Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/O6pzu1TkHeuOlV9OWrBLc618mmk.roa
File: O6pzu1TkHeuOlV9OWrBLc618mmk.roa (raw, json)
Hash identifier: 0tb+UPi5x85oxk1zwRz5S8feIbp1jsrHnNpY7Hxe7iA=
Subject key identifier: 3B:AA:73:BB:54:E4:1D:EB:8E:95:5F:4E:5A:B0:4B:73:AD:7C:9A:69
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34DE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/O6pzu1TkHeuOlV9OWrBLc618mmk.roa
Signing time: Sat 30 Mar 2024 01:52:12 +0000
ROA not before: Sat 30 Mar 2024 01:52:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13534 (0x34de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 01:52:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3BAA73BB54E41DEB8E955F4E5AB04B73AD7C9A69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:03:15:5e:da:52:4b:6d:8b:cc:a1:6e:e2:13:
6e:3d:9a:e7:6c:3b:b1:80:b6:38:39:b2:b8:0a:89:
23:1c:e8:6e:39:01:da:2c:07:3e:7b:2a:76:73:5e:
ea:c0:4a:a6:22:03:73:15:15:66:27:26:89:20:01:
39:5b:e6:4e:49:f6:59:4e:fa:44:62:f1:49:79:d0:
cb:47:48:7f:c0:9e:c8:52:db:2b:52:b5:5d:55:30:
69:50:1a:56:93:13:f6:fa:95:b6:8e:ea:d5:b7:a6:
67:13:a8:7f:b5:4a:b1:c2:82:e4:5b:58:a5:fd:e6:
bb:38:ac:5a:62:2e:cd:a6:fd:43:d5:e6:f3:8a:28:
b2:1f:e1:91:0a:40:40:51:bb:3a:d1:31:bb:63:20:
2a:99:63:84:54:22:90:7e:4f:9b:ac:58:33:c3:21:
bd:84:4f:df:8e:c2:6e:f3:52:9d:dd:91:51:0d:1d:
03:d0:06:96:8d:6b:10:9a:4d:c7:5c:01:17:09:d4:
2e:06:f2:e2:b5:02:84:cc:30:c0:7f:da:ed:c8:fa:
7c:85:f3:ec:85:bf:4e:d1:f7:36:bc:ee:a3:99:92:
22:89:5a:28:1c:ee:1b:a5:ce:3b:89:0b:a3:b5:6f:
3a:b9:af:ea:61:60:02:be:eb:d9:39:35:1c:9a:44:
3f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:AA:73:BB:54:E4:1D:EB:8E:95:5F:4E:5A:B0:4B:73:AD:7C:9A:69
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/O6pzu1TkHeuOlV9OWrBLc618mmk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
10:6b:99:fa:8e:6f:77:ad:9f:d3:39:21:27:c2:48:08:29:63:
7f:8e:62:36:b1:87:67:ce:ed:0c:87:0b:c9:81:79:84:48:58:
fa:97:df:b6:0d:eb:2c:20:e9:69:de:e6:76:da:44:e0:bc:ac:
e5:45:e7:53:62:ce:c2:b5:fa:fd:8b:c2:bb:a9:e3:a4:fb:b5:
df:4a:d8:21:c6:90:f5:14:8d:7b:17:bb:ba:b1:3b:5d:e0:a0:
d9:31:55:3e:f9:5f:50:66:22:79:86:6e:52:f7:92:b4:ef:62:
24:d5:14:75:49:f5:c6:1b:21:30:b7:30:b8:fb:3b:7a:22:26:
73:c4:01:f9:82:46:b7:a4:b0:37:a7:9c:f3:b6:12:16:54:4d:
57:c8:11:f1:3f:2f:2e:47:4e:1c:ed:29:ec:15:1f:4b:48:60:
f2:6b:7b:e4:17:d1:d4:bc:4a:ce:dc:60:e4:d2:a0:77:dd:a4:
df:cb:bc:7d:08:27:50:2b:13:f6:09:b2:87:67:ee:44:18:d7:
1d:c8:d8:19:03:02:85:10:39:85:5c:60:c4:e4:ff:4e:da:aa:
ab:a3:df:c9:c7:cf:b1:ad:49:8b:0a:74:ac:4a:c2:15:fa:6c:
20:eb:9d:6a:f2:74:1c:32:3b:63:d1:cd:0b:16:5c:b2:56:46:
97:b7:ce:87
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
MTUyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNCQUE3M0JCNTRFNDFE
RUI4RTk1NUY0RTVBQjA0QjczQUQ3QzlBNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3AxVe2lJLbYvMoW7iE249mudsO7GAtjg5srgKiSMc6G45Ados
Bz57KnZzXurASqYiA3MVFWYnJokgATlb5k5J9llO+kRi8Ul50MtHSH/AnshS2ytS
tV1VMGlQGlaTE/b6lbaO6tW3pmcTqH+1SrHCguRbWKX95rs4rFpiLs2m/UPV5vOK
KLIf4ZEKQEBRuzrRMbtjICqZY4RUIpB+T5usWDPDIb2ET9+Owm7zUp3dkVENHQPQ
BpaNaxCaTcdcARcJ1C4G8uK1AoTMMMB/2u3I+nyF8+yFv07R9za87qOZkiKJWigc
7hulzjuJC6O1bzq5r+phYAK+69k5NRyaRD+pAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUO6pzu1TkHeuOlV9OWrBLc618mmkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L082cHp1MVRrSGV1T2xW
OU9XckJMYzYxOG1tay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAEGuZ+o5vd62f0zkhJ8JICCljf45iNrGH
Z87tDIcLyYF5hEhY+pfftg3rLCDpad7mdtpE4Lys5UXnU2LOwrX6/YvCu6njpPu1
30rYIcaQ9RSNexe7urE7XeCg2TFVPvlfUGYieYZuUveStO9iJNUUdUn1xhshMLcw
uPs7eiImc8QB+YJGt6SwN6ec87YSFlRNV8gR8T8vLkdOHO0p7BUfS0hg8mt75BfR
1LxKztxg5NKgd92k38u8fQgnUCsT9gmyh2fuRBjXHcjYGQMChRA5hVxgxOT/Ttqq
q6PfycfPsa1Jiwp0rErCFfpsIOudavJ0HDI7Y9HNCxZcslZGl7fOhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:22 2024 by rpki-client on console-fra.rpki-client.org