Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/IkmytsMG2zKswSgL_IfOWYiJigs.roa
File: IkmytsMG2zKswSgL_IfOWYiJigs.roa (raw, json)
Hash identifier: phluQLgwXeFkREkDkc4NgY0Z5XH76uTXAMHqBy+K6NY=
Subject key identifier: 22:49:B2:B6:C3:06:DB:32:AC:C1:28:0B:FC:87:CE:59:88:89:8A:0B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5822
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IkmytsMG2zKswSgL_IfOWYiJigs.roa
Signing time: Thu 16 May 2024 02:24:16 +0000
ROA not before: Thu 16 May 2024 02:24:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22562 (0x5822)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 16 02:24:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2249B2B6C306DB32ACC1280BFC87CE5988898A0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:03:c8:e7:02:32:b9:dc:06:c3:fb:b6:b5:44:
19:0e:37:e2:23:ba:71:f9:41:96:53:30:b6:60:4b:
cd:bb:ae:be:94:4d:ef:04:0f:1e:9d:71:bc:89:40:
dc:6c:63:01:1a:31:19:63:58:72:3f:01:8b:7b:8e:
e4:67:ce:b3:1d:90:81:2c:f4:9a:61:5f:92:67:5a:
b8:e4:99:7f:bf:c4:67:0f:e5:7b:95:5c:c8:02:62:
be:15:7d:0b:46:89:cd:59:04:b1:e7:da:cf:5a:3c:
ed:a7:a9:5d:fd:6a:86:70:be:b7:6c:63:5d:2b:71:
8a:7d:ff:59:35:8a:88:65:2e:18:21:fa:3c:cf:c4:
72:63:bc:fe:63:8d:67:5e:01:2c:44:78:6e:0e:b2:
9d:c4:b2:cc:ea:cc:be:73:5d:51:64:04:d0:41:50:
60:8e:d2:dc:2e:40:09:d7:f1:86:32:3a:fe:8a:79:
ba:8c:b6:29:d4:04:71:cd:87:06:1d:0e:da:71:43:
4b:8d:7c:4a:49:79:40:2a:98:31:e0:93:0f:76:1f:
d5:3d:1d:6e:1a:8e:5d:39:79:ce:fe:56:6d:2e:d6:
c4:a0:58:83:59:c0:7d:a1:16:7a:14:5a:4c:99:7b:
3a:fa:eb:28:ec:cc:da:77:ad:d4:5d:ba:7c:84:6a:
91:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:49:B2:B6:C3:06:DB:32:AC:C1:28:0B:FC:87:CE:59:88:89:8A:0B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IkmytsMG2zKswSgL_IfOWYiJigs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:11:a8:5f:a6:01:92:12:50:8c:b5:e7:4f:5d:2f:7f:60:41:
63:89:43:0f:f4:aa:84:1d:78:49:f7:37:09:d8:34:66:05:2d:
3e:97:3f:15:96:cc:35:82:91:41:a5:8f:4a:65:fd:66:fe:08:
2b:c8:99:64:f8:64:32:b3:cc:28:22:55:36:f9:2b:82:dc:ca:
ab:b5:b0:84:ff:6e:06:97:6a:9a:5e:48:cf:5b:11:bb:78:00:
e4:4f:8f:34:2c:99:ce:fe:84:4e:20:0c:c3:3b:49:4d:ca:8b:
84:48:2c:24:69:5c:80:52:41:1c:3c:48:a4:e0:23:66:73:3d:
6f:3c:bb:ee:4e:8a:b1:49:dd:e4:8b:64:c0:5d:22:09:95:57:
bf:55:a5:67:0f:4e:3b:b1:96:31:ee:b3:45:3d:91:38:5d:60:
10:eb:05:2d:a6:63:12:2e:69:fb:e1:b7:a7:a2:7d:d8:79:50:
57:1e:05:05:0e:cd:7b:bc:17:f8:ee:f7:ad:ab:60:a6:14:0c:
c9:c3:ba:83:b5:11:e5:04:ea:33:b1:f3:8b:6b:83:de:26:b3:
ce:83:11:7d:a4:60:7d:ec:cc:80:00:30:0c:01:cd:97:75:14:
a2:b8:49:5b:9a:2c:fb:66:12:4f:7e:80:d8:0a:97:b9:8c:6f:
f0:8a:4b:ad
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICWCIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTYw
MjI0MTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIyNDlCMkI2QzMwNkRC
MzJBQ0MxMjgwQkZDODdDRTU5ODg4OThBMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7A8jnAjK53AbD+7a1RBkON+IjunH5QZZTMLZgS827rr6UTe8E
Dx6dcbyJQNxsYwEaMRljWHI/AYt7juRnzrMdkIEs9JphX5JnWrjkmX+/xGcP5XuV
XMgCYr4VfQtGic1ZBLHn2s9aPO2nqV39aoZwvrdsY10rcYp9/1k1iohlLhgh+jzP
xHJjvP5jjWdeASxEeG4Osp3EsszqzL5zXVFkBNBBUGCO0twuQAnX8YYyOv6KebqM
tinUBHHNhwYdDtpxQ0uNfEpJeUAqmDHgkw92H9U9HW4ajl05ec7+Vm0u1sSgWINZ
wH2hFnoUWkyZezr66yjszNp3rdRdunyEapGPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUIkmytsMG2zKswSgL/IfOWYiJigswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0lrbXl0c01HMnpLc3dT
Z0xfSWZPV1lpSmlncy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAIhGoX6YBkhJQjLXnT10vf2BBY4lDD/Sq
hB14Sfc3Cdg0ZgUtPpc/FZbMNYKRQaWPSmX9Zv4IK8iZZPhkMrPMKCJVNvkrgtzK
q7WwhP9uBpdqml5Iz1sRu3gA5E+PNCyZzv6ETiAMwztJTcqLhEgsJGlcgFJBHDxI
pOAjZnM9bzy77k6KsUnd5ItkwF0iCZVXv1WlZw9OO7GWMe6zRT2ROF1gEOsFLaZj
Ei5p++G3p6J92HlQVx4FBQ7Ne7wX+O73ratgphQMycO6g7UR5QTqM7Hzi2uD3iaz
zoMRfaRgfezMgAAwDAHNl3UUorhJW5os+2YST36A2AqXuYxv8IpLrQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:30 2024 by rpki-client on console-ams.rpki-client.org