Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DjooI1WOQJzTR8SOZObu2pw0Q80.roa
File: DjooI1WOQJzTR8SOZObu2pw0Q80.roa (raw, json)
Hash identifier: QSNkM0eV1VbcGyiJG/+hbr3INvu99lNTOSjLlg2JxGw=
Subject key identifier: 0E:3A:28:23:55:8E:40:9C:D3:47:C4:8E:64:E6:EE:DA:9C:34:43:CD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4886
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DjooI1WOQJzTR8SOZObu2pw0Q80.roa
Signing time: Thu 25 Apr 2024 06:53:39 +0000
ROA not before: Thu 25 Apr 2024 06:53:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18566 (0x4886)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 06:53:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0E3A2823558E409CD347C48E64E6EEDA9C3443CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bd:83:66:f1:ae:c1:05:fc:ca:2e:5e:27:cb:
d9:04:49:6f:a3:b6:eb:1f:96:a1:5c:ee:08:1e:f1:
89:76:e7:a9:6f:c6:0e:1c:41:58:88:66:ad:56:25:
d8:f8:51:1a:8b:25:6f:7f:5b:4d:9c:8c:ee:bf:c3:
c6:f4:a3:8c:86:e2:44:07:87:19:ab:51:7c:83:86:
fd:5c:13:ee:2b:1a:68:2c:76:53:13:d4:5c:e6:fe:
4b:84:e8:13:42:1c:0c:09:82:c0:89:97:11:37:a6:
68:6f:3b:c5:38:6b:26:a3:1f:45:2c:ef:19:16:4d:
33:fc:7e:32:18:25:46:e5:13:42:b4:1f:45:2c:24:
c1:62:e8:00:bb:6a:f2:36:e4:87:ff:4b:93:fb:0b:
6d:45:2a:2e:e5:a7:2c:f9:e6:e8:97:c0:e1:e2:dc:
82:46:94:f9:27:78:f1:b6:62:3e:4f:85:9a:0b:cb:
e0:cc:60:69:59:7f:01:c4:e2:51:14:05:db:c3:fd:
21:13:62:4a:3d:01:f2:2e:0c:34:7e:fb:e2:44:e3:
4e:91:1c:da:28:f2:2b:3f:f9:be:9b:7d:65:1f:97:
94:a7:cd:7e:af:09:26:9f:58:f2:fc:45:52:e7:f8:
5a:9c:27:4e:64:a8:3c:32:0f:fe:56:9f:3d:d4:a5:
3f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:3A:28:23:55:8E:40:9C:D3:47:C4:8E:64:E6:EE:DA:9C:34:43:CD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DjooI1WOQJzTR8SOZObu2pw0Q80.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:2d:9b:8f:a9:a9:56:d1:50:d1:c1:ca:a5:67:96:89:db:e2:
4d:53:16:4d:f1:5b:e3:92:af:0a:03:01:c2:c6:a8:44:66:ef:
15:19:e1:35:82:60:a3:ef:d3:81:b1:af:19:bd:6a:05:bc:16:
af:ef:08:a3:e3:85:93:38:f2:b2:88:af:28:c8:87:19:82:bc:
db:be:89:35:3f:f0:50:61:b3:cb:1a:ea:a4:c0:97:82:e3:4e:
15:3d:67:15:db:db:9a:a1:e7:37:ea:73:bd:62:9b:06:b1:95:
0a:aa:12:24:97:73:c6:af:fd:80:43:53:e0:61:6c:8c:1d:a3:
3c:e4:56:45:7e:96:0a:6e:3b:7f:f7:a3:3e:d5:48:0f:b1:00:
1d:18:e1:14:9b:f7:0c:04:b8:54:e8:b2:73:09:13:75:5d:08:
f9:d9:2f:09:6d:1e:c3:ae:99:c2:74:6f:5d:8c:20:5c:a3:2c:
93:b7:c0:44:69:18:25:1f:81:63:4a:67:51:69:5e:2a:26:6b:
17:a4:fd:b6:9d:53:eb:e9:56:a1:b7:27:e3:68:49:3c:eb:6d:
d0:37:ef:30:6f:af:3a:95:04:4d:9c:19:2a:36:00:93:24:d6:
06:78:05:17:f1:b7:26:9b:ad:c2:57:0e:61:3a:df:36:fc:a1:
72:19:3c:48
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSIYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUw
NjUzMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBFM0EyODIzNTU4RTQw
OUNEMzQ3QzQ4RTY0RTZFRURBOUMzNDQzQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+vYNm8a7BBfzKLl4ny9kESW+jtusflqFc7gge8Yl256lvxg4c
QViIZq1WJdj4URqLJW9/W02cjO6/w8b0o4yG4kQHhxmrUXyDhv1cE+4rGmgsdlMT
1Fzm/kuE6BNCHAwJgsCJlxE3pmhvO8U4ayajH0Us7xkWTTP8fjIYJUblE0K0H0Us
JMFi6AC7avI25If/S5P7C21FKi7lpyz55uiXwOHi3IJGlPknePG2Yj5PhZoLy+DM
YGlZfwHE4lEUBdvD/SETYko9AfIuDDR+++JE406RHNoo8is/+b6bfWUfl5SnzX6v
CSafWPL8RVLn+FqcJ05kqDwyD/5Wnz3UpT9BAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUDjooI1WOQJzTR8SOZObu2pw0Q80wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Rqb29JMVdPUUp6VFI4
U09aT2J1MnB3MFE4MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAPS2bj6mpVtFQ0cHKpWeWidviTVMWTfFb
45KvCgMBwsaoRGbvFRnhNYJgo+/TgbGvGb1qBbwWr+8Io+OFkzjysoivKMiHGYK8
276JNT/wUGGzyxrqpMCXguNOFT1nFdvbmqHnN+pzvWKbBrGVCqoSJJdzxq/9gENT
4GFsjB2jPORWRX6WCm47f/ejPtVID7EAHRjhFJv3DAS4VOiycwkTdV0I+dkvCW0e
w66ZwnRvXYwgXKMsk7fARGkYJR+BY0pnUWleKiZrF6T9tp1T6+lWobcn42hJPOtt
0DfvMG+vOpUETZwZKjYAkyTWBngFF/G3JputwlcOYTrfNvyhchk8SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:14 2024 by rpki-client on console-fra.rpki-client.org