Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NPVyBqgeheDIIND83w_g4X5HB-0.roa
File: NPVyBqgeheDIIND83w_g4X5HB-0.roa (raw, json)
Hash identifier: RKY0hQp5OSZw1DOb0bUWZ05nBAYC2iueTdrMuCmTVC8=
Subject key identifier: 34:F5:72:06:A8:1E:85:E0:C8:20:D0:FC:DF:0F:E0:E1:7E:47:07:ED
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43E6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NPVyBqgeheDIIND83w_g4X5HB-0.roa
Signing time: Fri 19 Apr 2024 02:53:01 +0000
ROA not before: Fri 19 Apr 2024 02:53:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17382 (0x43e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 02:53:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=34F57206A81E85E0C820D0FCDF0FE0E17E4707ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fc:e9:9e:6c:0e:e5:0b:46:ca:84:fc:cb:12:
ab:f6:3e:39:88:1e:e1:36:02:b8:14:57:1d:90:2f:
68:a7:60:ad:24:56:09:5a:f4:7e:d8:c8:7f:d6:b8:
26:01:3e:46:89:b9:64:b7:ec:a3:5b:e1:6d:0c:3c:
fd:f9:10:05:80:99:ac:95:d9:c8:1b:65:38:12:39:
ee:f7:37:12:f6:33:82:34:89:6a:a4:cc:07:c1:ca:
51:bf:0c:18:2b:77:50:f2:3e:8a:8d:88:f1:93:36:
b5:31:33:fd:9e:07:dd:97:c3:d0:db:45:2a:98:d4:
44:61:b7:ce:6e:48:bf:92:8b:03:5c:ba:11:f8:b2:
d7:1f:ae:fb:41:95:e0:16:f6:c2:ed:41:19:23:d5:
73:8b:2b:72:53:ae:cc:84:bd:ef:14:d6:f0:cf:74:
7d:7a:fd:3d:07:d8:48:55:a4:e4:2f:10:d7:0c:5e:
21:da:df:85:28:b6:f1:6c:1c:2d:75:49:2e:52:4c:
0a:8e:ef:0e:c6:19:b3:1a:65:ed:c5:1a:0c:e9:51:
82:c6:da:c2:62:ff:e2:66:d2:14:bd:30:21:8f:eb:
1c:3e:bc:f5:6a:74:f1:76:21:62:c2:47:cb:2c:ea:
3a:4f:09:f6:97:03:2c:ea:5c:37:33:41:0e:40:a8:
5a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F5:72:06:A8:1E:85:E0:C8:20:D0:FC:DF:0F:E0:E1:7E:47:07:ED
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NPVyBqgeheDIIND83w_g4X5HB-0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:fa:96:d5:f4:e1:95:97:ec:e0:22:0d:9d:7d:66:0a:65:19:
7f:b7:06:f2:65:49:88:55:20:8a:c4:6f:6d:b4:17:da:18:a1:
18:30:f2:fa:36:fa:e8:22:98:f0:c4:45:9f:24:0a:03:12:8f:
9f:e7:4f:e5:bb:12:d3:1c:c3:9b:06:cb:02:a5:cf:6e:67:fc:
6c:c5:1b:54:b9:5a:c0:c1:75:47:74:b3:6b:46:b2:d9:15:08:
7b:3a:c8:1a:a8:8a:85:f4:5a:71:23:25:38:19:2a:b0:9d:1c:
dd:eb:9f:9c:78:af:cb:e8:eb:71:36:ca:e9:84:15:b0:d7:1d:
64:b3:73:50:8a:41:83:e5:51:29:73:bd:e0:44:cb:4a:a6:42:
f8:6a:0f:91:5a:02:3a:5e:07:27:59:67:c8:5c:d3:8a:c6:a1:
34:fb:8b:c7:fb:f3:c4:45:c5:05:83:e5:8a:a4:84:07:59:96:
96:e4:40:ab:78:83:00:55:75:aa:b8:13:c0:f6:f0:c6:ec:df:
61:6c:0d:3f:0f:e3:95:61:4a:f7:b6:cb:56:10:36:e8:b6:f2:
43:92:2d:e1:56:d5:23:fd:f8:b2:77:f8:7b:ff:46:a5:b8:7d:
1c:d7:b7:6b:e5:71:61:d2:40:24:95:42:b4:e2:91:14:2d:d1:
cc:c9:48:eb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ+YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
MjUzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM0RjU3MjA2QTgxRTg1
RTBDODIwRDBGQ0RGMEZFMEUxN0U0NzA3RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB/OmebA7lC0bKhPzLEqv2PjmIHuE2ArgUVx2QL2inYK0kVgla
9H7YyH/WuCYBPkaJuWS37KNb4W0MPP35EAWAmayV2cgbZTgSOe73NxL2M4I0iWqk
zAfBylG/DBgrd1DyPoqNiPGTNrUxM/2eB92Xw9DbRSqY1ERht85uSL+SiwNcuhH4
stcfrvtBleAW9sLtQRkj1XOLK3JTrsyEve8U1vDPdH16/T0H2EhVpOQvENcMXiHa
34UotvFsHC11SS5STAqO7w7GGbMaZe3FGgzpUYLG2sJi/+Jm0hS9MCGP6xw+vPVq
dPF2IWLCR8ss6jpPCfaXAyzqXDczQQ5AqFq7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUNPVyBqgeheDIIND83w/g4X5HB+0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05QVnlCcWdlaGVESUlO
RDgzd19nNFg1SEItMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAY/qW1fThlZfs4CINnX1mCmUZf7cG8mVJ
iFUgisRvbbQX2hihGDDy+jb66CKY8MRFnyQKAxKPn+dP5bsS0xzDmwbLAqXPbmf8
bMUbVLlawMF1R3Sza0ay2RUIezrIGqiKhfRacSMlOBkqsJ0c3eufnHivy+jrcTbK
6YQVsNcdZLNzUIpBg+VRKXO94ETLSqZC+GoPkVoCOl4HJ1lnyFzTisahNPuLx/vz
xEXFBYPliqSEB1mWluRAq3iDAFV1qrgTwPbwxuzfYWwNPw/jlWFK97bLVhA26Lby
Q5It4VbVI/34snf4e/9Gpbh9HNe3a+VxYdJAJJVCtOKRFC3RzMlI6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:22 2024 by rpki-client on console-fra.rpki-client.org