Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/PhRZZlKJl9sbN_0anoYSm00y-Xs.roa
File: PhRZZlKJl9sbN_0anoYSm00y-Xs.roa (raw, json)
Hash identifier: XrX/D+gt4HaPJzeWWIcJ12P+D42jIPyodRN+F1UmW7k=
Subject key identifier: 3E:14:59:66:52:89:97:DB:1B:37:FD:1A:9E:86:12:9B:4D:32:F9:7B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44F6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PhRZZlKJl9sbN_0anoYSm00y-Xs.roa
Signing time: Sat 20 Apr 2024 12:53:12 +0000
ROA not before: Sat 20 Apr 2024 12:53:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17654 (0x44f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 12:53:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3E145966528997DB1B37FD1A9E86129B4D32F97B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e2:ef:42:b8:2d:5c:4e:bc:53:a0:ab:c3:76:
c7:b6:ff:74:b1:61:04:32:4c:19:e1:80:c0:02:5c:
7c:26:e3:89:93:1d:e1:a3:39:b2:b2:40:7c:4e:98:
5b:76:e1:68:f4:0d:6e:98:c2:6b:ed:a5:46:c8:25:
06:58:85:16:5c:09:89:09:60:7f:87:75:f3:1d:66:
aa:ec:b2:aa:36:f7:fc:f0:99:cf:47:3d:5c:a6:93:
3a:6b:c6:60:40:17:43:fd:0d:ed:aa:b5:de:a4:2f:
35:28:2a:23:da:e8:ca:02:5b:2b:fe:88:05:70:cf:
93:f4:09:8a:b4:f8:94:82:97:45:18:96:40:9b:9f:
6e:57:c7:3f:42:5c:e1:54:40:b2:bb:fb:50:fc:d2:
33:58:b6:8d:fe:23:a5:35:e8:4e:65:45:95:ad:d5:
2f:4a:1a:ce:24:cd:84:11:8c:44:23:24:02:4a:d9:
4b:81:aa:a4:3b:cf:4e:a4:c6:2a:ca:4d:b0:09:10:
3b:8b:38:6d:bf:a3:7a:ab:b6:ff:f0:4c:33:22:e4:
4b:8a:ed:f4:2e:d8:ee:0f:cf:fb:61:9b:ce:56:5a:
15:36:72:bb:9d:23:e6:40:75:8b:66:7d:c0:c3:4f:
32:ff:61:b5:ba:d8:60:dd:1c:9d:47:21:e9:5c:b3:
54:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:14:59:66:52:89:97:DB:1B:37:FD:1A:9E:86:12:9B:4D:32:F9:7B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PhRZZlKJl9sbN_0anoYSm00y-Xs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:b7:6c:f0:af:3b:35:e6:51:d4:52:28:fc:33:9f:bb:a9:70:
5a:c8:b6:33:71:08:90:cf:20:bb:a5:1a:ec:cb:2a:20:5a:6a:
54:bb:d4:86:bc:b5:81:e0:97:04:aa:b6:68:b0:89:15:4d:3c:
c4:4c:eb:0d:89:a6:ad:16:a6:ba:c2:53:12:2a:9e:01:89:6d:
8a:e3:08:68:93:4d:ed:bf:11:2e:11:9d:38:42:30:73:75:d8:
2d:c2:11:7d:33:86:0b:6b:e7:29:37:1e:3b:80:e1:40:09:45:
e3:11:c6:2a:a9:13:49:65:8f:4c:53:d7:d4:c8:81:98:6d:52:
ac:df:8c:2a:63:c6:7d:79:3c:ba:d8:46:08:4b:76:22:50:6f:
fc:1c:a5:d8:99:0e:4f:23:8b:de:77:73:58:1c:4c:9e:6a:25:
44:8f:47:e3:0a:c4:58:44:ec:fd:fd:f1:d0:d6:1d:db:0f:4a:
f4:2b:7a:4c:b9:dd:05:a7:90:83:ab:63:82:fd:14:d1:91:0e:
c8:33:8d:1b:03:bc:3a:45:1d:05:ce:e5:54:f7:5a:ec:c3:0d:
b3:62:92:57:ae:36:c2:34:30:d2:54:3e:88:e2:cd:8a:0b:b7:
61:a6:8e:30:16:ad:5c:f4:87:5f:c4:2c:e8:f1:2a:21:4a:1f:
d3:69:99:a5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRPYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
MjUzMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNFMTQ1OTY2NTI4OTk3
REIxQjM3RkQxQTlFODYxMjlCNEQzMkY5N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy4u9CuC1cTrxToKvDdse2/3SxYQQyTBnhgMACXHwm44mTHeGj
ObKyQHxOmFt24Wj0DW6YwmvtpUbIJQZYhRZcCYkJYH+HdfMdZqrssqo29/zwmc9H
PVymkzprxmBAF0P9De2qtd6kLzUoKiPa6MoCWyv+iAVwz5P0CYq0+JSCl0UYlkCb
n25Xxz9CXOFUQLK7+1D80jNYto3+I6U16E5lRZWt1S9KGs4kzYQRjEQjJAJK2UuB
qqQ7z06kxirKTbAJEDuLOG2/o3qrtv/wTDMi5EuK7fQu2O4Pz/thm85WWhU2crud
I+ZAdYtmfcDDTzL/YbW62GDdHJ1HIelcs1S3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPhRZZlKJl9sbN/0anoYSm00y+XswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1BoUlpabEtKbDlzYk5f
MGFub1lTbTAweS1Ycy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAdLds8K87NeZR1FIo/DOfu6lwWsi2M3EI
kM8gu6Ua7MsqIFpqVLvUhry1geCXBKq2aLCJFU08xEzrDYmmrRamusJTEiqeAYlt
iuMIaJNN7b8RLhGdOEIwc3XYLcIRfTOGC2vnKTceO4DhQAlF4xHGKqkTSWWPTFPX
1MiBmG1SrN+MKmPGfXk8uthGCEt2IlBv/Byl2JkOTyOL3ndzWBxMnmolRI9H4wrE
WETs/f3x0NYd2w9K9Ct6TLndBaeQg6tjgv0U0ZEOyDONGwO8OkUdBc7lVPda7MMN
s2KSV642wjQw0lQ+iOLNigu3YaaOMBatXPSHX8Qs6PEqIUof02mZpQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:24 2024 by rpki-client on console-fra.rpki-client.org