Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Gp1lHjFpUp_R6TJodEUYDT6V4ro.roa
File: Gp1lHjFpUp_R6TJodEUYDT6V4ro.roa (raw, json)
Hash identifier: 9l43XKb664q54gXrlZXsnlMbnHhqfE4IIQR/HA360KU=
Subject key identifier: 1A:9D:65:1E:31:69:52:9F:D1:E9:32:68:74:45:18:0D:3E:95:E2:BA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3ACA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Gp1lHjFpUp_R6TJodEUYDT6V4ro.roa
Signing time: Sat 06 Apr 2024 23:22:32 +0000
ROA not before: Sat 06 Apr 2024 23:22:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15050 (0x3aca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 23:22:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1A9D651E3169529FD1E932687445180D3E95E2BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:85:2c:a1:b6:13:01:74:73:84:b6:c9:ba:04:
eb:11:c6:eb:13:a0:d1:58:05:e0:82:f4:c2:32:36:
a6:3e:99:3e:21:b2:52:04:8d:9f:be:ce:f7:5f:35:
fd:1f:ac:1d:e5:18:bf:a6:97:a2:ac:c3:73:86:6c:
a0:37:0e:82:38:2f:64:c3:f5:ad:81:d7:fb:a9:ec:
40:0a:37:8a:80:b1:38:fd:d7:ec:f6:16:0f:8f:ab:
dd:d2:2b:03:36:a3:2f:63:52:67:76:c9:7b:99:39:
48:33:3b:16:4f:5d:18:3e:43:a5:57:1e:1a:c7:b1:
69:72:ae:29:29:4c:ab:08:d6:4a:41:f1:bc:ad:47:
b1:c9:cc:c9:63:ec:72:45:6f:ce:88:2a:e7:51:17:
2e:b7:6c:09:3f:1b:51:94:1d:ac:60:0a:d5:d4:b0:
9f:52:5f:b2:b8:ca:af:aa:8f:16:04:ab:70:56:41:
71:ae:ad:ee:96:d2:49:44:90:ac:17:16:d9:ae:c1:
e2:b8:90:ff:7d:71:a2:dc:e1:30:04:06:89:0a:22:
5c:b7:4f:8e:71:54:5a:15:75:db:03:72:f6:e1:aa:
6b:6a:64:a9:cd:42:e0:41:e8:27:35:48:4f:ef:46:
18:f0:65:be:d4:89:d9:f7:12:aa:8c:c6:09:e7:83:
be:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:9D:65:1E:31:69:52:9F:D1:E9:32:68:74:45:18:0D:3E:95:E2:BA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Gp1lHjFpUp_R6TJodEUYDT6V4ro.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:fc:23:e1:c1:c9:1a:e2:e2:eb:72:a5:4a:85:ad:0c:1f:0c:
d3:02:b6:ae:84:3d:92:08:9d:e2:6c:2a:0c:b0:16:5f:8f:ed:
5b:a1:f2:62:a1:85:32:8f:93:2b:ab:2d:0a:24:36:a9:db:ca:
f1:7a:fa:2e:5c:cc:f2:65:d0:8f:4a:19:94:5a:b6:94:f5:6d:
7c:53:c6:51:2d:e6:58:1c:8d:ff:14:81:cc:19:3c:8f:28:ef:
de:9d:17:fa:44:bb:61:75:1b:d5:db:6b:1b:2d:15:89:a9:b4:
a2:70:40:4e:bc:e2:1c:d4:59:e4:af:9c:26:46:0f:ce:85:26:
49:ab:62:c8:ca:a2:46:63:21:21:b8:e5:95:2e:fe:cb:8b:e3:
c4:80:94:47:5a:4d:b2:20:a5:72:33:7c:49:90:c2:1f:82:c3:
6a:24:f3:65:16:12:b9:86:7a:7b:81:63:90:39:e1:af:a5:91:
52:48:3f:74:8e:e8:1d:39:c1:5b:fd:f5:d6:b0:bb:a1:20:0b:
a8:c5:fd:48:b4:95:88:c9:16:fb:a6:a9:aa:8d:c2:2e:0b:9e:
dc:24:d4:f2:fd:8a:f6:25:67:a6:07:c2:c7:e5:a8:55:7b:e9:
80:87:de:e5:14:c9:e7:5c:cb:48:e7:af:95:a6:95:a0:4a:ad:
56:40:e6:bc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYy
MzIyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFBOUQ2NTFFMzE2OTUy
OUZEMUU5MzI2ODc0NDUxODBEM0U5NUUyQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8hSyhthMBdHOEtsm6BOsRxusToNFYBeCC9MIyNqY+mT4hslIE
jZ++zvdfNf0frB3lGL+ml6Ksw3OGbKA3DoI4L2TD9a2B1/up7EAKN4qAsTj91+z2
Fg+Pq93SKwM2oy9jUmd2yXuZOUgzOxZPXRg+Q6VXHhrHsWlyrikpTKsI1kpB8byt
R7HJzMlj7HJFb86IKudRFy63bAk/G1GUHaxgCtXUsJ9SX7K4yq+qjxYEq3BWQXGu
re6W0klEkKwXFtmuweK4kP99caLc4TAEBokKIly3T45xVFoVddsDcvbhqmtqZKnN
QuBB6Cc1SE/vRhjwZb7Uidn3EqqMxgnng765AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGp1lHjFpUp/R6TJodEUYDT6V4rowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dwMWxIakZwVXBfUjZU
Sm9kRVVZRFQ2VjRyby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEASfwj4cHJGuLi63KlSoWtDB8M0wK2roQ9
kgid4mwqDLAWX4/tW6HyYqGFMo+TK6stCiQ2qdvK8Xr6LlzM8mXQj0oZlFq2lPVt
fFPGUS3mWByN/xSBzBk8jyjv3p0X+kS7YXUb1dtrGy0Viam0onBATrziHNRZ5K+c
JkYPzoUmSatiyMqiRmMhIbjllS7+y4vjxICUR1pNsiClcjN8SZDCH4LDaiTzZRYS
uYZ6e4FjkDnhr6WRUkg/dI7oHTnBW/311rC7oSALqMX9SLSViMkW+6apqo3CLgue
3CTU8v2K9iVnpgfCx+WoVXvpgIfe5RTJ51zLSOevlaaVoEqtVkDmvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:16 2024 by rpki-client on console-fra.rpki-client.org