpwAh9BNFsbylAP18z9nPQYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RkMklHcHdBaDlCTkZz
YnlsQVAxOHo5blBRWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAjZ+iAfkAH7n7JURsxDCufq99u1n/tp6j
St4v6kgXTPVrqcM14OConTDagN12hpM/yWaYf2Jtn2KPyt45ZDX7oxHx4qylGkas
V/VjFTDADiXkb1Ya3oVhgPCcQX+UMSqqQl06iSGfJ1TfpKxP3rUDFD6pgVPJQq2+
Mb9co9n2YiDJegyroSkljQqvUJtLlQ6FaLB2trwJd+ahcvc+/g6oLc3p3tGzt3wn
eXpB4ee5YxQkxxfBrTNzYv/Xrx1DZAuKgON9qgPDcYJ1gfvFcdt55+FBoCSb4OBB
q6RVczKBNXNBhPTLWWsj2i5V+JHW8KGg63V7D6bGJhOsh8Mw/8Da0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:25 2024 by rpki-client on console-ams.rpki-client.org