Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RoKdmtfdiKx4VKEXGcYRPwPz5_M.roa
File: RoKdmtfdiKx4VKEXGcYRPwPz5_M.roa (raw, json)
Hash identifier: RHMbXwInE3bMDIeIoxWnVTR9FA4ed+HM9BZr72q7RZk=
Subject key identifier: 46:82:9D:9A:D7:DD:88:AC:78:54:A1:17:19:C6:11:3F:03:F3:E7:F3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37F2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RoKdmtfdiKx4VKEXGcYRPwPz5_M.roa
Signing time: Wed 03 Apr 2024 04:22:17 +0000
ROA not before: Wed 03 Apr 2024 04:22:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14322 (0x37f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 04:22:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=46829D9AD7DD88AC7854A11719C6113F03F3E7F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2f:03:df:b1:bb:81:26:ab:6b:7a:57:7c:a5:
4d:eb:63:c3:b2:4e:df:4a:b0:52:46:71:71:9f:8b:
d5:50:e5:ea:44:c4:08:05:74:82:05:5d:33:3f:c9:
bd:85:7d:06:39:39:f4:92:ae:f0:f1:5f:a9:68:fe:
a7:94:14:ca:59:bf:f9:fc:62:5c:41:0e:88:3e:c8:
c4:9e:69:b0:01:f7:8f:7d:d0:ed:8a:d7:77:81:b2:
33:a4:c6:5e:1f:19:36:f3:d0:f2:db:ea:e9:af:1a:
8c:88:6f:f7:2a:a0:31:98:6d:91:2c:19:b7:b8:d6:
be:c7:55:63:ba:0b:e5:ba:7e:7a:a6:e3:7c:c6:32:
c0:a7:69:47:d5:17:b7:b1:ef:c6:6d:12:6f:e4:8e:
29:a7:f0:cb:cd:a7:e9:e6:8d:fb:60:4a:48:8c:c5:
9c:1f:96:3b:90:66:88:7e:0a:6b:58:1b:01:91:37:
97:2b:b0:30:9a:47:4c:d8:4a:c1:e3:3e:5f:4e:63:
30:e5:e5:b3:6d:a3:c6:2e:54:84:00:00:9d:b7:31:
dc:c1:14:11:32:c2:89:42:14:96:68:ee:43:e1:57:
39:76:aa:f4:8b:e7:83:5e:8d:87:52:fd:f7:fb:68:
13:80:3c:d4:21:ce:4b:5b:cf:f3:99:97:b7:e9:1f:
b7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:82:9D:9A:D7:DD:88:AC:78:54:A1:17:19:C6:11:3F:03:F3:E7:F3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RoKdmtfdiKx4VKEXGcYRPwPz5_M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:32:92:86:bb:bf:d9:75:52:be:a5:20:13:30:b4:02:63:ee:
a6:c4:8a:94:2c:b1:40:51:4c:a0:02:9f:45:42:92:86:34:6d:
05:d3:34:38:74:5b:52:9e:d8:80:95:24:44:1e:0d:3e:a6:f2:
9a:14:e4:87:bd:a7:93:37:5a:bd:4f:d6:9b:55:3b:54:37:f4:
35:49:14:8f:f2:63:2c:85:ea:ed:3f:dc:08:46:f5:db:66:0c:
29:6c:1f:df:e2:61:09:40:b2:79:3a:44:2d:5f:01:49:b8:67:
67:10:a9:5e:3a:7e:4a:f1:2c:22:76:5c:33:54:97:59:f8:d3:
f4:84:50:af:78:90:8e:3f:60:95:d1:fd:e3:82:bd:c9:e5:8d:
de:6e:c7:1b:39:57:9b:1c:04:0e:79:8c:8f:da:1a:69:b0:0c:
7a:34:34:38:be:a2:a4:64:5d:cf:95:30:80:21:f6:4c:65:99:
b6:46:3b:c2:62:77:f2:00:da:52:f0:43:a9:80:69:1f:b4:97:
3f:c2:bd:8e:b4:1b:08:c6:58:89:22:61:27:f7:70:26:fc:40:
4a:88:6b:9c:3f:82:8f:e6:27:dd:36:c3:76:46:d4:62:86:e9:
67:7f:21:f5:8b:43:25:6c:bb:b0:3d:d4:f5:17:09:18:cb:e6:
de:ce:0f:7e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICN/IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
NDIyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ2ODI5RDlBRDdERDg4
QUM3ODU0QTExNzE5QzYxMTNGMDNGM0U3RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9LwPfsbuBJqtreld8pU3rY8OyTt9KsFJGcXGfi9VQ5epExAgF
dIIFXTM/yb2FfQY5OfSSrvDxX6lo/qeUFMpZv/n8YlxBDog+yMSeabAB94990O2K
13eBsjOkxl4fGTbz0PLb6umvGoyIb/cqoDGYbZEsGbe41r7HVWO6C+W6fnqm43zG
MsCnaUfVF7ex78ZtEm/kjimn8MvNp+nmjftgSkiMxZwfljuQZoh+CmtYGwGRN5cr
sDCaR0zYSsHjPl9OYzDl5bNto8YuVIQAAJ23MdzBFBEywolCFJZo7kPhVzl2qvSL
54NejYdS/ff7aBOAPNQhzktbz/OZl7fpH7ezAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQURoKdmtfdiKx4VKEXGcYRPwPz5/MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JvS2RtdGZkaUt4NFZL
RVhHY1lSUHdQejVfTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAGDKShru/2XVSvqUgEzC0AmPupsSKlCyx
QFFMoAKfRUKShjRtBdM0OHRbUp7YgJUkRB4NPqbymhTkh72nkzdavU/Wm1U7VDf0
NUkUj/JjLIXq7T/cCEb122YMKWwf3+JhCUCyeTpELV8BSbhnZxCpXjp+SvEsInZc
M1SXWfjT9IRQr3iQjj9gldH944K9yeWN3m7HGzlXmxwEDnmMj9oaabAMejQ0OL6i
pGRdz5UwgCH2TGWZtkY7wmJ38gDaUvBDqYBpH7SXP8K9jrQbCMZYiSJhJ/dwJvxA
SohrnD+Cj+Yn3TbDdkbUYobpZ38h9YtDJWy7sD3U9RcJGMvm3s4Pfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:25 2024 by rpki-client on console-fra.rpki-client.org