Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GCtJm9F2iMlFQUkbAspVDycYg6s.roa
File: GCtJm9F2iMlFQUkbAspVDycYg6s.roa (raw, json)
Hash identifier: xq5ZnGcrSp4htDh9CKVc9FRigB/mulPEGpBuKCP4VAc=
Subject key identifier: 18:2B:49:9B:D1:76:88:C9:45:41:49:1B:02:CA:55:0F:27:18:83:AB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 38EE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GCtJm9F2iMlFQUkbAspVDycYg6s.roa
Signing time: Thu 04 Apr 2024 11:52:20 +0000
ROA not before: Thu 04 Apr 2024 11:52:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14574 (0x38ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 11:52:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=182B499BD17688C94541491B02CA550F271883AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cb:7c:9b:2c:e6:f2:4e:3d:78:06:30:ca:46:
d5:bf:57:c0:1b:18:72:30:43:87:fb:8c:5a:5b:8b:
ac:45:aa:e6:06:d9:c4:d8:96:b2:e3:2e:5d:9c:66:
34:08:4e:85:e7:6b:47:a2:9d:84:11:6b:0e:bd:5a:
3e:51:a5:15:5e:26:53:93:d7:b0:a6:f6:bf:44:f4:
a8:1f:90:81:3f:18:89:fa:60:47:de:74:f2:d9:6a:
de:40:4a:2d:ff:d0:88:5d:a2:98:f0:1a:82:aa:20:
7b:79:a2:68:12:be:58:a6:24:59:6b:0c:03:e1:ea:
83:b3:f2:4b:b8:8d:45:e5:3b:77:28:92:d4:4a:b6:
11:05:ee:bb:93:84:12:9a:9d:cc:f4:12:f4:6f:75:
e5:79:44:b0:79:23:36:14:00:12:11:a9:8d:84:fa:
99:e0:17:19:a9:57:f2:ed:df:6c:f4:f8:64:13:76:
14:f3:3a:9a:dd:5a:b0:b1:db:95:5a:5b:22:c6:65:
44:70:de:22:87:6d:29:b3:f3:01:6e:ef:56:0f:a3:
a7:ca:c7:a0:79:dc:5d:75:ca:47:1f:13:51:fc:a2:
32:d5:ac:80:62:42:06:2c:68:ff:f9:0e:47:88:51:
39:05:b2:a6:68:59:9b:4c:9a:e9:ba:5e:24:56:af:
2b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:2B:49:9B:D1:76:88:C9:45:41:49:1B:02:CA:55:0F:27:18:83:AB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GCtJm9F2iMlFQUkbAspVDycYg6s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8b:5c:56:81:a2:41:74:63:22:59:58:e3:10:7c:28:c5:2a:92:
e5:89:44:ae:c5:01:e2:12:c9:8f:cd:6d:c7:8e:54:e1:09:72:
99:78:7d:81:6d:3a:05:d4:11:f6:6e:4c:d7:e9:6e:76:85:3a:
fe:f8:ab:7c:5a:7a:88:17:18:6a:a7:1c:f1:5f:97:00:66:c4:
88:d1:4d:96:0a:9e:0d:d2:99:ac:2c:92:98:f5:ce:e9:d9:e7:
5c:2b:38:8e:ee:a6:97:bb:7f:a1:bd:d7:ea:91:ed:ae:36:99:
06:59:77:95:28:ec:39:ca:b5:c7:e5:cf:df:ba:b8:2c:15:6c:
4f:05:b5:70:81:65:82:cb:9e:8e:d5:a0:cb:ec:ec:dc:4b:aa:
4e:52:ea:71:b7:1e:dd:e2:e5:03:73:29:5a:29:91:71:32:67:
91:04:78:0f:43:97:67:90:ae:1e:98:6d:b4:94:03:8c:51:67:
47:59:00:13:63:be:bc:1d:b2:2f:4c:c1:df:c4:df:bb:41:10:
49:52:e5:a7:b1:f0:6c:4d:80:85:1c:5c:6d:10:3a:6f:07:e1:
a7:95:b1:da:23:91:94:ac:d6:f4:1d:04:10:b9:dc:5a:21:0b:
39:5d:e4:cd:df:db:e1:6e:a4:e1:86:ba:8a:cf:d5:7e:d7:78:
89:95:e1:3b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOO4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQx
MTUyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4MkI0OTlCRDE3Njg4
Qzk0NTQxNDkxQjAyQ0E1NTBGMjcxODgzQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGy3ybLObyTj14BjDKRtW/V8AbGHIwQ4f7jFpbi6xFquYG2cTY
lrLjLl2cZjQIToXna0einYQRaw69Wj5RpRVeJlOT17Cm9r9E9KgfkIE/GIn6YEfe
dPLZat5ASi3/0IhdopjwGoKqIHt5omgSvlimJFlrDAPh6oOz8ku4jUXlO3coktRK
thEF7ruThBKancz0EvRvdeV5RLB5IzYUABIRqY2E+pngFxmpV/Lt32z0+GQTdhTz
OprdWrCx25VaWyLGZURw3iKHbSmz8wFu71YPo6fKx6B53F11ykcfE1H8ojLVrIBi
QgYsaP/5DkeIUTkFsqZoWZtMmum6XiRWrytLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGCtJm9F2iMlFQUkbAspVDycYg6swHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dDdEptOUYyaU1sRlFV
a2JBc3BWRHljWWc2cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAi1xWgaJBdGMiWVjjEHwoxSqS5YlErsUB
4hLJj81tx45U4QlymXh9gW06BdQR9m5M1+ludoU6/virfFp6iBcYaqcc8V+XAGbE
iNFNlgqeDdKZrCySmPXO6dnnXCs4ju6ml7t/ob3X6pHtrjaZBll3lSjsOcq1x+XP
37q4LBVsTwW1cIFlgsuejtWgy+zs3EuqTlLqcbce3eLlA3MpWimRcTJnkQR4D0OX
Z5CuHphttJQDjFFnR1kAE2O+vB2yL0zB38Tfu0EQSVLlp7HwbE2AhRxcbRA6bwfh
p5Wx2iORlKzW9B0EELncWiELOV3kzd/b4W6k4Ya6is/Vftd4iZXhOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:16 2024 by rpki-client on console-fra.rpki-client.org