Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Ryb3fapUgS48epcPw4dzA5to56g.roa
File: Ryb3fapUgS48epcPw4dzA5to56g.roa (raw, json)
Hash identifier: TOVvNuCgcSp78/GwMaCx7Y0xVhJf7EwGV2Pd+9Qwblw=
Subject key identifier: 47:26:F7:7D:AA:54:81:2E:3C:7A:97:0F:C3:87:73:03:9B:68:E7:A8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4272
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ryb3fapUgS48epcPw4dzA5to56g.roa
Signing time: Wed 17 Apr 2024 04:22:58 +0000
ROA not before: Wed 17 Apr 2024 04:22:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17010 (0x4272)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 04:22:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4726F77DAA54812E3C7A970FC38773039B68E7A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:28:e4:f3:89:4a:25:fa:46:9f:4b:00:3b:c1:
5f:46:28:62:b1:e2:b3:ab:fe:ea:3a:86:58:ce:a3:
83:3d:5a:ef:8a:ab:65:b9:c5:39:57:b3:db:88:68:
a6:d2:c3:7f:c7:7e:b4:eb:c8:e5:e3:97:88:49:3d:
a7:65:f5:1e:bc:e4:05:36:56:68:a2:75:db:70:80:
21:89:4d:7e:f7:e2:19:64:3a:a9:c6:eb:03:33:56:
03:37:58:9a:a5:27:27:cc:26:4a:2b:d1:f6:5e:5d:
8d:8d:cc:ae:8f:30:4f:31:b1:25:4c:5d:9b:76:a8:
b7:f8:fd:30:6d:8e:48:4d:88:61:5a:af:d9:0b:e2:
fd:b0:d6:ba:1b:db:11:04:65:70:9e:8f:f1:f6:66:
db:a4:09:64:6d:dc:17:58:5f:7d:41:2b:a4:1a:63:
19:59:af:d1:59:a3:1a:c2:b2:f1:17:51:7e:24:58:
41:b2:5d:66:ba:16:78:c0:4a:b6:5d:07:fc:d0:46:
d9:94:b1:89:0a:38:4b:73:52:40:6d:91:82:64:8f:
cf:a4:9f:62:a2:11:4b:88:3d:6b:c4:d9:70:c8:3d:
50:48:88:05:13:4f:f1:c3:58:0d:67:60:3c:1d:22:
43:7b:cc:27:a4:df:62:d1:9b:b7:00:e8:13:99:68:
5a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:26:F7:7D:AA:54:81:2E:3C:7A:97:0F:C3:87:73:03:9B:68:E7:A8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ryb3fapUgS48epcPw4dzA5to56g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:41:44:c8:7a:ff:34:cf:46:83:3e:15:4a:e2:b1:d8:56:a4:
78:43:41:a0:ea:e2:97:6e:5f:64:e9:3b:b6:7e:c2:8d:e3:94:
6f:1e:a7:38:3d:66:35:0b:82:a7:88:9a:e7:70:8e:3d:a1:64:
3c:d9:aa:8f:0c:9e:1b:b0:ed:bd:bb:97:18:5a:be:36:c0:89:
2e:07:bc:04:97:d9:1b:42:5c:eb:f2:37:38:43:0f:4f:c9:93:
85:dc:90:77:45:fb:bb:75:3d:9c:89:f7:bc:c1:25:e8:c4:98:
67:c3:c7:11:ce:4b:6e:2a:ab:aa:cd:ed:5d:8e:b3:ba:bf:aa:
33:8e:56:28:f9:2a:c5:31:db:36:20:10:db:49:7a:f7:2a:a9:
6e:cc:6b:dc:2c:97:21:70:f9:df:9e:bc:1f:f5:28:a6:bd:57:
e9:29:b4:b4:99:03:ea:a7:b8:34:2b:33:11:a5:12:80:45:93:
7f:66:5a:c7:b9:58:53:f4:8c:d6:b2:9e:72:78:dd:c1:a1:e0:
be:39:67:fa:55:80:e5:62:e8:2f:24:3a:b1:84:66:3f:0e:2d:
3e:ee:f4:f1:38:23:fd:6e:b6:c3:8c:64:74:3a:20:f4:66:16:
e8:d3:7a:bd:fd:80:4c:8f:06:16:42:18:4b:b6:e6:a4:50:63:
87:2a:77:98
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQnIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
NDIyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ3MjZGNzdEQUE1NDgx
MkUzQzdBOTcwRkMzODc3MzAzOUI2OEU3QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDKOTziUol+kafSwA7wV9GKGKx4rOr/uo6hljOo4M9Wu+Kq2W5
xTlXs9uIaKbSw3/HfrTryOXjl4hJPadl9R685AU2VmiiddtwgCGJTX734hlkOqnG
6wMzVgM3WJqlJyfMJkor0fZeXY2NzK6PME8xsSVMXZt2qLf4/TBtjkhNiGFar9kL
4v2w1rob2xEEZXCej/H2ZtukCWRt3BdYX31BK6QaYxlZr9FZoxrCsvEXUX4kWEGy
XWa6FnjASrZdB/zQRtmUsYkKOEtzUkBtkYJkj8+kn2KiEUuIPWvE2XDIPVBIiAUT
T/HDWA1nYDwdIkN7zCek32LRm7cA6BOZaFpfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQURyb3fapUgS48epcPw4dzA5to56gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1J5YjNmYXBVZ1M0OGVw
Y1B3NGR6QTV0bzU2Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAN0FEyHr/NM9Ggz4VSuKx2FakeENBoOri
l25fZOk7tn7CjeOUbx6nOD1mNQuCp4ia53COPaFkPNmqjwyeG7DtvbuXGFq+NsCJ
Lge8BJfZG0Jc6/I3OEMPT8mThdyQd0X7u3U9nIn3vMEl6MSYZ8PHEc5Lbiqrqs3t
XY6zur+qM45WKPkqxTHbNiAQ20l69yqpbsxr3CyXIXD53568H/Uopr1X6Sm0tJkD
6qe4NCszEaUSgEWTf2Zax7lYU/SM1rKecnjdwaHgvjln+lWA5WLoLyQ6sYRmPw4t
Pu708Tgj/W62w4xkdDog9GYW6NN6vf2ATI8GFkIYS7bmpFBjhyp3mA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:25 2024 by rpki-client on console-fra.rpki-client.org