Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/PQcZax9zG4w8l4CvWpz56w9S6ig.roa
File: PQcZax9zG4w8l4CvWpz56w9S6ig.roa (raw, json)
Hash identifier: qTYd9CxO7wuBxu69VpeOo0aV/zGz05h5kzEtHCrHwus=
Subject key identifier: 3D:07:19:6B:1F:73:1B:8C:3C:97:80:AF:5A:9C:F9:EB:0F:52:EA:28
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4EFA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PQcZax9zG4w8l4CvWpz56w9S6ig.roa
Signing time: Fri 03 May 2024 21:23:49 +0000
ROA not before: Fri 03 May 2024 21:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20218 (0x4efa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 21:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3D07196B1F731B8C3C9780AF5A9CF9EB0F52EA28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:bd:d9:e4:e8:8e:5e:19:a0:c1:1c:85:90:a3:
96:e5:b1:6a:7c:87:95:41:8e:c4:51:e4:2f:e6:73:
70:8b:6e:70:d2:62:be:b3:16:e9:36:9a:e6:8b:a9:
b6:2b:c9:a3:5d:a5:ba:7c:43:61:f9:62:b2:47:76:
54:f4:a8:b8:91:5c:d5:85:9d:f6:fc:b7:95:95:d4:
ba:d8:1e:02:ee:eb:e9:53:7a:02:b2:dd:be:d0:a9:
12:c4:d5:cc:57:e0:f9:cf:cc:eb:d6:7b:79:e4:12:
2e:4f:20:00:d3:21:f2:97:2f:4d:e8:af:de:ce:4c:
5d:33:96:97:26:f7:d2:28:c1:0b:79:f4:6f:cb:3a:
94:c5:37:e2:9c:8f:c1:a5:80:8d:c3:29:dd:5c:80:
8e:9b:4e:e9:e6:8b:48:49:a9:c6:d7:6c:a1:12:4b:
07:3d:64:71:0d:12:8e:58:69:82:3a:46:c1:f4:2d:
71:19:b6:32:fb:3d:2b:90:ed:cd:3c:20:80:65:8d:
93:a5:d2:ae:9e:09:ba:dc:fa:56:2b:0c:c6:21:e7:
f2:e2:ce:73:60:c8:af:81:0b:00:a8:2d:45:3d:44:
73:61:97:c3:ea:78:74:0d:77:43:a2:2f:36:9d:89:
09:19:fe:2f:93:e8:e3:d2:e3:6c:72:ac:04:26:93:
88:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:07:19:6B:1F:73:1B:8C:3C:97:80:AF:5A:9C:F9:EB:0F:52:EA:28
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PQcZax9zG4w8l4CvWpz56w9S6ig.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:c6:3d:5b:c6:6b:fa:07:f7:33:a3:2c:f4:af:b5:12:b4:7f:
27:6f:30:44:45:df:2a:63:4e:52:78:ef:53:cf:8b:6a:2e:8c:
17:00:23:50:41:05:1a:ac:9c:ad:65:1e:63:ba:c5:9f:a2:24:
16:29:c5:06:4e:67:4d:65:5c:29:6b:cd:01:34:40:4c:e8:32:
61:2a:6c:90:6c:3b:df:92:82:7a:ae:9a:0c:cb:92:e9:d9:b5:
c6:61:94:fd:52:0c:9a:dc:d4:7b:60:2c:3f:4c:97:92:61:a6:
a6:28:e8:49:e2:d5:ff:2a:d2:80:6b:97:5e:5c:f2:65:61:20:
ed:89:6a:c7:7b:e6:c6:33:95:a2:93:22:98:3b:4f:1d:33:b6:
09:d5:e6:51:a5:70:de:cc:a6:af:0a:0e:1f:40:a1:d4:3e:06:
9d:29:f3:73:2d:ed:b9:87:bf:c9:d5:07:0f:0a:6d:01:8d:5c:
66:67:69:b5:7a:aa:fc:9f:7a:ee:21:e6:ba:9c:4d:09:3a:0e:
59:15:a5:16:e8:40:03:66:54:42:8a:65:a7:e1:b2:ba:16:3d:
c2:73:f1:2c:34:ca:b9:08:e0:f6:ca:0e:08:08:7e:bf:81:86:
5a:d0:85:64:a9:be:24:a1:04:38:54:17:79:6d:a8:6e:7e:1c:
5c:05:c3:5e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTvowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMy
MTIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNEMDcxOTZCMUY3MzFC
OEMzQzk3ODBBRjVBOUNGOUVCMEY1MkVBMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKvdnk6I5eGaDBHIWQo5blsWp8h5VBjsRR5C/mc3CLbnDSYr6z
Fuk2muaLqbYryaNdpbp8Q2H5YrJHdlT0qLiRXNWFnfb8t5WV1LrYHgLu6+lTegKy
3b7QqRLE1cxX4PnPzOvWe3nkEi5PIADTIfKXL03or97OTF0zlpcm99IowQt59G/L
OpTFN+Kcj8GlgI3DKd1cgI6bTunmi0hJqcbXbKESSwc9ZHENEo5YaYI6RsH0LXEZ
tjL7PSuQ7c08IIBljZOl0q6eCbrc+lYrDMYh5/LiznNgyK+BCwCoLUU9RHNhl8Pq
eHQNd0OiLzadiQkZ/i+T6OPS42xyrAQmk4jpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPQcZax9zG4w8l4CvWpz56w9S6igwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1BRY1pheDl6RzR3OGw0
Q3ZXcHo1Nnc5UzZpZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAUcY9W8Zr+gf3M6Ms9K+1ErR/J28wREXf
KmNOUnjvU8+Lai6MFwAjUEEFGqycrWUeY7rFn6IkFinFBk5nTWVcKWvNATRATOgy
YSpskGw735KCeq6aDMuS6dm1xmGU/VIMmtzUe2AsP0yXkmGmpijoSeLV/yrSgGuX
XlzyZWEg7Ylqx3vmxjOVopMimDtPHTO2CdXmUaVw3symrwoOH0Ch1D4GnSnzcy3t
uYe/ydUHDwptAY1cZmdptXqq/J967iHmupxNCToOWRWlFuhAA2ZUQoplp+GyuhY9
wnPxLDTKuQjg9soOCAh+v4GGWtCFZKm+JKEEOFQXeW2obn4cXAXDXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:23 2024 by rpki-client on console-fra.rpki-client.org