Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/IwPGlMK2w-tStu6EjibQM9eltSw.roa
File: IwPGlMK2w-tStu6EjibQM9eltSw.roa (raw, json)
Hash identifier: J/6/hlnm32IrOS5IjMQ+KhABIIkBzgy0BQwo6BALjwo=
Subject key identifier: 23:03:C6:94:C2:B6:C3:EB:52:B6:EE:84:8E:26:D0:33:D7:A5:B5:2C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D22
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IwPGlMK2w-tStu6EjibQM9eltSw.roa
Signing time: Wed 10 Apr 2024 02:22:40 +0000
ROA not before: Wed 10 Apr 2024 02:22:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15650 (0x3d22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 02:22:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2303C694C2B6C3EB52B6EE848E26D033D7A5B52C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:62:3f:fc:14:76:e8:f5:0c:b1:ae:4d:ad:e8:
b7:6c:06:85:1f:d8:0d:0b:05:c4:f3:be:4f:b5:78:
69:f0:c9:11:d6:86:af:d9:32:35:47:d7:48:1d:ce:
f3:5c:c7:09:4d:70:a5:12:b1:5e:9f:d5:20:1e:18:
14:f8:99:60:ab:41:81:73:e5:ef:c0:d9:8d:3a:7a:
1b:a6:c4:25:f1:e0:4c:6f:db:b7:13:91:a4:22:3a:
ee:12:75:8e:8b:74:60:bc:4d:2a:da:02:e9:fe:28:
7a:a4:d1:40:41:b2:06:2a:7f:5e:9a:73:03:47:03:
61:d4:73:e4:13:cc:0f:48:aa:d5:6e:5e:4d:dc:6c:
d2:2b:37:45:21:93:fe:14:ca:7d:cc:a2:50:87:e9:
14:94:39:c8:e9:18:06:98:7a:da:9d:ba:9f:3b:a8:
a7:56:5f:6c:ae:0c:4f:75:6d:d1:b9:5b:45:f7:ef:
a4:44:ba:b9:98:2a:c2:d0:c2:dc:e2:53:28:fe:5a:
0f:0e:52:96:7f:ed:d3:f8:b8:ac:c4:11:15:65:be:
b5:fe:cb:10:cb:90:29:1b:4c:3a:87:d8:77:cc:e0:
d4:88:5a:5f:a8:76:6c:82:31:61:98:fc:3a:0e:19:
fc:6c:8a:51:0f:0f:59:6b:63:50:22:49:ab:13:0a:
2e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:03:C6:94:C2:B6:C3:EB:52:B6:EE:84:8E:26:D0:33:D7:A5:B5:2C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IwPGlMK2w-tStu6EjibQM9eltSw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:71:9f:75:8e:54:08:e4:64:2f:8e:c0:78:43:4e:0d:73:36:
ef:89:80:95:7a:96:0e:01:c3:f4:e5:46:b9:0e:08:93:53:70:
f2:ab:8a:99:d1:86:d0:4b:39:c4:3e:ca:99:be:21:e7:63:03:
ff:a8:0e:00:47:15:3f:e3:1f:c3:c4:41:22:7a:20:b8:dc:87:
6c:d0:35:ae:04:c9:ff:2b:97:b0:96:b5:0c:33:8d:35:92:55:
4e:99:af:6d:85:eb:7d:4a:b5:7c:5e:c9:bf:4f:44:ec:0c:0d:
b5:25:e3:e8:64:a9:84:2b:b8:89:84:27:2c:8a:92:82:a7:c6:
2b:7c:42:c6:7a:a3:ea:ab:0d:03:e8:71:5e:97:11:0d:cc:2d:
66:93:77:7a:cf:26:c8:cc:f5:86:1a:fb:9f:81:bb:0e:c8:53:
71:72:5f:26:87:f3:b0:0b:01:3f:36:dc:b0:c1:9d:0d:d6:b9:
c1:fd:81:5b:da:30:10:e7:71:a0:57:c2:6c:11:73:2d:b6:ed:
5e:94:82:1b:33:f9:e9:8b:a8:c9:b3:07:7e:21:d7:83:cb:b5:
42:b8:28:24:c4:da:5b:56:76:f8:8d:ad:be:0b:08:85:a6:0c:
25:64:4a:79:a6:0a:40:d4:73:5a:b2:51:ff:02:68:a7:b7:4b:
9e:d2:9c:21
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPSIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
MjIyNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzMDNDNjk0QzJCNkMz
RUI1MkI2RUU4NDhFMjZEMDMzRDdBNUI1MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsYj/8FHbo9Qyxrk2t6LdsBoUf2A0LBcTzvk+1eGnwyRHWhq/Z
MjVH10gdzvNcxwlNcKUSsV6f1SAeGBT4mWCrQYFz5e/A2Y06ehumxCXx4Exv27cT
kaQiOu4SdY6LdGC8TSraAun+KHqk0UBBsgYqf16acwNHA2HUc+QTzA9IqtVuXk3c
bNIrN0Uhk/4Uyn3MolCH6RSUOcjpGAaYetqdup87qKdWX2yuDE91bdG5W0X376RE
urmYKsLQwtziUyj+Wg8OUpZ/7dP4uKzEERVlvrX+yxDLkCkbTDqH2HfM4NSIWl+o
dmyCMWGY/DoOGfxsilEPD1lrY1AiSasTCi7TAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUIwPGlMK2w+tStu6EjibQM9eltSwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0l3UEdsTUsydy10U3R1
NkVqaWJRTTllbHRTdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAYnGfdY5UCORkL47AeENODXM274mAlXqW
DgHD9OVGuQ4Ik1Nw8quKmdGG0Es5xD7Kmb4h52MD/6gOAEcVP+Mfw8RBInoguNyH
bNA1rgTJ/yuXsJa1DDONNZJVTpmvbYXrfUq1fF7Jv09E7AwNtSXj6GSphCu4iYQn
LIqSgqfGK3xCxnqj6qsNA+hxXpcRDcwtZpN3es8myMz1hhr7n4G7DshTcXJfJofz
sAsBPzbcsMGdDda5wf2BW9owEOdxoFfCbBFzLbbtXpSCGzP56YuoybMHfiHXg8u1
QrgoJMTaW1Z2+I2tvgsIhaYMJWRKeaYKQNRzWrJR/wJop7dLntKcIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:18 2024 by rpki-client on console-fra.rpki-client.org