Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/I8vKXXTEbQzVeuKhFHU-XoOewvs.roa
File: I8vKXXTEbQzVeuKhFHU-XoOewvs.roa (raw, json)
Hash identifier: wAlMyRmGozh9kXmxZDcBPbko3pqKT2mhtCL6WzV+6gA=
Subject key identifier: 23:CB:CA:5D:74:C4:6D:0C:D5:7A:E2:A1:14:75:3E:5E:83:9E:C2:FB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3466
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/I8vKXXTEbQzVeuKhFHU-XoOewvs.roa
Signing time: Fri 29 Mar 2024 10:52:05 +0000
ROA not before: Fri 29 Mar 2024 10:52:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13414 (0x3466)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 10:52:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=23CBCA5D74C46D0CD57AE2A114753E5E839EC2FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:85:33:31:89:3c:72:ad:5b:05:b9:7c:9a:7e:
a8:52:94:7d:8c:29:00:0a:4c:43:19:dc:4e:7b:2f:
41:a6:5c:24:6c:6c:1a:6e:f1:dc:14:ce:55:15:02:
11:c6:21:fe:c0:44:7a:b0:68:d2:09:99:13:80:bb:
25:24:fa:f2:b7:dc:c6:21:71:fb:05:15:82:fa:fa:
2c:03:63:44:21:3f:9d:c1:4f:46:e8:15:6e:b9:c7:
7c:f2:01:37:1b:f6:7b:81:82:1f:3c:48:fb:d0:ad:
f6:25:ff:3e:9c:3c:1d:b4:87:06:28:c9:59:ea:8d:
7f:3a:19:43:9b:61:63:67:44:6b:93:2b:c4:d4:3f:
6c:25:af:4e:19:79:e5:80:bf:28:59:18:0b:4a:4f:
10:c4:95:ba:e7:aa:71:3f:0b:d8:a2:c8:57:72:cd:
5c:63:88:08:71:f4:38:42:59:43:9b:e7:79:46:e6:
79:1b:45:f8:5e:49:f1:51:dd:5b:60:07:41:eb:12:
f9:ed:cf:c0:c2:4d:79:92:54:fc:6b:8d:44:79:b6:
e9:a7:42:d5:c4:ae:c4:7d:30:7d:d6:eb:c7:0c:03:
e2:d1:77:80:81:3d:76:dd:3b:a3:61:26:7a:5a:61:
68:0e:0d:15:0a:0d:8a:4d:80:b9:e2:2c:2b:85:50:
c6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:CB:CA:5D:74:C4:6D:0C:D5:7A:E2:A1:14:75:3E:5E:83:9E:C2:FB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/I8vKXXTEbQzVeuKhFHU-XoOewvs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b9:5c:cd:eb:5f:d5:5c:f2:e2:16:eb:55:84:96:41:d6:d6:03:
da:b7:e3:e0:77:df:fa:fa:88:fd:70:17:d2:3b:e8:7a:52:25:
74:8c:3a:34:70:82:f7:fd:be:5f:3a:07:62:4d:4d:b9:1a:0d:
cf:19:b2:ff:23:ea:72:5a:38:df:5f:d4:65:d9:44:0e:a6:ab:
ae:17:c5:d4:c3:9d:5a:58:4b:2e:74:f0:55:41:62:84:a0:a8:
54:98:4b:bd:f4:c7:c7:ec:62:71:d5:6d:7e:fa:9f:1b:89:9e:
1d:da:58:d4:9e:92:a3:d7:8a:ae:d5:9c:04:cf:fa:e7:b4:7c:
48:6d:90:fa:69:ff:f6:e0:bb:81:e4:7c:49:2a:74:04:0b:b4:
67:6c:e0:7f:38:69:10:0c:92:b7:6e:1e:0b:4c:6a:c9:1f:ca:
96:c5:7c:a1:d2:d3:aa:8a:a3:3a:26:78:31:db:99:c6:f0:ee:
bc:b4:a5:8c:a3:51:19:ca:52:3f:2d:7c:2c:01:a3:c4:a7:34:
89:45:86:bf:f1:c6:5f:f6:ca:ff:72:a5:c3:25:f3:07:9d:65:
a8:31:27:aa:6a:2f:92:52:ef:3c:71:58:ff:b1:ae:8b:52:0a:
0b:c9:4a:d6:3b:84:93:7b:c0:91:33:e0:eb:a6:76:63:da:64:
72:3d:1c:d1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkx
MDUyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzQ0JDQTVENzRDNDZE
MENENTdBRTJBMTE0NzUzRTVFODM5RUMyRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJhTMxiTxyrVsFuXyafqhSlH2MKQAKTEMZ3E57L0GmXCRsbBpu
8dwUzlUVAhHGIf7ARHqwaNIJmROAuyUk+vK33MYhcfsFFYL6+iwDY0QhP53BT0bo
FW65x3zyATcb9nuBgh88SPvQrfYl/z6cPB20hwYoyVnqjX86GUObYWNnRGuTK8TU
P2wlr04ZeeWAvyhZGAtKTxDElbrnqnE/C9iiyFdyzVxjiAhx9DhCWUOb53lG5nkb
RfheSfFR3VtgB0HrEvntz8DCTXmSVPxrjUR5tumnQtXErsR9MH3W68cMA+LRd4CB
PXbdO6NhJnpaYWgODRUKDYpNgLniLCuFUMZJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUI8vKXXTEbQzVeuKhFHU+XoOewvswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0k4dktYWFRFYlF6VmV1
S2hGSFUtWG9PZXd2cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAuVzN61/VXPLiFutVhJZB1tYD2rfj4Hff
+vqI/XAX0jvoelIldIw6NHCC9/2+XzoHYk1NuRoNzxmy/yPqclo431/UZdlEDqar
rhfF1MOdWlhLLnTwVUFihKCoVJhLvfTHx+xicdVtfvqfG4meHdpY1J6So9eKrtWc
BM/657R8SG2Q+mn/9uC7geR8SSp0BAu0Z2zgfzhpEAySt24eC0xqyR/KlsV8odLT
qoqjOiZ4MduZxvDuvLSljKNRGcpSPy18LAGjxKc0iUWGv/HGX/bK/3KlwyXzB51l
qDEnqmovklLvPHFY/7Gui1IKC8lK1juEk3vAkTPg66Z2Y9pkcj0c0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:17 2024 by rpki-client on console-fra.rpki-client.org