Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ITg31n12yxd28qOvxRmaf-fgALs.roa
File: ITg31n12yxd28qOvxRmaf-fgALs.roa (raw, json)
Hash identifier: uYwymoo4Su2CkBrPhE6qj0BzWOL25F+YcSRE+pXPctY=
Subject key identifier: 21:38:37:D6:7D:76:CB:17:76:F2:A3:AF:C5:19:9A:7F:E7:E0:00:BB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55E6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ITg31n12yxd28qOvxRmaf-fgALs.roa
Signing time: Mon 13 May 2024 02:54:20 +0000
ROA not before: Mon 13 May 2024 02:54:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21990 (0x55e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 02:54:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=213837D67D76CB1776F2A3AFC5199A7FE7E000BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c2:90:ec:37:cf:8b:0f:ce:18:87:95:30:75:
3f:8b:ae:bc:db:a2:b4:2c:89:c1:48:80:cb:d7:74:
44:6b:6d:3b:67:6b:39:88:61:eb:fb:53:ac:88:3f:
a0:59:d1:01:62:8f:55:f3:a8:f1:48:ef:2b:20:e6:
cc:79:db:88:1e:85:9e:d4:a1:98:76:3b:29:5b:9f:
5f:17:59:03:1b:9b:88:cf:42:cb:94:fa:40:9a:d1:
c4:32:b7:ee:b1:14:a4:9d:ca:49:3d:32:ca:dc:5b:
6d:0d:c4:23:de:80:9d:43:29:f5:20:87:9f:32:3a:
b4:b5:e7:21:c1:d5:47:69:44:62:f3:34:6e:1d:69:
e5:48:fd:a0:58:d7:99:00:38:eb:9f:9d:6d:e3:07:
78:74:f6:f8:51:75:10:85:68:bd:5b:96:3a:bc:da:
70:ea:78:4a:7f:99:ee:63:cb:ae:87:d7:09:56:50:
1b:dc:4c:50:08:3f:d9:99:17:b2:37:f9:e7:43:9b:
87:fe:53:bb:b9:bb:2f:93:b8:2e:88:61:45:37:e2:
af:df:0c:e2:4e:c3:77:2e:6c:c7:6c:2f:fd:25:c5:
d8:29:0c:e9:cd:c0:84:2d:d7:0a:2c:bc:40:69:81:
ee:5e:fe:d1:16:c2:a4:88:f6:2f:0c:de:74:d5:a0:
06:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:38:37:D6:7D:76:CB:17:76:F2:A3:AF:C5:19:9A:7F:E7:E0:00:BB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ITg31n12yxd28qOvxRmaf-fgALs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:41:e7:e3:64:ae:3b:56:7f:04:77:29:02:7c:50:e8:a9:37:
35:0b:a7:0b:fc:68:50:3c:51:50:f3:6a:6c:95:93:11:9c:c8:
75:89:e1:3e:f6:f5:92:7c:fd:41:ce:6a:44:ab:97:b3:1d:97:
2d:84:d3:4e:16:9e:ac:4f:92:3f:79:b3:59:ef:56:d7:44:71:
d9:4d:dc:2e:b2:b6:37:d0:fd:0e:43:2e:db:fe:c4:90:a5:31:
a2:32:9f:98:8e:1d:63:99:0c:84:3c:80:d0:c7:44:a7:b5:59:
59:74:05:68:d6:3d:35:75:05:67:92:1d:37:27:a4:56:b9:87:
59:5c:dd:8e:cb:94:d0:d4:98:3b:94:c3:de:26:97:ae:cb:3f:
8c:01:dc:4b:d6:e9:29:0f:bc:11:f8:20:cc:ba:e4:18:16:59:
24:aa:0f:cf:ee:b9:27:4a:61:03:80:50:45:04:7b:fd:0e:e6:
f2:1c:f3:f2:ad:f3:43:1e:d1:f2:e6:d9:af:d6:16:44:de:db:
5e:b8:6d:1f:2b:5e:26:f6:ae:4e:33:ac:55:e6:27:c5:85:bb:
d1:0e:1b:d7:92:c9:ee:83:33:99:96:a8:69:07:ca:3b:0a:34:
eb:57:a5:4f:c6:93:b2:04:eb:4f:01:02:a7:6f:90:af:66:69:
fc:c7:e4:ba
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVeYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
MjU0MjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxMzgzN0Q2N0Q3NkNC
MTc3NkYyQTNBRkM1MTk5QTdGRTdFMDAwQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvwpDsN8+LD84Yh5UwdT+LrrzborQsicFIgMvXdERrbTtnazmI
Yev7U6yIP6BZ0QFij1XzqPFI7ysg5sx524gehZ7UoZh2Oylbn18XWQMbm4jPQsuU
+kCa0cQyt+6xFKSdykk9MsrcW20NxCPegJ1DKfUgh58yOrS15yHB1UdpRGLzNG4d
aeVI/aBY15kAOOufnW3jB3h09vhRdRCFaL1bljq82nDqeEp/me5jy66H1wlWUBvc
TFAIP9mZF7I3+edDm4f+U7u5uy+TuC6IYUU34q/fDOJOw3cubMdsL/0lxdgpDOnN
wIQt1wosvEBpge5e/tEWwqSI9i8M3nTVoAb9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUITg31n12yxd28qOvxRmaf+fgALswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0lUZzMxbjEyeXhkMjhx
T3Z4Um1hZi1mZ0FMcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAh0Hn42SuO1Z/BHcpAnxQ6Kk3NQunC/xo
UDxRUPNqbJWTEZzIdYnhPvb1knz9Qc5qRKuXsx2XLYTTThaerE+SP3mzWe9W10Rx
2U3cLrK2N9D9DkMu2/7EkKUxojKfmI4dY5kMhDyA0MdEp7VZWXQFaNY9NXUFZ5Id
NyekVrmHWVzdjsuU0NSYO5TD3iaXrss/jAHcS9bpKQ+8EfggzLrkGBZZJKoPz+65
J0phA4BQRQR7/Q7m8hzz8q3zQx7R8ubZr9YWRN7bXrhtHyteJvauTjOsVeYnxYW7
0Q4b15LJ7oMzmZaoaQfKOwo061elT8aTsgTrTwECp2+Qr2Zp/Mfkug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:30 2024 by rpki-client on console-ams.rpki-client.org