Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/E6BL7p5KaG1tJALvNQJL9n-DBq0.roa
File: E6BL7p5KaG1tJALvNQJL9n-DBq0.roa (raw, json)
Hash identifier: Ho3jCtRfB7ZXwwGcSO2st+q1YEvQ501A//34cFuHxiw=
Subject key identifier: 13:A0:4B:EE:9E:4A:68:6D:6D:24:02:EF:35:02:4B:F6:7F:83:06:AD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3EA6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/E6BL7p5KaG1tJALvNQJL9n-DBq0.roa
Signing time: Fri 12 Apr 2024 02:52:48 +0000
ROA not before: Fri 12 Apr 2024 02:52:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16038 (0x3ea6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 02:52:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=13A04BEE9E4A686D6D2402EF35024BF67F8306AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d6:52:b8:b5:47:2f:54:84:68:4b:df:72:5b:
f6:45:49:d0:0d:0f:65:50:24:51:68:ff:42:97:12:
29:93:f2:6f:aa:f5:3c:2b:70:07:5a:8f:21:ae:df:
61:d5:ae:7a:65:dd:02:63:61:72:1c:91:39:a4:54:
f9:c4:c4:39:b9:26:49:91:ea:1f:e2:b7:ea:a1:69:
6a:91:b4:56:d3:12:31:d0:dd:5d:2d:29:3f:55:22:
ea:44:e8:3b:f0:2a:eb:ad:45:ac:47:cd:40:a0:50:
f5:77:81:c5:a4:83:d3:d8:ac:24:a3:b4:02:0a:67:
7d:13:57:85:36:18:83:39:2e:4b:65:10:c2:9f:93:
62:7e:6d:73:d0:3c:c4:2d:b7:9d:bb:cb:0e:4e:e2:
77:29:aa:8b:12:f3:b2:e1:a2:3c:7e:c3:77:b5:49:
ab:2b:dc:c6:b2:f1:0f:ae:65:fa:7e:16:2e:d2:9a:
35:e9:ed:6a:55:55:f5:c5:aa:d6:cf:ba:8e:1b:f4:
78:5a:e7:eb:30:0b:93:fe:8e:91:a6:35:5d:fb:58:
48:e6:8f:9e:22:60:dd:cc:7f:34:f3:8a:49:cd:1b:
28:f1:4f:bb:38:0c:2a:f3:36:89:24:80:1f:a0:f0:
de:b3:44:0f:9a:43:ef:3a:a8:e6:ab:b8:76:64:d2:
bb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:A0:4B:EE:9E:4A:68:6D:6D:24:02:EF:35:02:4B:F6:7F:83:06:AD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/E6BL7p5KaG1tJALvNQJL9n-DBq0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:ca:ee:af:62:04:d0:a8:06:66:2b:c3:c0:42:89:f2:29:59:
09:1f:a9:ee:97:81:cc:78:c5:1b:36:73:9f:88:ae:72:90:b6:
f0:e0:c9:0a:cf:f9:8b:d4:f9:df:41:13:e8:c3:cd:c7:64:55:
33:1e:9d:1a:27:85:65:ed:75:52:ad:94:2d:b3:8c:b2:2e:4b:
70:ab:78:68:3d:13:12:3c:c0:8e:ab:5e:36:91:2d:21:ea:cb:
01:f9:9c:9f:ff:48:70:cc:9e:63:0e:47:8a:b8:b2:63:b5:92:
a0:06:ba:c5:6b:27:df:33:8e:47:7f:20:36:a0:a9:13:eb:19:
e0:38:a2:4b:2c:06:90:a7:ac:18:f9:f8:21:6a:e9:0e:b1:19:
e9:66:50:5c:99:df:5b:52:58:4b:fc:fc:67:ea:0d:cd:33:09:
e6:32:e2:fa:7e:02:ad:42:3b:23:28:63:f4:89:41:1c:8a:29:
dc:88:ac:cc:09:81:ca:88:eb:f3:aa:25:a7:6d:53:a5:c8:ed:
c1:f7:6a:f5:d3:2b:37:c1:41:ab:a9:18:d6:ef:d2:73:f9:5b:
ce:2f:09:af:94:bd:eb:25:0c:b5:59:ca:16:ef:3f:88:8b:f4:
7a:43:83:b4:c5:58:31:e6:92:4f:f9:f6:ae:18:02:a7:7a:63:
9f:80:c0:43
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPqYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIw
MjUyNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEzQTA0QkVFOUU0QTY4
NkQ2RDI0MDJFRjM1MDI0QkY2N0Y4MzA2QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC21lK4tUcvVIRoS99yW/ZFSdAND2VQJFFo/0KXEimT8m+q9Twr
cAdajyGu32HVrnpl3QJjYXIckTmkVPnExDm5JkmR6h/it+qhaWqRtFbTEjHQ3V0t
KT9VIupE6DvwKuutRaxHzUCgUPV3gcWkg9PYrCSjtAIKZ30TV4U2GIM5LktlEMKf
k2J+bXPQPMQtt527yw5O4ncpqosS87Lhojx+w3e1Sasr3May8Q+uZfp+Fi7SmjXp
7WpVVfXFqtbPuo4b9Hha5+swC5P+jpGmNV37WEjmj54iYN3MfzTziknNGyjxT7s4
DCrzNokkgB+g8N6zRA+aQ+86qOaruHZk0rulAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUE6BL7p5KaG1tJALvNQJL9n+DBq0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0U2Qkw3cDVLYUcxdEpB
THZOUUpMOW4tREJxMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAqsrur2IE0KgGZivDwEKJ8ilZCR+p7peB
zHjFGzZzn4iucpC28ODJCs/5i9T530ET6MPNx2RVMx6dGieFZe11Uq2ULbOMsi5L
cKt4aD0TEjzAjqteNpEtIerLAfmcn/9IcMyeYw5HiriyY7WSoAa6xWsn3zOOR38g
NqCpE+sZ4DiiSywGkKesGPn4IWrpDrEZ6WZQXJnfW1JYS/z8Z+oNzTMJ5jLi+n4C
rUI7Iyhj9IlBHIop3IiszAmByojr86olp21Tpcjtwfdq9dMrN8FBq6kY1u/Sc/lb
zi8Jr5S96yUMtVnKFu8/iIv0ekODtMVYMeaST/n2rhgCp3pjn4DAQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:14 2024 by rpki-client on console-fra.rpki-client.org