Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/S7_2lMVzgTNcd55XaG4MtfDRHcU.roa
File: S7_2lMVzgTNcd55XaG4MtfDRHcU.roa (raw, json)
Hash identifier: pam9BncP6+5IEBy0lsWg3yYrOEvbbCLQTRMgvlCmZ2I=
Subject key identifier: 4B:BF:F6:94:C5:73:81:33:5C:77:9E:57:68:6E:0C:B5:F0:D1:1D:C5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 54AA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/S7_2lMVzgTNcd55XaG4MtfDRHcU.roa
Signing time: Sat 11 May 2024 11:24:11 +0000
ROA not before: Sat 11 May 2024 11:24:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21674 (0x54aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 11:24:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4BBFF694C57381335C779E57686E0CB5F0D11DC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d9:93:fa:c9:eb:48:dd:5e:16:7e:ba:67:4b:
ca:fc:44:61:f1:c5:ba:8a:57:e4:6d:21:c8:14:48:
cc:e0:51:07:20:29:1a:66:db:b0:5a:27:a8:67:a4:
c1:ea:ce:02:62:cb:f3:3b:a5:49:dc:0a:d7:8c:b7:
67:98:1a:a1:b0:79:bf:ee:15:1a:b5:44:21:fb:83:
28:74:fd:bf:9b:20:4d:f4:fc:bf:be:59:ec:ca:f0:
32:f4:1a:ca:a1:80:1c:66:9e:f0:f9:5e:86:c2:44:
71:51:18:12:5c:2a:ae:fe:3d:0c:a6:c6:83:13:7b:
62:8f:70:75:24:cf:ec:3d:cb:4b:61:35:a1:dc:65:
51:17:a6:e1:a1:cf:aa:27:05:12:3a:b4:3b:23:f0:
25:50:ec:98:32:26:c5:c1:47:df:41:d8:b0:56:55:
63:e6:d0:41:e5:db:56:e2:23:7d:62:b8:ef:2a:d9:
f9:e0:9b:2e:03:7b:e8:0a:11:da:2e:4c:59:d2:24:
cf:f3:09:da:45:80:67:c4:ba:5a:3e:a2:32:84:02:
11:42:2d:49:f8:29:ae:2d:4a:27:ec:3f:36:54:aa:
f3:05:f8:94:1d:6f:ff:f3:08:46:ab:f4:16:bd:72:
67:3f:03:b7:0b:57:a8:be:42:a1:ca:2c:7d:a7:b3:
ce:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:BF:F6:94:C5:73:81:33:5C:77:9E:57:68:6E:0C:B5:F0:D1:1D:C5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/S7_2lMVzgTNcd55XaG4MtfDRHcU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:17:c9:ab:66:79:70:4d:81:ec:d0:ca:a2:88:4f:1b:2b:d9:
8a:5e:a1:15:7d:c5:9d:db:b6:02:da:80:10:07:b4:d2:24:cd:
48:fb:7f:11:89:72:68:79:af:cd:b9:20:2f:88:11:eb:42:ca:
8c:26:7b:87:02:1b:40:12:86:0f:9c:25:94:01:11:4f:fa:08:
6a:fd:43:97:18:1b:e0:35:4c:4e:23:54:9b:84:da:c8:20:2a:
9f:6a:f8:e8:9e:43:ca:df:37:da:37:2e:81:a5:1d:28:99:98:
48:e6:33:8c:b0:51:da:38:fd:5d:50:32:5d:79:7e:5a:05:c7:
4c:92:15:20:79:18:55:b9:9d:f3:cb:a8:92:88:5a:1f:23:67:
53:03:dc:de:d0:88:d9:a8:9c:a7:d6:cd:9f:ea:df:a9:c5:b9:
86:2b:3d:5e:e2:b6:36:1c:7e:1d:9a:59:50:cc:3f:ac:1f:32:
f5:0d:37:22:fb:0c:16:c2:32:94:f4:5f:0b:6f:82:7c:8d:2f:
60:c7:c2:bc:1f:20:bb:bf:2f:7e:b1:5c:a4:59:aa:aa:71:28:
02:f5:36:4a:da:2f:6c:41:f8:8b:85:21:b7:a2:6a:b4:88:fd:
6a:64:f3:07:4f:33:6c:6b:95:7f:08:8a:38:88:cd:14:e2:23:
37:01:a0:0c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEx
MTI0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRCQkZGNjk0QzU3Mzgx
MzM1Qzc3OUU1NzY4NkUwQ0I1RjBEMTFEQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz2ZP6yetI3V4WfrpnS8r8RGHxxbqKV+RtIcgUSMzgUQcgKRpm
27BaJ6hnpMHqzgJiy/M7pUncCteMt2eYGqGweb/uFRq1RCH7gyh0/b+bIE30/L++
WezK8DL0GsqhgBxmnvD5XobCRHFRGBJcKq7+PQymxoMTe2KPcHUkz+w9y0thNaHc
ZVEXpuGhz6onBRI6tDsj8CVQ7JgyJsXBR99B2LBWVWPm0EHl21biI31iuO8q2fng
my4De+gKEdouTFnSJM/zCdpFgGfEulo+ojKEAhFCLUn4Ka4tSifsPzZUqvMF+JQd
b//zCEar9Ba9cmc/A7cLV6i+QqHKLH2ns86tAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUS7/2lMVzgTNcd55XaG4MtfDRHcUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1M3XzJsTVZ6Z1ROY2Q1
NVhhRzRNdGZEUkhjVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAkxfJq2Z5cE2B7NDKoohPGyvZil6hFX3F
ndu2AtqAEAe00iTNSPt/EYlyaHmvzbkgL4gR60LKjCZ7hwIbQBKGD5wllAERT/oI
av1Dlxgb4DVMTiNUm4TayCAqn2r46J5Dyt832jcugaUdKJmYSOYzjLBR2jj9XVAy
XXl+WgXHTJIVIHkYVbmd88uokohaHyNnUwPc3tCI2aicp9bNn+rfqcW5his9XuK2
Nhx+HZpZUMw/rB8y9Q03IvsMFsIylPRfC2+CfI0vYMfCvB8gu78vfrFcpFmqqnEo
AvU2StovbEH4i4Uht6JqtIj9amTzB08zbGuVfwiKOIjNFOIjNwGgDA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:26 2024 by rpki-client on console-fra.rpki-client.org