Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TCVDWxhgk8l23-88j8be73mDdYA.roa
File: TCVDWxhgk8l23-88j8be73mDdYA.roa (raw, json)
Hash identifier: lvMqCJhWsfjGbY79Pp4go/XMkrQ86m4+OXx+KWDIESw=
Subject key identifier: 4C:25:43:5B:18:60:93:C9:76:DF:EF:3C:8F:C6:DE:EF:79:83:75:80
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DE6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TCVDWxhgk8l23-88j8be73mDdYA.roa
Signing time: Thu 02 May 2024 10:53:44 +0000
ROA not before: Thu 02 May 2024 10:53:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19942 (0x4de6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 10:53:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4C25435B186093C976DFEF3C8FC6DEEF79837580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d8:3c:1a:8c:bb:02:18:43:96:08:65:f4:e6:
d9:58:44:25:30:33:07:f5:89:b7:71:e2:93:7a:0a:
14:95:62:f5:60:40:b5:ea:5a:0b:b3:d0:db:e6:26:
c9:58:ff:ef:53:c0:4c:60:6a:fd:85:16:a5:20:fc:
0e:88:a1:fb:e7:8d:7d:e7:54:67:39:a2:d7:b0:d7:
59:c7:32:61:c8:7c:b6:0b:33:7d:29:29:a6:af:95:
03:5c:db:3e:88:85:17:b4:04:15:79:50:44:5d:ef:
83:4e:43:4e:72:cd:a5:32:03:9d:78:dc:16:36:5b:
a5:b7:9e:0e:2b:cf:44:c3:99:96:0e:c2:6a:af:01:
2f:68:83:6d:b4:47:45:f2:c0:50:18:17:bc:08:58:
15:7a:5b:e9:67:fa:f0:4c:72:ae:dc:76:66:3a:75:
62:ca:30:be:02:ae:13:22:20:62:45:f2:a8:f3:5f:
bb:3b:6e:56:42:b4:9e:64:9d:22:1e:98:e0:19:ed:
5f:3d:2e:85:61:1b:d4:f1:ac:4e:d8:c4:0b:cf:ff:
c5:f3:be:7b:8d:2b:d6:76:08:33:8f:16:78:29:eb:
4b:ff:f5:ec:0a:e8:9b:ea:71:f7:43:c6:b4:d7:15:
e9:32:b5:6c:24:1e:58:1a:68:a4:1f:8b:78:a4:0e:
55:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:25:43:5B:18:60:93:C9:76:DF:EF:3C:8F:C6:DE:EF:79:83:75:80
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TCVDWxhgk8l23-88j8be73mDdYA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:02:fb:33:bc:4a:7e:a5:8d:32:ef:df:0d:bc:ae:a8:71:27:
f9:8a:bc:3c:76:f6:a9:73:5d:8b:78:86:2e:e8:b2:85:1a:d5:
13:88:f2:3b:0f:22:13:07:3b:f5:1a:e2:de:53:2b:5c:79:fb:
ac:07:44:dc:c9:af:eb:a2:53:98:36:89:75:b1:51:39:3f:dd:
e7:0f:76:02:e4:fc:43:cf:3a:29:a3:79:72:ef:3a:ba:67:53:
9e:6f:f3:31:1f:89:b4:34:62:32:9c:3a:6b:fd:b6:1e:be:87:
60:ee:aa:2c:b3:5c:f0:e4:c8:b1:45:47:fa:dd:c3:d8:4d:e8:
94:ae:25:79:ae:dd:ff:d3:37:24:10:f6:f6:c7:70:2f:49:67:
46:ab:8c:08:4e:19:8d:89:fc:2d:bd:16:28:eb:66:f0:27:c5:
12:0d:22:67:ea:a6:29:9b:f1:32:e6:05:3f:32:00:65:e1:15:
e2:40:f1:27:0a:d6:cc:db:26:a2:80:0a:9f:d3:d6:9d:98:40:
66:49:49:26:57:da:36:5f:64:12:0a:4f:34:e9:1a:a4:2f:ef:
fc:fe:43:aa:01:76:9e:69:05:65:91:93:a9:ed:b6:cb:ae:3a:
d9:3d:40:15:e5:76:66:62:3e:17:d5:32:20:e6:6d:ff:14:53:
3a:d2:a3:33
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTeYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIx
MDUzNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRDMjU0MzVCMTg2MDkz
Qzk3NkRGRUYzQzhGQzZERUVGNzk4Mzc1ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCi2DwajLsCGEOWCGX05tlYRCUwMwf1ibdx4pN6ChSVYvVgQLXq
Wguz0NvmJslY/+9TwExgav2FFqUg/A6IofvnjX3nVGc5otew11nHMmHIfLYLM30p
KaavlQNc2z6IhRe0BBV5UERd74NOQ05yzaUyA5143BY2W6W3ng4rz0TDmZYOwmqv
AS9og220R0XywFAYF7wIWBV6W+ln+vBMcq7cdmY6dWLKML4CrhMiIGJF8qjzX7s7
blZCtJ5knSIemOAZ7V89LoVhG9TxrE7YxAvP/8XzvnuNK9Z2CDOPFngp60v/9ewK
6JvqcfdDxrTXFekytWwkHlgaaKQfi3ikDlVXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUTCVDWxhgk8l23+88j8be73mDdYAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RDVkRXeGhnazhsMjMt
ODhqOGJlNzNtRGRZQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEACgL7M7xKfqWNMu/fDbyuqHEn+Yq8PHb2
qXNdi3iGLuiyhRrVE4jyOw8iEwc79Rri3lMrXHn7rAdE3Mmv66JTmDaJdbFROT/d
5w92AuT8Q886KaN5cu86umdTnm/zMR+JtDRiMpw6a/22Hr6HYO6qLLNc8OTIsUVH
+t3D2E3olK4lea7d/9M3JBD29sdwL0lnRquMCE4ZjYn8Lb0WKOtm8CfFEg0iZ+qm
KZvxMuYFPzIAZeEV4kDxJwrWzNsmooAKn9PWnZhAZklJJlfaNl9kEgpPNOkapC/v
/P5DqgF2nmkFZZGTqe22y6462T1AFeV2ZmI+F9UyIOZt/xRTOtKjMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:27 2024 by rpki-client on console-fra.rpki-client.org