Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/FSiPwSkpoDKxayVjj4idbZ7xf3k.roa
File: FSiPwSkpoDKxayVjj4idbZ7xf3k.roa (raw, json)
Hash identifier: B3mwETgpDEcQlmXqsr5S8q/WLiTgVPlmNipQt4aHhMs=
Subject key identifier: 15:28:8F:C1:29:29:A0:32:B1:6B:25:63:8F:88:9D:6D:9E:F1:7F:79
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B76
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FSiPwSkpoDKxayVjj4idbZ7xf3k.roa
Signing time: Sun 07 Apr 2024 20:52:33 +0000
ROA not before: Sun 07 Apr 2024 20:52:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15222 (0x3b76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 20:52:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=15288FC12929A032B16B25638F889D6D9EF17F79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cb:84:06:59:28:c9:ff:9d:cd:8c:3e:6a:82:
af:27:ef:c9:fb:b4:e2:05:f6:21:6f:9a:4f:ab:e1:
b6:2a:0e:86:a5:a7:03:06:8f:37:16:e9:1b:e2:6b:
ce:57:92:e3:02:34:f7:0c:44:98:7a:d0:d8:94:c6:
4e:14:0f:ab:7a:bd:5b:cd:83:73:90:57:c4:4c:92:
1b:9a:ab:7e:b8:6b:51:2e:64:94:ed:b7:1f:12:99:
ed:e9:3f:f7:48:d5:18:be:b0:37:77:22:72:ab:ef:
6c:2d:20:aa:5d:a4:0c:3d:da:d5:37:be:a2:e5:04:
c8:4d:94:9e:63:74:34:b4:81:9f:10:22:0f:3b:e6:
be:73:8f:72:58:dc:16:ef:ec:cd:04:4d:20:3b:b7:
a9:5f:97:01:8e:bb:dd:8e:f7:8a:ca:a1:94:6b:1a:
85:52:27:2c:61:c8:64:ff:b5:78:94:82:b3:8d:ca:
19:68:05:78:50:2d:dd:dd:b7:55:08:0d:fa:3e:c1:
66:a0:b4:9c:7b:1f:65:0f:4f:47:87:fb:a9:5c:50:
10:ac:1b:1c:f7:53:08:ac:26:ad:32:5b:45:cd:ce:
56:d0:89:be:f5:25:44:c7:54:25:8a:39:9b:09:7f:
11:b7:de:0b:0c:75:09:9c:4d:b8:fb:23:e1:12:fb:
c9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:28:8F:C1:29:29:A0:32:B1:6B:25:63:8F:88:9D:6D:9E:F1:7F:79
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FSiPwSkpoDKxayVjj4idbZ7xf3k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b8:24:3b:a1:67:6f:1b:e3:57:89:1d:60:74:5d:c1:1c:d6:72:
a7:73:b7:e8:63:0b:dc:a5:54:78:48:03:09:35:92:57:82:ec:
d4:0f:b2:38:84:bb:22:c6:aa:bb:d7:bd:a2:b3:2c:eb:83:c1:
bb:2a:89:48:36:ff:64:b9:5c:ef:25:51:6b:e2:ee:d5:69:6a:
64:8e:11:95:8d:9e:db:38:f3:8a:e9:1d:0f:68:c9:a6:7b:56:
fa:f0:f9:54:c8:8d:3a:7e:9a:20:c8:f1:82:71:46:ca:cc:c2:
90:5b:46:12:a9:81:00:be:cb:72:1d:36:5d:be:ac:fc:fb:9b:
3a:35:2c:22:7b:bf:c4:c0:c8:67:eb:5e:6b:32:10:f8:ba:52:
bb:19:e3:e5:e4:9f:02:62:7a:db:71:8d:39:3d:b3:c4:d6:89:
8c:3f:7c:bd:d7:03:fc:0c:7d:ac:ce:38:c3:5e:0a:15:6e:2c:
08:16:16:1d:6f:75:0e:dc:87:46:25:f9:98:37:a4:d8:ca:e9:
72:2f:8c:d0:b1:da:34:27:a8:74:92:29:68:54:99:a9:3e:b2:
61:bb:d6:c4:93:e3:b2:08:29:25:28:58:83:f7:13:14:ed:32:
fb:9c:d8:3f:08:d7:58:6c:0d:1d:c6:7c:53:8c:ef:98:2d:b4:
fc:8d:02:b0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICO3YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcy
MDUyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE1Mjg4RkMxMjkyOUEw
MzJCMTZCMjU2MzhGODg5RDZEOUVGMTdGNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBy4QGWSjJ/53NjD5qgq8n78n7tOIF9iFvmk+r4bYqDoalpwMG
jzcW6Rvia85XkuMCNPcMRJh60NiUxk4UD6t6vVvNg3OQV8RMkhuaq364a1EuZJTt
tx8Sme3pP/dI1Ri+sDd3InKr72wtIKpdpAw92tU3vqLlBMhNlJ5jdDS0gZ8QIg87
5r5zj3JY3Bbv7M0ETSA7t6lflwGOu92O94rKoZRrGoVSJyxhyGT/tXiUgrONyhlo
BXhQLd3dt1UIDfo+wWagtJx7H2UPT0eH+6lcUBCsGxz3UwisJq0yW0XNzlbQib71
JUTHVCWKOZsJfxG33gsMdQmcTbj7I+ES+8l9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUFSiPwSkpoDKxayVjj4idbZ7xf3kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZTaVB3U2twb0RLeGF5
VmpqNGlkYlo3eGYzay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAuCQ7oWdvG+NXiR1gdF3BHNZyp3O36GML
3KVUeEgDCTWSV4Ls1A+yOIS7Isaqu9e9orMs64PBuyqJSDb/ZLlc7yVRa+Lu1Wlq
ZI4RlY2e2zjziukdD2jJpntW+vD5VMiNOn6aIMjxgnFGyszCkFtGEqmBAL7Lch02
Xb6s/PubOjUsInu/xMDIZ+teazIQ+LpSuxnj5eSfAmJ623GNOT2zxNaJjD98vdcD
/Ax9rM44w14KFW4sCBYWHW91DtyHRiX5mDek2Mrpci+M0LHaNCeodJIpaFSZqT6y
YbvWxJPjsggpJShYg/cTFO0y+5zYPwjXWGwNHcZ8U4zvmC20/I0CsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:26 2024 by rpki-client on console-ams.rpki-client.org