Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RbMmhkd8JS34hOEsSwS9YC80sIM.roa
File: RbMmhkd8JS34hOEsSwS9YC80sIM.roa (raw, json)
Hash identifier: VyReWbMtkrTxvoMnZaP9IbQeuSOy2cs49C2DHP/gdy8=
Subject key identifier: 45:B3:26:86:47:7C:25:2D:F8:84:E1:2C:4B:04:BD:60:2F:34:B0:83
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4282
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RbMmhkd8JS34hOEsSwS9YC80sIM.roa
Signing time: Wed 17 Apr 2024 06:22:59 +0000
ROA not before: Wed 17 Apr 2024 06:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17026 (0x4282)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 06:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=45B32686477C252DF884E12C4B04BD602F34B083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6a:ee:d8:c2:62:50:8e:46:47:b0:d6:fb:a1:
12:8a:90:64:71:ed:d4:9b:17:a9:79:2c:9e:f7:3f:
88:5e:58:d0:cf:7f:f6:13:c9:89:3e:8c:40:f1:44:
f6:13:de:36:d5:f3:4b:a7:dd:9f:aa:b8:3c:2f:d0:
52:fa:1e:45:1e:ed:fd:6f:cd:d3:ac:25:ff:83:af:
f3:46:88:d6:50:ed:4e:92:4b:84:42:e6:e2:1e:11:
34:09:6a:34:af:45:6a:95:1e:b0:0a:ba:77:70:54:
39:40:c6:25:8f:0e:14:7d:ad:40:81:9e:d1:17:b4:
8c:71:65:8a:dd:a3:3f:74:cf:20:70:10:24:9a:2d:
64:96:c8:65:2b:ef:6a:32:bf:25:f2:60:63:10:37:
b0:59:46:07:9a:bb:57:9e:1d:af:a9:6f:63:fe:f4:
f5:d3:87:6d:e1:31:c4:b5:ea:2b:1d:06:1c:32:b1:
d4:6b:a2:03:55:5d:51:68:f4:46:9f:76:8c:69:dd:
01:a0:05:ec:66:8c:ce:9a:88:ca:23:6e:1c:5b:c0:
d6:41:d1:5a:38:12:63:96:94:14:af:18:c1:9d:ec:
f8:4e:68:fc:7e:cb:ba:af:42:57:5f:fe:7a:4c:cd:
7b:41:2a:01:be:3e:54:10:0b:aa:69:76:06:ac:f6:
84:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B3:26:86:47:7C:25:2D:F8:84:E1:2C:4B:04:BD:60:2F:34:B0:83
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RbMmhkd8JS34hOEsSwS9YC80sIM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:2a:b2:16:92:2e:7e:4c:a5:a6:ab:09:fd:16:5a:55:b7:33:
bd:82:af:60:c5:97:1e:62:17:0b:e7:ca:52:49:49:b3:a7:9c:
a6:15:c5:e4:42:3c:45:8d:fa:c0:b1:80:85:fb:12:db:41:01:
b1:f4:94:b7:14:82:d3:68:9d:5d:38:3e:29:7b:a8:e4:97:8f:
e3:5d:88:2c:b6:09:99:ba:5f:ea:79:0c:51:4a:f4:3e:c8:53:
58:fb:93:2d:8b:8a:b8:62:1a:dd:92:1a:06:d9:66:58:12:49:
da:2e:b1:d2:d6:82:e2:4d:a0:f0:2e:ce:6c:4a:39:b4:e0:4d:
8d:f2:68:20:6a:1e:a1:48:99:ad:6f:8e:1d:d6:31:70:5e:a3:
af:3d:ac:fa:7b:c2:f5:12:4c:02:c2:5a:c4:f1:45:06:06:77:
f1:4e:88:bb:ce:e4:60:3f:e0:9d:92:ed:3d:d2:d4:91:49:23:
dd:8b:2c:40:56:b7:b8:3d:b7:d1:55:2b:27:ad:95:a8:d9:3d:
4d:8e:54:dd:ef:4e:b6:da:11:a4:3f:40:06:00:ca:6e:2d:cd:
96:86:4d:6a:63:e1:3d:71:6f:57:83:ba:68:11:9b:23:55:d1:
95:13:98:53:d2:6a:e1:fb:9d:0a:c9:7f:d6:30:1d:44:21:9c:
d5:3f:de:69
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQoIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
NjIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ1QjMyNjg2NDc3QzI1
MkRGODg0RTEyQzRCMDRCRDYwMkYzNEIwODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3au7YwmJQjkZHsNb7oRKKkGRx7dSbF6l5LJ73P4heWNDPf/YT
yYk+jEDxRPYT3jbV80un3Z+quDwv0FL6HkUe7f1vzdOsJf+Dr/NGiNZQ7U6SS4RC
5uIeETQJajSvRWqVHrAKundwVDlAxiWPDhR9rUCBntEXtIxxZYrdoz90zyBwECSa
LWSWyGUr72oyvyXyYGMQN7BZRgeau1eeHa+pb2P+9PXTh23hMcS16isdBhwysdRr
ogNVXVFo9Eafdoxp3QGgBexmjM6aiMojbhxbwNZB0Vo4EmOWlBSvGMGd7PhOaPx+
y7qvQldf/npMzXtBKgG+PlQQC6ppdgas9oQVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQURbMmhkd8JS34hOEsSwS9YC80sIMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JiTW1oa2Q4SlMzNGhP
RXNTd1M5WUM4MHNJTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKCqyFpIufkylpqsJ/RZaVbczvYKvYMWX
HmIXC+fKUklJs6ecphXF5EI8RY36wLGAhfsS20EBsfSUtxSC02idXTg+KXuo5JeP
412ILLYJmbpf6nkMUUr0PshTWPuTLYuKuGIa3ZIaBtlmWBJJ2i6x0taC4k2g8C7O
bEo5tOBNjfJoIGoeoUiZrW+OHdYxcF6jrz2s+nvC9RJMAsJaxPFFBgZ38U6Iu87k
YD/gnZLtPdLUkUkj3YssQFa3uD230VUrJ62VqNk9TY5U3e9OttoRpD9ABgDKbi3N
loZNamPhPXFvV4O6aBGbI1XRlROYU9Jq4fudCsl/1jAdRCGc1T/eaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:25 2024 by rpki-client on console-fra.rpki-client.org