Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TWBFWVkiwiGQnjO021MinQXG1N4.roa
File: TWBFWVkiwiGQnjO021MinQXG1N4.roa (raw, json)
Hash identifier: przXCYMAri3DJr6wqSeHU6UlQKNQJ8k0oYGJ4IPWuPc=
Subject key identifier: 4D:60:45:59:59:22:C2:21:90:9E:33:B4:DB:53:22:9D:05:C6:D4:DE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E7E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TWBFWVkiwiGQnjO021MinQXG1N4.roa
Signing time: Thu 11 Apr 2024 21:52:48 +0000
ROA not before: Thu 11 Apr 2024 21:52:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15998 (0x3e7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 21:52:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4D6045595922C221909E33B4DB53229D05C6D4DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a5:35:b7:9a:cf:b4:eb:77:8e:b9:6b:f4:64:
89:1a:d0:39:5d:84:1a:c5:aa:e4:96:c6:9b:4b:e4:
7f:80:b5:6b:21:f5:b0:3a:9e:f8:8d:1c:99:99:79:
05:07:44:35:d2:a5:01:c6:e7:e2:59:d1:95:2f:bc:
4c:6d:12:ca:f1:9f:e0:27:60:dc:95:97:5b:21:52:
02:5c:0e:22:91:0e:29:e7:c3:25:6c:d2:70:00:ee:
43:75:b2:28:af:2a:dc:31:22:1f:a1:ea:ed:b5:8e:
60:f1:65:26:f4:bc:bd:a8:a4:1e:2a:55:1d:21:39:
27:ba:e2:14:b4:3a:51:2a:49:2b:9a:ac:0c:7e:22:
41:a5:dc:54:67:31:b8:b4:72:c8:a7:a2:07:03:e1:
b2:00:c3:e5:14:6d:b4:06:c7:79:36:41:df:04:f5:
53:de:45:51:7e:da:a3:1f:3d:a7:96:0d:11:8c:0e:
65:8a:12:09:df:76:19:0f:13:9e:9e:94:c5:e9:b4:
28:4a:4c:46:f0:de:a7:46:47:eb:04:7e:9a:71:71:
cd:20:f0:01:03:09:19:50:dc:60:de:29:0f:ff:71:
0b:d7:5a:b6:12:81:69:71:13:72:0d:d6:61:a6:1c:
6e:78:97:5c:71:c8:04:41:75:18:80:42:02:42:55:
4c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:60:45:59:59:22:C2:21:90:9E:33:B4:DB:53:22:9D:05:C6:D4:DE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TWBFWVkiwiGQnjO021MinQXG1N4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:fb:b1:ff:ad:11:b8:68:33:14:ec:11:24:84:cb:13:f1:06:
53:fc:b8:cc:1d:83:92:84:2b:ea:52:c2:6e:64:e8:71:10:6f:
51:aa:c0:f2:16:db:13:68:48:01:e9:fe:72:fc:ca:a5:64:3d:
89:19:68:90:5c:24:31:77:e1:22:01:18:ca:1e:76:76:88:96:
71:33:9c:64:53:a9:90:7a:22:77:bc:ec:75:10:d1:51:bb:89:
6e:42:a1:4c:84:d6:81:50:73:c2:2b:bf:4e:d9:4b:eb:ab:bd:
3e:47:6f:e5:aa:47:a3:69:96:ac:ba:9c:18:eb:a0:90:07:7d:
a9:3b:4e:ca:8f:82:81:eb:de:6a:02:69:01:b9:b8:5b:35:6a:
85:17:39:de:74:cb:95:25:41:83:77:a2:d1:31:d8:19:42:54:
36:dc:03:f5:26:23:4b:cf:e9:48:7f:84:e2:82:e7:de:96:5c:
17:db:1d:9e:d6:b7:18:95:96:86:e7:2d:7b:5d:a6:a8:82:b7:
33:63:68:41:de:1c:05:83:cc:0c:44:4b:d3:2f:e3:68:8f:90:
50:b9:f7:a2:c1:e1:09:3f:d8:9c:ca:37:6a:a1:96:b6:b0:12:
19:96:60:95:d1:38:aa:26:df:59:74:0f:52:1d:16:2a:22:4c:
09:ae:87:96
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPn4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEy
MTUyNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRENjA0NTU5NTkyMkMy
MjE5MDlFMzNCNERCNTMyMjlEMDVDNkQ0REUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClpTW3ms+063eOuWv0ZIka0DldhBrFquSWxptL5H+AtWsh9bA6
nviNHJmZeQUHRDXSpQHG5+JZ0ZUvvExtEsrxn+AnYNyVl1shUgJcDiKRDinnwyVs
0nAA7kN1siivKtwxIh+h6u21jmDxZSb0vL2opB4qVR0hOSe64hS0OlEqSSuarAx+
IkGl3FRnMbi0csinogcD4bIAw+UUbbQGx3k2Qd8E9VPeRVF+2qMfPaeWDRGMDmWK
EgnfdhkPE56elMXptChKTEbw3qdGR+sEfppxcc0g8AEDCRlQ3GDeKQ//cQvXWrYS
gWlxE3IN1mGmHG54l1xxyARBdRiAQgJCVUxrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUTWBFWVkiwiGQnjO021MinQXG1N4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RXQkZXVmtpd2lHUW5q
TzAyMU1pblFYRzFONC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAE/ux/60RuGgzFOwRJITLE/EGU/y4zB2D
koQr6lLCbmTocRBvUarA8hbbE2hIAen+cvzKpWQ9iRlokFwkMXfhIgEYyh52doiW
cTOcZFOpkHoid7zsdRDRUbuJbkKhTITWgVBzwiu/TtlL66u9Pkdv5apHo2mWrLqc
GOugkAd9qTtOyo+CgeveagJpAbm4WzVqhRc53nTLlSVBg3ei0THYGUJUNtwD9SYj
S8/pSH+E4oLn3pZcF9sdnta3GJWWhucte12mqIK3M2NoQd4cBYPMDERL0y/jaI+Q
ULn3osHhCT/YnMo3aqGWtrASGZZgldE4qibfWXQPUh0WKiJMCa6Hlg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:27 2024 by rpki-client on console-fra.rpki-client.org