Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MjY41bX_LrYlZfxB5Q6TZZW0GlA.roa
File: MjY41bX_LrYlZfxB5Q6TZZW0GlA.roa (raw, json)
Hash identifier: wwEeUrjbcB8xadUCGziojSWknR/qI8UEq2em+rdo4/g=
Subject key identifier: 32:36:38:D5:B5:FF:2E:B6:25:65:FC:41:E5:0E:93:65:95:B4:1A:50
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 42F2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MjY41bX_LrYlZfxB5Q6TZZW0GlA.roa
Signing time: Wed 17 Apr 2024 20:22:59 +0000
ROA not before: Wed 17 Apr 2024 20:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17138 (0x42f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 20:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=323638D5B5FF2EB62565FC41E50E936595B41A50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:48:2e:81:cc:a9:4e:de:64:a3:32:52:12:96:
91:37:f9:89:28:09:cb:20:78:45:a0:85:59:70:a0:
3d:13:00:0e:b5:3b:f6:be:1d:84:06:ef:1c:17:b2:
81:f5:a6:87:54:45:f9:32:ec:4a:22:38:2b:e8:f5:
50:ad:c7:68:62:36:6c:b5:65:9a:eb:02:7f:e2:a4:
22:a0:87:22:68:b0:68:24:0e:3f:e2:a7:42:f9:00:
f3:6f:57:39:fa:93:d7:61:af:1c:37:cd:d0:80:fc:
db:a6:fe:16:05:5d:ec:34:23:30:55:fc:96:62:9f:
30:38:53:cf:ed:8e:10:9b:db:67:9e:ca:ae:55:e0:
70:25:33:d4:31:76:d2:70:01:fc:de:ff:d6:28:67:
d8:ad:d3:f3:28:a1:df:22:22:e1:d0:b8:04:28:e9:
e9:ff:11:93:37:d0:f1:c5:07:a6:28:2e:1c:10:17:
07:73:92:7e:1f:2a:b0:cd:2e:52:fe:8a:a8:21:4d:
38:36:ef:d1:cd:a7:dc:0d:32:5f:01:c2:80:06:cb:
b9:24:e2:db:4b:2d:84:0c:94:fa:70:8f:29:4b:81:
d6:d0:11:ff:dd:fa:d9:bb:79:8f:d9:5d:c2:bf:ad:
dd:30:56:15:21:3c:17:11:d1:39:87:a8:5d:7f:d8:
56:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:36:38:D5:B5:FF:2E:B6:25:65:FC:41:E5:0E:93:65:95:B4:1A:50
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MjY41bX_LrYlZfxB5Q6TZZW0GlA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:42:16:b0:7e:ce:b6:1b:39:e6:97:45:2a:4f:08:60:5d:1b:
7d:de:11:50:d6:86:70:06:82:36:2a:d1:68:32:85:e5:e9:29:
94:ca:1f:81:fc:fd:a4:0c:f2:7a:41:87:31:10:0f:d5:4f:9f:
50:95:4a:7b:70:4a:4e:3b:c2:c0:8b:32:64:3f:72:1a:84:5a:
9d:50:5e:78:a6:5d:9f:df:03:df:7a:9a:56:e1:4b:60:5b:ae:
22:3e:46:cb:42:d6:96:84:31:72:2d:1c:c7:b5:25:ec:0f:3d:
47:d4:9f:c7:c9:a7:c4:5f:c6:8e:d2:ac:36:e7:16:06:ea:5a:
dc:c8:50:3d:81:21:c8:42:a8:b8:89:f4:d8:a0:0c:34:c7:89:
9f:b1:a8:6e:4d:5d:9c:1b:2a:a1:c1:9c:bb:90:e5:28:2c:91:
21:e7:dc:c1:9b:ac:bb:a1:70:f7:9a:1f:93:af:39:96:a5:c9:
8d:38:ee:77:b1:5e:6e:f3:7f:31:b7:10:3d:2c:aa:1f:07:dc:
6f:26:b1:10:bd:74:46:6a:34:31:2f:34:61:c6:59:5d:27:74:
8c:91:04:fd:05:e7:cc:74:7c:42:12:86:48:38:db:cc:35:cc:
54:02:31:9f:6a:26:56:fd:1a:3b:86:23:05:31:ea:1a:5e:a5:
04:d8:d0:cf
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQvIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcy
MDIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMyMzYzOEQ1QjVGRjJF
QjYyNTY1RkM0MUU1MEU5MzY1OTVCNDFBNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmSC6BzKlO3mSjMlISlpE3+YkoCcsgeEWghVlwoD0TAA61O/a+
HYQG7xwXsoH1podURfky7EoiOCvo9VCtx2hiNmy1ZZrrAn/ipCKghyJosGgkDj/i
p0L5APNvVzn6k9dhrxw3zdCA/Num/hYFXew0IzBV/JZinzA4U8/tjhCb22eeyq5V
4HAlM9QxdtJwAfze/9YoZ9it0/Mood8iIuHQuAQo6en/EZM30PHFB6YoLhwQFwdz
kn4fKrDNLlL+iqghTTg279HNp9wNMl8BwoAGy7kk4ttLLYQMlPpwjylLgdbQEf/d
+tm7eY/ZXcK/rd0wVhUhPBcR0TmHqF1/2FaBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUMjY41bX/LrYlZfxB5Q6TZZW0GlAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01qWTQxYlhfTHJZbFpm
eEI1UTZUWlpXMEdsQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAY0IWsH7Oths55pdFKk8IYF0bfd4RUNaG
cAaCNirRaDKF5ekplMofgfz9pAzyekGHMRAP1U+fUJVKe3BKTjvCwIsyZD9yGoRa
nVBeeKZdn98D33qaVuFLYFuuIj5Gy0LWloQxci0cx7Ul7A89R9Sfx8mnxF/GjtKs
NucWBupa3MhQPYEhyEKouIn02KAMNMeJn7Gobk1dnBsqocGcu5DlKCyRIefcwZus
u6Fw95ofk685lqXJjTjud7FebvN/MbcQPSyqHwfcbyaxEL10Rmo0MS80YcZZXSd0
jJEE/QXnzHR8QhKGSDjbzDXMVAIxn2omVv0aO4YjBTHqGl6lBNjQzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:21 2024 by rpki-client on console-fra.rpki-client.org