Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QyZz33Onz820Z6tMdLylI1CTe1U.roa
File: QyZz33Onz820Z6tMdLylI1CTe1U.roa (raw, json)
Hash identifier: qNSNBmopKEN8y8I6iJnXHZlQLbC79Gi4z10JNbPMnKM=
Subject key identifier: 43:26:73:DF:73:A7:CF:CD:B4:67:AB:4C:74:BC:A5:23:50:93:7B:55
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37E2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QyZz33Onz820Z6tMdLylI1CTe1U.roa
Signing time: Wed 03 Apr 2024 02:22:17 +0000
ROA not before: Wed 03 Apr 2024 02:22:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14306 (0x37e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 02:22:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=432673DF73A7CFCDB467AB4C74BCA52350937B55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b4:bd:ac:df:db:07:b3:14:c7:97:c2:fc:1c:
81:da:ea:4e:be:05:fc:c7:be:cd:cc:53:8c:96:35:
95:b2:ea:a7:aa:f3:7b:5d:3b:23:84:01:81:82:94:
2d:e8:ab:82:86:0a:f6:a7:cf:7e:33:7e:45:6f:04:
85:38:f3:1b:4d:9e:08:03:63:0a:ae:47:20:20:a6:
13:7d:93:93:41:91:3b:4d:de:21:24:89:6b:90:dd:
a3:d0:89:90:c1:7f:2e:70:79:0e:b0:bc:be:3e:84:
bb:dd:1f:73:35:f0:00:0f:e0:45:73:6c:f7:8f:c6:
a9:3c:47:da:b1:bf:86:5b:17:64:81:da:64:51:a3:
e2:42:63:5c:46:11:a9:f6:19:ac:ea:96:bd:81:67:
47:3e:92:7a:ac:f1:97:a6:e3:e0:34:c6:2f:0b:bb:
91:a5:f8:9a:0c:5e:71:45:91:01:ca:46:33:b6:3b:
cf:08:dc:1f:14:72:98:bc:bb:7b:d8:f7:82:63:98:
0c:52:66:56:1a:51:75:89:d9:0a:1d:93:bc:e7:d1:
cb:7f:13:6f:55:78:4f:ec:a5:ba:13:af:31:93:31:
e6:c9:ae:e0:bf:3c:04:fa:26:81:52:e4:37:69:52:
6e:e5:e8:9b:0a:c5:ea:4f:3c:e4:99:4e:21:c1:40:
f5:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:26:73:DF:73:A7:CF:CD:B4:67:AB:4C:74:BC:A5:23:50:93:7B:55
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QyZz33Onz820Z6tMdLylI1CTe1U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:d0:4e:71:f2:cd:dc:8b:ec:53:16:71:1a:ba:65:f2:18:13:
10:f1:0f:a1:00:71:85:1c:16:40:b0:b3:b3:1e:46:5a:0a:1e:
57:df:d4:b2:cf:37:06:9a:4c:fc:9c:0b:16:4b:b3:42:7a:17:
d1:69:e5:bf:08:ba:7a:6b:8d:bc:14:80:01:32:92:2e:88:0b:
b9:57:23:05:92:78:5a:ac:3f:c7:1d:06:85:01:6d:87:13:ef:
fa:72:00:39:92:2f:da:f9:2b:d6:3e:6c:7f:66:ea:a7:6e:ca:
64:f6:f9:14:49:82:66:1e:d5:3b:c8:64:97:20:4b:76:a4:33:
d3:d4:6c:45:71:c5:d9:e5:f0:98:71:72:12:2e:35:d5:04:d8:
29:c9:01:76:e9:fd:a2:79:39:af:0b:a8:a5:87:d8:b8:e5:ae:
66:21:1d:58:86:2b:10:be:8a:66:4f:70:15:60:8b:b1:57:d1:
94:9b:70:b2:52:76:73:dd:3a:72:91:88:04:40:17:e8:97:7a:
b2:5c:a0:5d:2b:ef:5f:4b:e4:3c:34:7c:08:b0:d0:f6:0b:78:
ac:5f:12:81:e3:36:60:3d:56:c9:e8:4a:7f:b2:95:e5:55:b8:
42:9a:7a:23:44:42:97:3f:9b:fd:53:20:5d:2b:f5:35:a7:8f:
65:05:f2:88
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICN+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
MjIyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQzMjY3M0RGNzNBN0NG
Q0RCNDY3QUI0Qzc0QkNBNTIzNTA5MzdCNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbtL2s39sHsxTHl8L8HIHa6k6+BfzHvs3MU4yWNZWy6qeq83td
OyOEAYGClC3oq4KGCvanz34zfkVvBIU48xtNnggDYwquRyAgphN9k5NBkTtN3iEk
iWuQ3aPQiZDBfy5weQ6wvL4+hLvdH3M18AAP4EVzbPePxqk8R9qxv4ZbF2SB2mRR
o+JCY1xGEan2Gazqlr2BZ0c+knqs8Zem4+A0xi8Lu5Gl+JoMXnFFkQHKRjO2O88I
3B8Ucpi8u3vY94JjmAxSZlYaUXWJ2Qodk7zn0ct/E29VeE/spboTrzGTMebJruC/
PAT6JoFS5DdpUm7l6JsKxepPPOSZTiHBQPUdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQyZz33Onz820Z6tMdLylI1CTe1UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1F5WnozM09uejgyMFo2
dE1kTHlsSTFDVGUxVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEALNBOcfLN3IvsUxZxGrpl8hgTEPEPoQBx
hRwWQLCzsx5GWgoeV9/Uss83BppM/JwLFkuzQnoX0Wnlvwi6emuNvBSAATKSLogL
uVcjBZJ4Wqw/xx0GhQFthxPv+nIAOZIv2vkr1j5sf2bqp27KZPb5FEmCZh7VO8hk
lyBLdqQz09RsRXHF2eXwmHFyEi411QTYKckBdun9onk5rwuopYfYuOWuZiEdWIYr
EL6KZk9wFWCLsVfRlJtwslJ2c906cpGIBEAX6Jd6slygXSvvX0vkPDR8CLDQ9gt4
rF8SgeM2YD1WyehKf7KV5VW4Qpp6I0RClz+b/VMgXSv1NaePZQXyiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:25 2024 by rpki-client on console-fra.rpki-client.org