Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QczVhvDRS0lJAPUwexn7XxuVGPc.roa
File: QczVhvDRS0lJAPUwexn7XxuVGPc.roa (raw, json)
Hash identifier: Idb165k+ec3DOBGje9XDpolHrFCporiI2jFeDxIBnGg=
Subject key identifier: 41:CC:D5:86:F0:D1:4B:49:49:00:F5:30:7B:19:FB:5F:1B:95:18:F7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56E6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QczVhvDRS0lJAPUwexn7XxuVGPc.roa
Signing time: Tue 14 May 2024 10:54:09 +0000
ROA not before: Tue 14 May 2024 10:54:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22246 (0x56e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 10:54:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=41CCD586F0D14B494900F5307B19FB5F1B9518F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:f8:ff:62:8a:62:b1:1e:14:7d:30:35:4a:b9:
6a:2f:cf:b7:36:e3:6c:ce:20:0a:ce:04:5b:a4:ec:
d3:63:76:5c:aa:07:4e:46:cd:fe:57:5e:fe:b9:1f:
da:4a:09:71:76:3c:6d:f7:9c:3b:b7:4b:ca:bc:db:
4e:a3:0e:cf:89:2b:a9:a4:27:06:2c:a2:fa:42:be:
c7:a6:36:4d:7d:9a:93:2e:31:1e:3f:b5:61:50:d8:
bc:da:a0:3f:db:9a:a5:00:3e:1d:6c:c3:49:63:16:
cc:70:0d:f4:13:03:9c:44:1b:f3:c7:b3:bc:f8:0d:
3e:f3:3a:65:c6:ae:21:9d:6f:b8:61:29:2d:29:b9:
b8:9c:ef:a1:36:47:3d:57:f6:5a:d5:cc:fa:e2:36:
8a:df:ef:2a:64:64:6e:cb:9a:fa:d1:f1:d3:97:73:
03:ed:54:1e:a4:90:5f:2b:14:83:27:91:8b:d8:df:
46:c4:e4:62:ce:1e:e9:40:59:36:30:9d:30:97:77:
a4:57:06:18:ad:24:6f:2e:4d:bf:bc:de:7b:e7:a6:
5d:2f:09:36:c6:c7:48:8d:e2:31:73:d2:24:60:e2:
0a:88:a5:3d:59:f5:07:49:7b:18:69:84:1c:57:ec:
93:03:a9:fb:52:38:35:c3:9d:d8:5a:c9:fe:3b:99:
3c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CC:D5:86:F0:D1:4B:49:49:00:F5:30:7B:19:FB:5F:1B:95:18:F7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QczVhvDRS0lJAPUwexn7XxuVGPc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:00:39:e8:b0:d8:08:56:18:06:53:63:f1:a3:78:31:46:62:
61:46:43:48:50:a2:50:6f:a5:ea:0f:6e:7c:5d:f6:40:ff:3f:
3d:14:65:71:00:59:72:ca:03:55:5f:3b:93:fe:49:1b:29:8b:
56:0c:f6:2f:ef:cc:12:41:7e:0e:c4:7f:a7:a3:40:ff:d8:5f:
62:1c:33:93:12:30:ba:f1:6d:d8:38:e1:b9:4f:77:8d:0d:f4:
91:db:fa:e0:17:43:da:7a:77:97:c0:d1:13:e6:72:1d:50:8e:
9b:f5:3c:ea:4c:2a:0b:84:cd:63:b4:50:c2:d4:89:07:c5:83:
82:58:99:dc:3f:d8:de:d5:8b:4d:0a:1f:b0:e0:fc:98:00:dc:
c5:9c:ea:1c:f7:9e:ff:68:aa:21:7e:7d:d3:0b:88:97:e2:66:
95:5c:f2:48:50:6c:10:26:ec:b4:eb:e2:93:aa:80:e7:65:5b:
20:58:ca:8f:df:c5:73:37:10:5f:6b:3c:57:69:e8:61:07:93:
c5:d9:be:68:bb:8a:7d:31:9c:a9:7c:f2:7c:07:2d:c9:64:1e:
de:9b:65:d3:8b:7f:05:5b:57:37:95:4e:62:9e:24:49:28:03:
13:5b:5c:f7:a2:ad:67:ca:c3:3d:0d:ce:43:b3:ca:6a:ef:7a:
9e:84:fe:44
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVuYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQx
MDU0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxQ0NENTg2RjBEMTRC
NDk0OTAwRjUzMDdCMTlGQjVGMUI5NTE4RjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDy+P9iimKxHhR9MDVKuWovz7c242zOIArOBFuk7NNjdlyqB05G
zf5XXv65H9pKCXF2PG33nDu3S8q8206jDs+JK6mkJwYsovpCvsemNk19mpMuMR4/
tWFQ2LzaoD/bmqUAPh1sw0ljFsxwDfQTA5xEG/PHs7z4DT7zOmXGriGdb7hhKS0p
ubic76E2Rz1X9lrVzPriNorf7ypkZG7LmvrR8dOXcwPtVB6kkF8rFIMnkYvY30bE
5GLOHulAWTYwnTCXd6RXBhitJG8uTb+83nvnpl0vCTbGx0iN4jFz0iRg4gqIpT1Z
9QdJexhphBxX7JMDqftSODXDndhayf47mTxnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQczVhvDRS0lJAPUwexn7XxuVGPcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FjelZodkRSUzBsSkFQ
VXdleG43WHh1VkdQYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEASgA56LDYCFYYBlNj8aN4MUZiYUZDSFCi
UG+l6g9ufF32QP8/PRRlcQBZcsoDVV87k/5JGymLVgz2L+/MEkF+DsR/p6NA/9hf
YhwzkxIwuvFt2DjhuU93jQ30kdv64BdD2np3l8DRE+ZyHVCOm/U86kwqC4TNY7RQ
wtSJB8WDgliZ3D/Y3tWLTQofsOD8mADcxZzqHPee/2iqIX590wuIl+JmlVzySFBs
ECbstOvik6qA52VbIFjKj9/FczcQX2s8V2noYQeTxdm+aLuKfTGcqXzyfActyWQe
3ptl04t/BVtXN5VOYp4kSSgDE1tc96KtZ8rDPQ3OQ7PKau96noT+RA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:24 2024 by rpki-client on console-fra.rpki-client.org