Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QtB4BoTxuAhWyGTEyyLlxCPrnME.roa
File: QtB4BoTxuAhWyGTEyyLlxCPrnME.roa (raw, json)
Hash identifier: H/zhSLJKnkN+pQLzND/vQGo3SDg5IK5eFlgOM1sk/SQ=
Subject key identifier: 42:D0:78:06:84:F1:B8:08:56:C8:64:C4:CB:22:E5:C4:23:EB:9C:C1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4786
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QtB4BoTxuAhWyGTEyyLlxCPrnME.roa
Signing time: Tue 23 Apr 2024 22:53:12 +0000
ROA not before: Tue 23 Apr 2024 22:53:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18310 (0x4786)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 23 22:53:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=42D0780684F1B80856C864C4CB22E5C423EB9CC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:98:a7:c4:99:4e:f8:c6:f3:ae:9e:83:19:ad:
a4:96:52:46:ca:79:8e:c8:72:32:e1:9b:de:98:58:
cb:84:fc:f2:bc:cc:3a:5f:fd:ca:94:39:1c:c2:06:
c5:b7:94:22:72:a4:c7:d0:61:16:fd:79:78:bc:b5:
cb:d8:0d:f1:54:9a:5d:f2:6d:32:cd:5a:05:be:f1:
96:f7:c6:2c:14:31:78:35:2d:f0:78:e9:d3:f7:74:
b7:19:90:6e:b4:bd:3d:05:dd:d6:41:41:b3:3c:59:
6b:09:06:67:05:a1:67:23:2f:38:3c:2c:97:9a:b0:
0a:00:89:64:42:89:23:eb:fb:10:ce:8b:a0:ae:75:
7d:7f:fb:3f:6b:bb:fd:5e:ad:db:4f:37:58:0e:6d:
ab:74:25:23:23:af:a8:61:b9:36:e4:d4:d2:54:f1:
2a:a2:24:8b:57:56:86:fd:a3:62:c6:7d:39:62:82:
93:fb:86:d0:82:32:4e:8c:fc:ce:0a:42:f8:cd:c8:
40:b8:bc:6c:1c:91:33:b4:da:d9:ca:eb:02:2c:9f:
8b:86:a8:9e:b8:28:95:59:2b:ab:66:78:cf:57:f8:
df:00:7c:4b:dd:11:80:47:58:fc:fe:9a:aa:96:ce:
cc:29:86:05:d2:df:e1:8c:5a:20:71:df:48:87:78:
24:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D0:78:06:84:F1:B8:08:56:C8:64:C4:CB:22:E5:C4:23:EB:9C:C1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QtB4BoTxuAhWyGTEyyLlxCPrnME.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:89:83:47:bb:1b:30:83:eb:dd:41:bc:53:18:b4:ac:a7:32:
f7:28:c8:85:27:49:0f:21:dc:31:9d:8e:4b:89:51:5d:6a:8c:
f2:49:2b:25:20:7e:c9:78:55:74:4c:18:8c:fe:f3:d8:c4:a2:
6a:59:b9:7c:74:93:bc:d2:a9:76:c6:45:32:4b:cc:55:b2:ed:
c4:6e:ab:3c:d7:cf:79:b3:e5:3f:46:b0:30:0d:6c:2a:ec:61:
dc:96:57:dc:8a:98:5e:23:a2:dd:ce:c0:9f:0d:05:fb:6a:10:
d9:fb:26:dc:1d:c6:0e:4c:70:3d:62:2f:87:cd:c6:3c:79:de:
82:02:77:e3:62:be:20:13:19:0f:a3:94:6c:ca:ae:a2:d9:d5:
56:71:7a:64:61:4c:9c:01:32:02:1e:45:f4:2e:72:7a:84:b6:
e1:1d:65:bb:30:a2:93:c2:08:36:5b:0a:3e:91:51:22:de:e7:
f3:7f:7b:78:24:52:46:68:81:0b:36:9e:58:c9:94:fa:0e:8d:
20:c5:c8:4a:cc:67:b0:61:1c:2d:9a:dc:28:6e:28:6a:83:b6:
f4:34:a3:04:17:d1:b5:07:35:ff:ed:ff:4f:f9:38:43:65:b7:
9a:1a:c2:2b:f9:dd:fc:2a:df:d1:1b:0d:9f:b4:08:df:a7:04:
14:20:2d:77
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjMy
MjUzMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQyRDA3ODA2ODRGMUI4
MDg1NkM4NjRDNENCMjJFNUM0MjNFQjlDQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEmKfEmU74xvOunoMZraSWUkbKeY7IcjLhm96YWMuE/PK8zDpf
/cqUORzCBsW3lCJypMfQYRb9eXi8tcvYDfFUml3ybTLNWgW+8Zb3xiwUMXg1LfB4
6dP3dLcZkG60vT0F3dZBQbM8WWsJBmcFoWcjLzg8LJeasAoAiWRCiSPr+xDOi6Cu
dX1/+z9ru/1erdtPN1gObat0JSMjr6hhuTbk1NJU8SqiJItXVob9o2LGfTligpP7
htCCMk6M/M4KQvjNyEC4vGwckTO02tnK6wIsn4uGqJ64KJVZK6tmeM9X+N8AfEvd
EYBHWPz+mqqWzswphgXS3+GMWiBx30iHeCTzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQtB4BoTxuAhWyGTEyyLlxCPrnMEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1F0QjRCb1R4dUFoV3lH
VEV5eUxseENQcm5NRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAh4mDR7sbMIPr3UG8Uxi0rKcy9yjIhSdJ
DyHcMZ2OS4lRXWqM8kkrJSB+yXhVdEwYjP7z2MSialm5fHSTvNKpdsZFMkvMVbLt
xG6rPNfPebPlP0awMA1sKuxh3JZX3IqYXiOi3c7Anw0F+2oQ2fsm3B3GDkxwPWIv
h83GPHneggJ342K+IBMZD6OUbMquotnVVnF6ZGFMnAEyAh5F9C5yeoS24R1luzCi
k8IINlsKPpFRIt7n8397eCRSRmiBCzaeWMmU+g6NIMXISsxnsGEcLZrcKG4oaoO2
9DSjBBfRtQc1/+3/T/k4Q2W3mhrCK/nd/Crf0RsNn7QI36cEFCAtdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:25 2024 by rpki-client on console-fra.rpki-client.org