Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/I3r2aM5GMpj3tP96ACc5GItVAdY.roa
File: I3r2aM5GMpj3tP96ACc5GItVAdY.roa (raw, json)
Hash identifier: 5/NGvkFG3wCytUQ4T/1KJKKqbBX0GOoPA2Rw/Qbiq38=
Subject key identifier: 23:7A:F6:68:CE:46:32:98:F7:B4:FF:7A:00:27:39:18:8B:55:01:D6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40EE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/I3r2aM5GMpj3tP96ACc5GItVAdY.roa
Signing time: Mon 15 Apr 2024 03:52:57 +0000
ROA not before: Mon 15 Apr 2024 03:52:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16622 (0x40ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 03:52:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=237AF668CE463298F7B4FF7A002739188B5501D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:57:10:25:4d:91:51:79:b5:d3:19:e3:79:a0:
c6:4c:e6:2f:05:4d:0f:f9:cb:19:ec:42:a5:9d:c5:
24:d3:89:4a:58:57:b3:c8:8c:f4:2c:3d:3d:4f:e8:
cc:a2:8e:9b:db:09:b5:fa:00:3e:20:57:42:12:39:
22:11:a3:8d:d4:27:6f:96:83:5c:30:6b:f5:b6:b3:
91:19:00:43:78:98:98:9b:89:cd:f2:ed:05:de:85:
49:78:73:54:2a:d0:1a:67:fe:55:fa:ec:ce:37:57:
0c:e7:03:fe:21:20:c9:3a:a9:c7:73:03:db:7d:2c:
28:75:02:f1:fc:61:e6:4e:ce:20:15:d9:d6:42:26:
f5:3c:b6:0a:a0:3b:fa:a9:48:85:63:64:27:36:68:
da:6e:e8:f6:ac:3d:ca:d6:2b:d7:61:99:0d:af:7f:
4c:ab:b2:18:ef:58:70:df:3a:4c:d2:1a:3c:be:84:
ef:a8:3e:ae:af:30:ac:60:41:83:81:87:9a:b0:0d:
b0:35:a3:10:ad:ea:96:9e:0a:9b:c5:51:b2:f2:26:
f5:4a:c3:a2:14:64:54:e0:23:07:83:ba:8e:00:c4:
82:05:1c:47:6e:9f:35:c1:0f:02:bf:0d:e4:dd:ae:
78:e6:dd:90:c4:5d:10:1d:8b:ac:86:ac:d6:23:1d:
77:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7A:F6:68:CE:46:32:98:F7:B4:FF:7A:00:27:39:18:8B:55:01:D6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/I3r2aM5GMpj3tP96ACc5GItVAdY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:95:7a:17:a0:8e:09:02:47:e4:9c:a7:6c:d2:93:99:24:1a:
0a:c6:bf:34:70:32:a3:4b:e6:48:05:53:f0:2b:3f:bd:34:7b:
b6:cd:9f:2c:1b:3f:7e:f3:be:e7:20:52:c0:ef:c2:f8:d5:4d:
dc:bb:6f:22:ee:26:2c:d1:7b:38:fc:fe:00:07:46:2c:b7:a4:
d2:46:22:81:28:13:1b:17:89:56:17:1d:45:0b:1d:1e:64:0c:
7d:c0:ca:d5:91:94:c5:bc:5e:05:a9:d5:73:4a:2b:f6:c1:a3:
88:e4:3d:ba:59:13:c4:bc:f2:16:1f:3d:64:ca:7d:b6:51:df:
d5:76:72:90:21:e5:28:f3:06:e7:96:78:d8:f6:fc:e1:18:9d:
76:0b:49:54:c5:c2:98:57:f1:0e:32:07:b5:45:b3:0c:48:63:
4c:7f:2f:fd:98:bd:85:af:06:4a:3e:0c:48:7b:88:52:8d:68:
02:e5:4d:8d:8f:b8:58:cc:28:bf:4f:a0:7f:e7:7f:07:82:03:
91:98:ba:ff:80:d4:8a:fd:5c:af:a1:d2:cb:6a:30:a9:a7:4c:
fb:0e:a1:15:c6:ef:b4:36:4c:e3:cc:e6:59:96:27:79:1f:82:
c6:f5:12:78:4a:37:6a:f6:fa:3d:f4:a4:98:9b:4f:af:ac:af:
d2:9a:83:12
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQO4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
MzUyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzN0FGNjY4Q0U0NjMy
OThGN0I0RkY3QTAwMjczOTE4OEI1NTAxRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJVxAlTZFRebXTGeN5oMZM5i8FTQ/5yxnsQqWdxSTTiUpYV7PI
jPQsPT1P6MyijpvbCbX6AD4gV0ISOSIRo43UJ2+Wg1wwa/W2s5EZAEN4mJibic3y
7QXehUl4c1Qq0Bpn/lX67M43VwznA/4hIMk6qcdzA9t9LCh1AvH8YeZOziAV2dZC
JvU8tgqgO/qpSIVjZCc2aNpu6PasPcrWK9dhmQ2vf0yrshjvWHDfOkzSGjy+hO+o
Pq6vMKxgQYOBh5qwDbA1oxCt6paeCpvFUbLyJvVKw6IUZFTgIweDuo4AxIIFHEdu
nzXBDwK/DeTdrnjm3ZDEXRAdi6yGrNYjHXdpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUI3r2aM5GMpj3tP96ACc5GItVAdYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0kzcjJhTTVHTXBqM3RQ
OTZBQ2M1R0l0VkFkWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAgZV6F6COCQJH5JynbNKTmSQaCsa/NHAy
o0vmSAVT8Cs/vTR7ts2fLBs/fvO+5yBSwO/C+NVN3LtvIu4mLNF7OPz+AAdGLLek
0kYigSgTGxeJVhcdRQsdHmQMfcDK1ZGUxbxeBanVc0or9sGjiOQ9ulkTxLzyFh89
ZMp9tlHf1XZykCHlKPMG55Z42Pb84RiddgtJVMXCmFfxDjIHtUWzDEhjTH8v/Zi9
ha8GSj4MSHuIUo1oAuVNjY+4WMwov0+gf+d/B4IDkZi6/4DUiv1cr6HSy2owqadM
+w6hFcbvtDZM48zmWZYneR+CxvUSeEo3avb6PfSkmJtPr6yv0pqDEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:29 2024 by rpki-client on console-ams.rpki-client.org