Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ITibr4TZLsXJFtLzFj6BXPlqbuo.roa
File: ITibr4TZLsXJFtLzFj6BXPlqbuo.roa (raw, json)
Hash identifier: egSQLUmXBBgQnFF4d4jO6gMfRE0KKaImjwYgmQWzfJo=
Subject key identifier: 21:38:9B:AF:84:D9:2E:C5:C9:16:D2:F3:16:3E:81:5C:F9:6A:6E:EA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F2E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ITibr4TZLsXJFtLzFj6BXPlqbuo.roa
Signing time: Sat 04 May 2024 03:53:48 +0000
ROA not before: Sat 04 May 2024 03:53:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20270 (0x4f2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 03:53:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=21389BAF84D92EC5C916D2F3163E815CF96A6EEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:07:3e:db:61:c3:36:bc:48:a8:b3:90:3c:e7:
89:c1:6c:68:0c:d3:ab:d7:18:07:42:31:a7:f2:4c:
e8:29:c1:1b:ed:e9:76:d0:89:f9:b8:82:da:12:03:
dc:59:80:b6:a9:17:5c:56:2e:2a:84:72:33:d9:86:
de:28:e3:bc:8c:12:9a:2f:a7:f6:c2:9d:a0:ab:22:
d0:ec:16:f1:32:87:31:4d:55:39:83:95:7b:38:e7:
50:d6:fa:eb:b8:89:07:28:3c:3e:2a:af:25:52:78:
90:e6:58:1e:fe:ec:a9:38:e7:9a:28:41:90:67:4d:
0e:ab:ee:9a:d8:97:34:e6:54:c0:4b:15:52:56:a7:
33:3d:b7:f5:c4:1f:da:db:7b:d5:be:88:41:eb:fa:
cf:da:db:48:7a:5f:1d:1e:92:80:4c:1f:95:37:16:
30:26:a8:de:77:b3:fc:30:10:86:55:6e:40:03:01:
9f:eb:12:e3:b6:4d:f2:74:d3:00:ef:c5:27:26:79:
54:82:dd:87:c1:75:7d:95:39:54:67:fd:27:ae:94:
c9:57:16:3a:b2:64:e1:ea:63:99:7f:1e:da:07:50:
55:b1:29:4d:bc:52:32:68:0f:41:74:f8:63:00:2f:
cf:b4:22:4a:bf:b7:84:b1:42:1c:b4:cc:59:af:21:
5a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:38:9B:AF:84:D9:2E:C5:C9:16:D2:F3:16:3E:81:5C:F9:6A:6E:EA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ITibr4TZLsXJFtLzFj6BXPlqbuo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
44:06:6a:71:a6:68:c1:a7:ec:62:ff:0b:d1:9d:fc:04:57:0c:
d6:3d:99:c8:75:b5:98:97:fe:93:88:66:a4:59:8d:ab:e9:f2:
4f:6f:6a:69:c7:75:d0:3a:d8:99:21:24:f1:9b:81:2a:56:17:
83:be:46:c2:d4:6f:a2:55:b7:96:f9:48:ee:d7:8c:d8:65:86:
5e:81:ff:b6:5d:1f:d8:20:c3:e2:6d:6d:2d:ba:8e:8d:f2:b7:
01:7d:1d:5d:4e:4b:11:eb:53:e5:6c:d0:22:31:cc:f7:a1:8a:
57:22:47:bc:bf:59:a3:90:c1:1d:61:76:41:c4:97:71:e0:b7:
d4:c9:69:b6:cd:4b:fd:52:31:a9:53:07:18:e9:b4:96:22:3f:
5c:12:c3:7a:9a:b4:8c:d0:87:f2:99:71:13:32:20:92:5c:f5:
6d:00:42:3c:6f:0c:b0:5b:29:f3:50:07:f6:2f:52:6d:3e:ac:
2f:53:ea:95:0f:8e:61:3f:a7:2d:83:0b:d1:87:e9:ef:7c:12:
5f:06:d7:1d:ff:d2:7c:81:5d:86:57:85:d5:93:d7:09:f4:8d:
eb:92:4e:34:2d:e5:c3:c0:65:56:91:c2:32:9e:d3:0e:f0:4e:
00:94:7c:6b:56:50:eb:b3:dd:5d:2d:64:96:58:14:57:8d:74:
00:8d:93:1c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTy4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQw
MzUzNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxMzg5QkFGODREOTJF
QzVDOTE2RDJGMzE2M0U4MTVDRjk2QTZFRUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsBz7bYcM2vEios5A854nBbGgM06vXGAdCMafyTOgpwRvt6XbQ
ifm4gtoSA9xZgLapF1xWLiqEcjPZht4o47yMEpovp/bCnaCrItDsFvEyhzFNVTmD
lXs451DW+uu4iQcoPD4qryVSeJDmWB7+7Kk455ooQZBnTQ6r7prYlzTmVMBLFVJW
pzM9t/XEH9rbe9W+iEHr+s/a20h6Xx0ekoBMH5U3FjAmqN53s/wwEIZVbkADAZ/r
EuO2TfJ00wDvxScmeVSC3YfBdX2VOVRn/SeulMlXFjqyZOHqY5l/HtoHUFWxKU28
UjJoD0F0+GMAL8+0Ikq/t4SxQhy0zFmvIVrlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUITibr4TZLsXJFtLzFj6BXPlqbuowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0lUaWJyNFRaTHNYSkZ0
THpGajZCWFBscWJ1by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEARAZqcaZowafsYv8L0Z38BFcM1j2ZyHW1
mJf+k4hmpFmNq+nyT29qacd10DrYmSEk8ZuBKlYXg75GwtRvolW3lvlI7teM2GWG
XoH/tl0f2CDD4m1tLbqOjfK3AX0dXU5LEetT5WzQIjHM96GKVyJHvL9Zo5DBHWF2
QcSXceC31Mlpts1L/VIxqVMHGOm0liI/XBLDepq0jNCH8plxEzIgklz1bQBCPG8M
sFsp81AH9i9SbT6sL1PqlQ+OYT+nLYML0Yfp73wSXwbXHf/SfIFdhleF1ZPXCfSN
65JONC3lw8BlVpHCMp7TDvBOAJR8a1ZQ67PdXS1kllgUV410AI2THA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:18 2024 by rpki-client on console-fra.rpki-client.org