Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NWBnabhBTa0BbGQ-IWFd11Q4IeE.roa
File: NWBnabhBTa0BbGQ-IWFd11Q4IeE.roa (raw, json)
Hash identifier: vvWgIHkrAF4Ehhf+A8P5OLoM0xOqD1gCgawmDxKx1eI=
Subject key identifier: 35:60:67:69:B8:41:4D:AD:01:6C:64:3E:21:61:5D:D7:54:38:21:E1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DAE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NWBnabhBTa0BbGQ-IWFd11Q4IeE.roa
Signing time: Wed 10 Apr 2024 19:52:46 +0000
ROA not before: Wed 10 Apr 2024 19:52:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15790 (0x3dae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 19:52:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=35606769B8414DAD016C643E21615DD7543821E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0a:da:23:1a:e4:6a:79:08:e6:a8:6a:e9:1e:
ea:fe:41:ea:43:ed:d6:75:bd:82:93:9a:80:d9:c9:
63:1c:c2:ef:eb:69:86:24:25:de:34:20:f8:0e:51:
fb:41:39:5a:63:a1:06:f9:aa:0a:e2:28:70:54:1f:
ac:d0:45:97:35:2d:4c:e3:40:fd:ef:63:56:60:8a:
7e:c1:38:2b:4e:08:eb:88:20:61:da:b5:84:d6:de:
c8:eb:c6:9a:61:d5:c9:d6:e8:a5:03:fc:fe:e5:d7:
66:ce:e9:f6:73:02:62:b9:43:c1:46:2e:f8:22:06:
c4:87:b7:31:af:0e:16:c7:d7:71:cc:17:11:4f:ec:
c7:43:73:db:aa:0a:dd:d6:a0:67:e4:6b:3d:c7:a5:
10:27:47:50:8c:87:11:8e:fe:2c:a4:a2:98:df:35:
47:20:52:a1:a0:85:32:2c:0a:16:e8:44:1d:db:4a:
29:ae:3b:e0:b9:13:2a:d5:ff:89:31:ce:9a:ce:fb:
7b:b9:82:e5:11:18:d0:99:14:8d:9c:e3:f2:31:dc:
b0:af:58:2b:b9:a5:56:bb:e9:58:cf:51:a2:f9:e8:
11:ab:a2:7d:63:28:15:ca:1d:26:29:9e:6a:8e:77:
67:b5:0d:c4:cd:36:07:c7:a8:85:22:1f:0c:6d:87:
3b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:60:67:69:B8:41:4D:AD:01:6C:64:3E:21:61:5D:D7:54:38:21:E1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NWBnabhBTa0BbGQ-IWFd11Q4IeE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:a7:f4:fe:c6:34:d5:a5:ff:49:0f:82:b4:2b:bf:ba:20:dd:
07:95:f7:4b:d3:c5:3d:82:27:5d:7d:a7:62:92:10:31:44:1e:
cf:39:b7:d0:f2:fc:e6:95:c9:a2:49:c0:38:ad:15:5f:b9:cf:
98:11:64:06:a6:1e:4e:80:41:9c:eb:12:47:9f:ee:09:77:69:
e3:da:cb:90:0c:80:61:20:14:2d:1a:e1:d0:1c:e6:8e:a8:f8:
8a:c1:8e:3f:4d:4d:1e:51:31:78:a2:a3:a0:93:27:e9:9a:4f:
15:16:a0:4c:72:d7:e9:79:91:5a:84:7c:ca:27:4c:de:08:2d:
92:c3:b9:21:59:17:ce:3f:7e:b3:1f:62:71:04:53:8f:9d:f8:
a8:9b:d6:85:b6:9e:56:e7:d6:bb:5a:50:0f:51:69:b8:46:ea:
79:27:50:0d:e0:af:ed:5b:96:b2:b3:c5:0d:9e:3d:35:66:71:
d5:54:a4:5e:ea:ab:f8:f2:40:fd:1b:fc:ff:9a:11:a0:e0:5c:
32:f9:ac:e7:05:8e:84:53:21:e6:d6:88:7d:97:6a:d8:f8:44:
59:58:08:c7:a9:68:bf:b4:e6:39:94:a1:6d:92:f1:5f:fc:1a:
2b:a3:bf:74:41:c8:d5:35:10:8d:36:18:82:a8:8a:32:c9:0e:
01:6b:7d:2e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPa4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAx
OTUyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM1NjA2NzY5Qjg0MTRE
QUQwMTZDNjQzRTIxNjE1REQ3NTQzODIxRTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiCtojGuRqeQjmqGrpHur+QepD7dZ1vYKTmoDZyWMcwu/raYYk
Jd40IPgOUftBOVpjoQb5qgriKHBUH6zQRZc1LUzjQP3vY1Zgin7BOCtOCOuIIGHa
tYTW3sjrxpph1cnW6KUD/P7l12bO6fZzAmK5Q8FGLvgiBsSHtzGvDhbH13HMFxFP
7MdDc9uqCt3WoGfkaz3HpRAnR1CMhxGO/iykopjfNUcgUqGghTIsChboRB3bSimu
O+C5EyrV/4kxzprO+3u5guURGNCZFI2c4/Ix3LCvWCu5pVa76VjPUaL56BGron1j
KBXKHSYpnmqOd2e1DcTNNgfHqIUiHwxthzulAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUNWBnabhBTa0BbGQ+IWFd11Q4IeEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05XQm5hYmhCVGEwQmJH
US1JV0ZkMTFRNEllRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEALaf0/sY01aX/SQ+CtCu/uiDdB5X3S9PF
PYInXX2nYpIQMUQezzm30PL85pXJoknAOK0VX7nPmBFkBqYeToBBnOsSR5/uCXdp
49rLkAyAYSAULRrh0Bzmjqj4isGOP01NHlExeKKjoJMn6ZpPFRagTHLX6XmRWoR8
yidM3ggtksO5IVkXzj9+sx9icQRTj534qJvWhbaeVufWu1pQD1FpuEbqeSdQDeCv
7VuWsrPFDZ49NWZx1VSkXuqr+PJA/Rv8/5oRoOBcMvms5wWOhFMh5taIfZdq2PhE
WVgIx6lov7TmOZShbZLxX/waK6O/dEHI1TUQjTYYgqiKMskOAWt9Lg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:22 2024 by rpki-client on console-fra.rpki-client.org