Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/M2U-GcnYfstyO6I-O0oulvpHwMY.roa
File: M2U-GcnYfstyO6I-O0oulvpHwMY.roa (raw, json)
Hash identifier: AqVhiLsuux8IGEre5oTKtYkE4i5gCez3ozYo1RA9Mh0=
Subject key identifier: 33:65:3E:19:C9:D8:7E:CB:72:3B:A2:3E:3B:4A:2E:96:FA:47:C0:C6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3BBE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/M2U-GcnYfstyO6I-O0oulvpHwMY.roa
Signing time: Mon 08 Apr 2024 05:52:33 +0000
ROA not before: Mon 08 Apr 2024 05:52:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15294 (0x3bbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 05:52:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=33653E19C9D87ECB723BA23E3B4A2E96FA47C0C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2f:19:bf:62:b2:54:a1:b3:31:a8:ae:dd:74:
cb:1d:1d:37:d1:8f:fc:c4:cf:7e:af:81:21:50:42:
f5:bd:0b:89:18:0b:43:43:53:fa:20:e6:7b:a0:a5:
9d:6f:7b:a5:bc:91:55:ff:45:4b:98:a9:87:d7:ed:
4d:df:82:83:b3:cc:7b:af:da:57:23:1e:30:cf:2a:
9f:ef:05:cc:51:c8:36:0a:3a:90:c5:39:e7:35:74:
d9:a6:75:5b:22:c5:c0:c9:78:0a:15:4e:98:d7:d9:
c7:e1:5c:69:15:23:4e:0f:08:43:ea:b4:6c:32:ed:
ea:1d:a8:d8:99:30:30:31:e4:0f:60:a2:ed:5e:21:
a4:da:d4:be:85:fe:ea:93:20:5b:75:d1:6e:00:a5:
91:6c:e3:22:0a:d4:9f:d7:28:6c:4c:d0:b2:59:d0:
95:77:48:fc:be:b8:a9:7d:12:76:10:8d:9a:8e:39:
b5:b8:cb:4e:37:af:8b:6c:bf:b4:cf:51:d4:2b:53:
13:1f:8c:12:73:de:8d:89:94:f5:51:56:91:98:14:
c7:4e:33:97:de:34:6f:dc:e6:64:62:24:04:68:1a:
2a:59:c9:e2:5c:18:d3:b4:ab:4c:32:63:2f:c1:cb:
aa:22:a6:8f:87:26:b2:60:bb:e2:75:09:0f:ee:af:
b6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:65:3E:19:C9:D8:7E:CB:72:3B:A2:3E:3B:4A:2E:96:FA:47:C0:C6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/M2U-GcnYfstyO6I-O0oulvpHwMY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:fd:26:d8:ec:5c:14:dc:17:43:e4:ba:ec:1e:09:a5:55:cb:
aa:54:4f:ef:5f:ae:b7:c7:bf:d0:76:49:62:0d:19:88:e2:a8:
cc:cb:4a:ae:f8:ee:ff:47:13:a5:e7:fc:8f:5a:42:d2:08:5d:
f5:e6:2d:a7:f1:60:d3:64:61:58:d7:3b:7e:de:8e:16:c9:bd:
af:e9:a2:ba:e1:35:19:50:11:2a:b3:a1:f9:f8:3e:ab:84:45:
5a:1f:8d:df:4d:bd:61:4c:61:12:06:cb:c5:9d:e8:95:9d:ed:
72:8b:7f:9b:6c:28:93:09:d8:83:ef:82:63:77:8e:0b:af:36:
24:8c:79:3e:e8:ac:30:0a:43:6c:d6:a9:97:4c:5c:5c:4d:9b:
18:44:d2:24:15:99:a3:76:dc:90:7b:cc:dc:55:56:86:d6:ec:
2d:2a:ca:97:b6:7a:b0:0c:53:af:f0:a2:3a:e5:e1:4f:05:12:
a6:98:a2:17:0b:ea:36:a8:91:4a:93:d7:9c:da:9c:9d:09:b3:
7d:3c:b5:ca:d8:4e:9b:e1:fd:5c:c9:cc:bf:60:1f:92:b9:bc:
cf:27:71:11:6d:61:77:97:12:e1:f8:88:22:02:5f:be:c9:65:
86:f3:01:a2:50:a3:89:f3:89:5a:4f:21:ed:3e:54:7f:d2:49:
6c:d4:6d:e3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICO74wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgw
NTUyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMzNjUzRTE5QzlEODdF
Q0I3MjNCQTIzRTNCNEEyRTk2RkE0N0MwQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOLxm/YrJUobMxqK7ddMsdHTfRj/zEz36vgSFQQvW9C4kYC0ND
U/og5nugpZ1ve6W8kVX/RUuYqYfX7U3fgoOzzHuv2lcjHjDPKp/vBcxRyDYKOpDF
Oec1dNmmdVsixcDJeAoVTpjX2cfhXGkVI04PCEPqtGwy7eodqNiZMDAx5A9gou1e
IaTa1L6F/uqTIFt10W4ApZFs4yIK1J/XKGxM0LJZ0JV3SPy+uKl9EnYQjZqOObW4
y043r4tsv7TPUdQrUxMfjBJz3o2JlPVRVpGYFMdOM5feNG/c5mRiJARoGipZyeJc
GNO0q0wyYy/By6oipo+HJrJgu+J1CQ/ur7Z1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUM2U+GcnYfstyO6I+O0oulvpHwMYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L00yVS1HY25ZZnN0eU82
SS1PMG91bHZwSHdNWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAjf0m2OxcFNwXQ+S67B4JpVXLqlRP71+u
t8e/0HZJYg0ZiOKozMtKrvju/0cTpef8j1pC0ghd9eYtp/Fg02RhWNc7ft6OFsm9
r+miuuE1GVARKrOh+fg+q4RFWh+N3029YUxhEgbLxZ3olZ3tcot/m2wokwnYg++C
Y3eOC682JIx5PuisMApDbNapl0xcXE2bGETSJBWZo3bckHvM3FVWhtbsLSrKl7Z6
sAxTr/CiOuXhTwUSppiiFwvqNqiRSpPXnNqcnQmzfTy1ythOm+H9XMnMv2Afkrm8
zydxEW1hd5cS4fiIIgJfvsllhvMBolCjifOJWk8h7T5Uf9JJbNRt4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:20 2024 by rpki-client on console-fra.rpki-client.org