Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/PEFJYcys6DE2_atw7-cogMlOd2Q.roa
File: PEFJYcys6DE2_atw7-cogMlOd2Q.roa (raw, json)
Hash identifier: DppejDbgt2DtyjPwGxXldbO5bq6WH2Dn7AxF4jyTEpI=
Subject key identifier: 3C:41:49:61:CC:AC:E8:31:36:FD:AB:70:EF:E7:28:80:C9:4E:77:64
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A96
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PEFJYcys6DE2_atw7-cogMlOd2Q.roa
Signing time: Sat 06 Apr 2024 16:52:33 +0000
ROA not before: Sat 06 Apr 2024 16:52:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14998 (0x3a96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 16:52:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3C414961CCACE83136FDAB70EFE72880C94E7764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:16:2d:6c:64:89:dc:37:69:ed:03:16:1a:bd:
f9:57:c5:9d:74:e0:14:49:b2:77:90:56:b1:64:99:
55:29:78:19:27:bc:56:5c:a5:7e:ab:39:2f:36:41:
d1:e2:6c:a4:14:0b:d1:39:fa:b2:c0:88:bc:74:35:
2b:be:b1:81:30:96:20:a2:a7:40:39:ae:c8:96:db:
1d:c0:db:f6:df:e1:d1:dc:fa:b0:e6:9c:59:e9:7b:
e3:29:9a:81:cd:a7:ce:a7:26:66:54:d8:14:d6:3b:
39:3e:c7:99:90:5d:0f:ea:3c:fb:a1:00:21:a2:6d:
5c:34:ce:70:c6:f5:aa:32:b8:67:e0:97:75:2d:00:
28:91:9f:3b:90:dd:cb:66:c8:92:2e:2e:ad:aa:50:
70:a9:1d:f1:cc:73:d7:0a:f2:64:71:5f:0a:7a:8e:
b4:c5:36:1e:80:84:b6:c5:77:72:75:02:2b:71:e0:
ec:db:f2:8a:c9:ea:ac:5b:f5:a9:e0:9e:2f:73:ee:
58:75:8a:92:d9:ae:6c:6c:45:98:93:f3:70:75:85:
86:55:f8:33:01:7e:6f:7d:bf:2e:21:9b:f9:81:81:
74:a2:97:19:6d:b7:f0:03:56:0f:56:61:c7:5d:35:
15:80:d5:f9:b4:fb:f2:07:cc:3d:ff:e9:d4:dc:50:
27:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:41:49:61:CC:AC:E8:31:36:FD:AB:70:EF:E7:28:80:C9:4E:77:64
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PEFJYcys6DE2_atw7-cogMlOd2Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:28:a6:f2:e2:bb:b7:52:46:2c:6c:da:20:15:c2:d7:00:72:
4a:df:a4:89:40:a8:6e:b4:97:74:54:47:66:7e:f0:b2:9e:7a:
1b:4d:2f:0b:72:53:6e:6a:b9:b2:75:e2:a5:fb:20:54:b6:81:
e1:d6:d4:51:e9:39:3a:c6:85:1d:70:79:40:ea:5c:3f:e6:82:
ad:96:76:53:20:b7:92:f7:25:24:57:f9:30:3c:18:08:ef:30:
25:80:ad:bb:3f:7e:80:63:dc:3b:de:09:1a:48:4d:b1:f6:1f:
83:2b:d1:80:da:f4:5a:fe:09:1e:01:89:0f:00:a7:f6:80:0f:
8c:b6:ac:58:b8:e6:f1:af:fb:4c:48:24:4f:1b:64:4e:77:02:
53:12:7f:b7:0b:d2:81:db:ba:eb:a6:5d:70:e3:07:83:f3:33:
4d:d7:30:ea:73:78:16:9b:37:c7:96:45:20:a8:18:c5:2f:f0:
6b:58:43:cc:18:c6:ab:75:ca:70:87:c7:71:5a:6f:6e:48:9c:
ab:25:59:d1:49:df:de:67:c0:8d:23:c1:e0:74:f0:f3:f5:a4:
f2:ea:49:41:77:62:80:90:16:22:55:c0:88:52:f1:5e:d9:79:
45:57:e5:4d:2c:e1:19:18:9f:20:59:cc:53:a6:28:22:6b:d1:
76:02:7b:db
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOpYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYx
NjUyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNDNDE0OTYxQ0NBQ0U4
MzEzNkZEQUI3MEVGRTcyODgwQzk0RTc3NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3Fi1sZIncN2ntAxYavflXxZ104BRJsneQVrFkmVUpeBknvFZc
pX6rOS82QdHibKQUC9E5+rLAiLx0NSu+sYEwliCip0A5rsiW2x3A2/bf4dHc+rDm
nFnpe+MpmoHNp86nJmZU2BTWOzk+x5mQXQ/qPPuhACGibVw0znDG9aoyuGfgl3Ut
ACiRnzuQ3ctmyJIuLq2qUHCpHfHMc9cK8mRxXwp6jrTFNh6AhLbFd3J1Aitx4Ozb
8orJ6qxb9angni9z7lh1ipLZrmxsRZiT83B1hYZV+DMBfm99vy4hm/mBgXSilxlt
t/ADVg9WYcddNRWA1fm0+/IHzD3/6dTcUCelAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPEFJYcys6DE2/atw7+cogMlOd2QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1BFRkpZY3lzNkRFMl9h
dHc3LWNvZ01sT2QyUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAryim8uK7t1JGLGzaIBXC1wBySt+kiUCo
brSXdFRHZn7wsp56G00vC3JTbmq5snXipfsgVLaB4dbUUek5OsaFHXB5QOpcP+aC
rZZ2UyC3kvclJFf5MDwYCO8wJYCtuz9+gGPcO94JGkhNsfYfgyvRgNr0Wv4JHgGJ
DwCn9oAPjLasWLjm8a/7TEgkTxtkTncCUxJ/twvSgdu666ZdcOMHg/MzTdcw6nN4
Fps3x5ZFIKgYxS/wa1hDzBjGq3XKcIfHcVpvbkicqyVZ0Unf3mfAjSPB4HTw8/Wk
8upJQXdigJAWIlXAiFLxXtl5RVflTSzhGRifIFnMU6YoImvRdgJ72w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:23 2024 by rpki-client on console-fra.rpki-client.org