Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GEUMjbLpz0ji9w3vBNCgi9sZ1kw.roa
File: GEUMjbLpz0ji9w3vBNCgi9sZ1kw.roa (raw, json)
Hash identifier: S/E6u+5pwm/WzRPFawfDXbwWvcxQTZXWE5zmZdOO/d8=
Subject key identifier: 18:45:0C:8D:B2:E9:CF:48:E2:F7:0D:EF:04:D0:A0:8B:DB:19:D6:4C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37EE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GEUMjbLpz0ji9w3vBNCgi9sZ1kw.roa
Signing time: Wed 03 Apr 2024 03:52:17 +0000
ROA not before: Wed 03 Apr 2024 03:52:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14318 (0x37ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 03:52:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=18450C8DB2E9CF48E2F70DEF04D0A08BDB19D64C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6a:43:68:c9:85:00:df:a2:2b:83:9f:ed:c2:
18:bf:2e:3f:eb:85:ea:f9:a0:1b:ef:81:82:b2:f5:
2b:b2:f4:8e:16:06:2d:57:e0:86:bf:9c:db:1f:d5:
16:bf:2a:f7:f1:2e:dd:29:15:88:df:7f:fc:6b:48:
f2:1a:fc:02:23:cc:94:14:ce:09:32:8f:dc:cb:3d:
bf:dd:8e:c4:97:79:e5:da:2e:06:c5:63:19:54:56:
5e:e4:a6:f4:b4:80:31:43:a1:f3:8c:24:b6:02:04:
9b:b9:12:57:70:b1:05:58:17:2b:45:99:a5:64:ea:
74:eb:3f:eb:81:5f:96:52:97:3f:16:dd:87:ea:41:
45:4a:4e:6d:77:34:31:c2:5c:c2:b2:62:aa:f6:d4:
21:57:b5:00:cf:10:59:1a:5b:fc:33:d3:21:ee:cc:
a7:59:47:43:fc:b0:59:ba:58:38:13:d1:62:24:64:
be:74:32:0c:8b:56:da:9d:98:3c:d9:06:5c:4b:6c:
5c:18:38:aa:d0:37:d4:eb:a5:08:cb:52:f0:a5:6f:
d1:70:c7:a7:35:6b:ea:da:46:e4:9f:f6:e8:7e:cf:
ff:e6:b5:08:03:ca:0e:30:a4:6a:7f:5e:14:33:92:
43:a0:e9:d3:d5:20:0a:5d:bf:61:df:27:a5:bb:56:
f7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:45:0C:8D:B2:E9:CF:48:E2:F7:0D:EF:04:D0:A0:8B:DB:19:D6:4C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GEUMjbLpz0ji9w3vBNCgi9sZ1kw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:fc:4f:50:fa:e6:a8:c7:04:c3:17:c7:7f:b3:50:90:ca:6c:
fc:10:d2:18:d4:f8:fc:47:71:47:fa:a2:0b:2a:a9:5c:7f:cb:
35:5a:bb:5b:87:3c:b6:66:c0:e0:48:bf:dc:a3:44:d4:3e:84:
63:60:a9:13:17:5f:a0:70:1b:9d:cb:bd:40:e4:f3:ef:eb:a0:
53:ed:99:87:76:dd:df:4c:52:44:f5:4a:cb:2b:e1:22:e0:4a:
20:c7:9f:df:a7:0e:8d:10:e2:64:a5:45:3f:85:53:ec:c2:9f:
a3:61:82:15:81:de:e1:27:ff:4f:da:c1:c8:ae:51:49:a7:0d:
f1:0c:ce:10:ed:03:20:9e:84:98:4c:48:0b:21:87:f7:11:13:
a3:02:b0:f0:65:7b:dc:e7:75:b6:86:41:51:57:df:fc:16:8d:
8b:85:63:be:aa:fe:5d:74:20:d5:4a:1c:5a:2d:79:43:ac:45:
01:61:38:ba:ba:45:09:a6:61:62:74:6b:c1:be:78:ac:3c:ec:
0e:6b:1d:a8:15:ea:a6:b7:32:70:41:d0:f2:69:6b:77:b1:82:
41:45:11:fb:d9:7a:10:4d:fe:da:98:d5:f1:28:e9:f5:d5:7a:
e5:0d:9a:aa:03:58:f3:7d:ea:1e:25:fa:45:84:5d:05:aa:c2:
d0:40:30:de
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICN+4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
MzUyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4NDUwQzhEQjJFOUNG
NDhFMkY3MERFRjA0RDBBMDhCREIxOUQ2NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHakNoyYUA36Irg5/twhi/Lj/rher5oBvvgYKy9Suy9I4WBi1X
4Ia/nNsf1Ra/KvfxLt0pFYjff/xrSPIa/AIjzJQUzgkyj9zLPb/djsSXeeXaLgbF
YxlUVl7kpvS0gDFDofOMJLYCBJu5EldwsQVYFytFmaVk6nTrP+uBX5ZSlz8W3Yfq
QUVKTm13NDHCXMKyYqr21CFXtQDPEFkaW/wz0yHuzKdZR0P8sFm6WDgT0WIkZL50
MgyLVtqdmDzZBlxLbFwYOKrQN9TrpQjLUvClb9Fwx6c1a+raRuSf9uh+z//mtQgD
yg4wpGp/XhQzkkOg6dPVIApdv2HfJ6W7VveFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGEUMjbLpz0ji9w3vBNCgi9sZ1kwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dFVU1qYkxwejBqaTl3
M3ZCTkNnaTlzWjFrdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAffxPUPrmqMcEwxfHf7NQkMps/BDSGNT4
/EdxR/qiCyqpXH/LNVq7W4c8tmbA4Ei/3KNE1D6EY2CpExdfoHAbncu9QOTz7+ug
U+2Zh3bd30xSRPVKyyvhIuBKIMef36cOjRDiZKVFP4VT7MKfo2GCFYHe4Sf/T9rB
yK5RSacN8QzOEO0DIJ6EmExICyGH9xETowKw8GV73Od1toZBUVff/BaNi4Vjvqr+
XXQg1UocWi15Q6xFAWE4urpFCaZhYnRrwb54rDzsDmsdqBXqprcycEHQ8mlrd7GC
QUUR+9l6EE3+2pjV8Sjp9dV65Q2aqgNY833qHiX6RYRdBarC0EAw3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:16 2024 by rpki-client on console-fra.rpki-client.org