Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/F7Ni9Gg8EUju7P_JAb7lQ2hEvXY.roa
File: F7Ni9Gg8EUju7P_JAb7lQ2hEvXY.roa (raw, json)
Hash identifier: uf9yDgXYZu6NYVlQ2cg36FPhYjleiVXqnDn3Bz9Pi7U=
Subject key identifier: 17:B3:62:F4:68:3C:11:48:EE:EC:FF:C9:01:BE:E5:43:68:44:BD:76
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E56
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F7Ni9Gg8EUju7P_JAb7lQ2hEvXY.roa
Signing time: Thu 11 Apr 2024 16:52:47 +0000
ROA not before: Thu 11 Apr 2024 16:52:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15958 (0x3e56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 16:52:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=17B362F4683C1148EEECFFC901BEE5436844BD76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2f:e6:72:f1:a1:02:23:03:da:37:bc:eb:10:
b0:9f:81:55:1f:34:2e:c0:36:4d:22:94:7e:39:19:
64:d8:7d:13:d7:0b:67:22:c7:9a:cb:35:ad:c5:6e:
63:45:8d:c4:56:06:d5:18:49:2d:98:aa:aa:c3:64:
75:0f:7e:b0:53:56:69:4d:57:f2:ab:3d:e2:ca:5d:
00:aa:23:6c:e1:7d:7a:dd:c6:bc:68:3f:90:c1:62:
dd:b1:3f:b2:04:aa:6c:d9:b9:2d:12:6b:37:0f:e5:
7f:95:e5:f5:d7:f3:a0:58:09:cf:ab:9b:c4:b0:ee:
e9:c9:88:e5:8b:7a:05:54:f2:51:ce:38:f4:56:97:
41:ca:1a:a0:e7:ae:a2:02:4a:73:fc:04:86:2d:70:
e3:c3:d2:69:2e:6b:55:93:c1:89:0a:2b:1e:08:70:
97:d0:b1:b2:60:91:ef:a2:e9:39:d5:a4:ab:9a:b1:
13:e6:c0:6e:a0:f0:28:7b:94:11:3a:46:d6:43:9f:
65:15:ed:bc:26:2a:49:86:c6:0a:9d:5c:b7:aa:79:
df:de:0f:4b:e4:53:9f:04:45:79:36:97:35:03:4c:
9f:6c:28:78:4b:a0:61:22:e4:a3:d4:e8:7e:bd:96:
d5:40:7e:d8:34:85:a7:01:cc:50:1e:16:25:eb:54:
15:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B3:62:F4:68:3C:11:48:EE:EC:FF:C9:01:BE:E5:43:68:44:BD:76
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F7Ni9Gg8EUju7P_JAb7lQ2hEvXY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:c7:6a:2d:6f:d6:58:4d:32:60:6e:29:e4:98:14:52:9b:ad:
c1:07:8e:e3:d7:64:30:af:43:0f:9a:0e:1f:42:a4:26:c0:5c:
92:f4:94:d2:77:d9:e2:12:17:1c:ad:10:aa:1b:dc:04:87:8f:
f7:70:80:db:8b:01:0e:fe:be:02:9f:e3:73:18:44:91:72:9e:
0e:99:9a:76:2d:3e:e4:a3:31:c7:b7:f8:ca:5c:f3:c2:ab:84:
62:34:68:74:bf:72:88:11:0a:d0:31:5f:73:bc:87:22:87:10:
fd:00:67:7b:ed:30:7f:7f:d9:f6:0b:0a:f5:8f:5d:24:ad:2c:
aa:5e:09:70:1f:9a:16:93:ef:40:1f:ba:fe:c7:48:be:e2:81:
a2:e3:aa:f2:bd:a1:66:a2:b2:3a:87:8c:6e:f3:f3:38:36:ab:
31:e9:f7:12:ed:83:4c:9d:14:6b:60:da:91:f3:f4:7c:0b:24:
e3:3e:4c:4a:6b:4e:3b:20:9b:c9:d2:50:91:53:03:0b:f6:86:
40:17:36:24:1e:3e:4e:9c:5f:5e:40:56:bd:11:b4:02:0c:c0:
79:4d:fc:35:a5:e2:03:c5:3b:42:9b:1e:ef:74:b2:55:0d:aa:
63:95:7c:ce:52:41:e9:ea:1e:23:6c:9a:c3:26:66:51:f8:a2:
d3:0e:89:a7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPlYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEx
NjUyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE3QjM2MkY0NjgzQzEx
NDhFRUVDRkZDOTAxQkVFNTQzNjg0NEJENzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaL+Zy8aECIwPaN7zrELCfgVUfNC7ANk0ilH45GWTYfRPXC2ci
x5rLNa3FbmNFjcRWBtUYSS2YqqrDZHUPfrBTVmlNV/KrPeLKXQCqI2zhfXrdxrxo
P5DBYt2xP7IEqmzZuS0SazcP5X+V5fXX86BYCc+rm8Sw7unJiOWLegVU8lHOOPRW
l0HKGqDnrqICSnP8BIYtcOPD0mkua1WTwYkKKx4IcJfQsbJgke+i6TnVpKuasRPm
wG6g8Ch7lBE6RtZDn2UV7bwmKkmGxgqdXLeqed/eD0vkU58ERXk2lzUDTJ9sKHhL
oGEi5KPU6H69ltVAftg0hacBzFAeFiXrVBUHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUF7Ni9Gg8EUju7P/JAb7lQ2hEvXYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Y3Tmk5R2c4RVVqdTdQ
X0pBYjdsUTJoRXZYWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAp8dqLW/WWE0yYG4p5JgUUputwQeO49dk
MK9DD5oOH0KkJsBckvSU0nfZ4hIXHK0QqhvcBIeP93CA24sBDv6+Ap/jcxhEkXKe
Dpmadi0+5KMxx7f4ylzzwquEYjRodL9yiBEK0DFfc7yHIocQ/QBne+0wf3/Z9gsK
9Y9dJK0sql4JcB+aFpPvQB+6/sdIvuKBouOq8r2hZqKyOoeMbvPzODarMen3Eu2D
TJ0Ua2DakfP0fAsk4z5MSmtOOyCbydJQkVMDC/aGQBc2JB4+TpxfXkBWvRG0AgzA
eU38NaXiA8U7Qpse73SyVQ2qY5V8zlJB6eoeI2yawyZmUfii0w6Jpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:15 2024 by rpki-client on console-fra.rpki-client.org