Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TakJW4usc9Z-K8F8sjsvVjpSJ_U.roa
File: TakJW4usc9Z-K8F8sjsvVjpSJ_U.roa (raw, json)
Hash identifier: TZStkx6/QD1+57bxDIUCUrOE2bX/V1pEhQiiQubFmtM=
Subject key identifier: 4D:A9:09:5B:8B:AC:73:D6:7E:2B:C1:7C:B2:3B:2F:56:3A:52:27:F5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 581A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TakJW4usc9Z-K8F8sjsvVjpSJ_U.roa
Signing time: Thu 16 May 2024 01:24:47 +0000
ROA not before: Thu 16 May 2024 01:24:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22554 (0x581a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 16 01:24:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4DA9095B8BAC73D67E2BC17CB23B2F563A5227F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:1a:98:7c:77:da:a3:ad:1b:c8:d5:71:07:80:
05:5c:ec:d1:bf:f6:9c:99:29:92:3f:3d:48:72:a9:
0a:9e:22:96:a3:ff:08:9a:a2:86:78:ed:21:59:c9:
4e:da:8b:b9:d7:00:79:f0:2e:45:a4:b8:64:8e:a6:
9e:4f:2d:a8:d3:f4:d3:4f:10:2e:fd:2a:03:ea:25:
f9:4f:ef:a2:4a:6f:18:ad:bb:6b:40:58:37:79:b6:
4d:7d:4b:97:62:c4:5e:b6:fb:88:c2:2f:5e:99:35:
33:03:56:bc:10:04:61:3e:c8:4f:b2:3c:1f:c1:0f:
eb:0f:ab:38:02:bb:eb:9c:62:8b:a6:56:37:42:9d:
0e:f1:20:ae:45:05:56:fa:df:62:f4:ac:7c:03:8c:
86:14:74:fc:bb:47:47:bd:12:fc:12:15:aa:31:27:
3f:8c:f2:ff:36:68:c1:90:e9:e3:f2:c8:04:ed:4d:
f9:46:8a:dd:e3:97:e1:86:9b:bb:d0:f9:80:2a:93:
50:17:d3:ce:7f:fe:f6:2d:bc:25:9a:72:99:08:7d:
ec:be:b1:d6:68:d4:d0:81:45:0a:f5:a8:09:00:e1:
b2:85:6d:f4:1b:82:5a:f5:56:56:51:09:e0:4c:29:
cd:c3:0a:c0:e4:6a:ec:b0:ef:55:97:36:56:42:21:
51:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A9:09:5B:8B:AC:73:D6:7E:2B:C1:7C:B2:3B:2F:56:3A:52:27:F5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TakJW4usc9Z-K8F8sjsvVjpSJ_U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:9b:42:d3:b3:45:24:23:52:4c:69:9d:c6:17:e3:ab:14:2c:
21:78:61:f6:b6:52:ac:6a:cc:43:bb:d7:05:6c:f7:1f:30:d3:
28:d5:fd:4c:34:70:cf:a0:96:c6:3e:60:0b:ed:96:49:0e:01:
a9:a0:72:e0:60:c7:0d:db:f3:86:34:5e:e2:3b:9a:e4:ed:fa:
b1:c1:f6:67:e8:77:83:02:f4:b2:40:35:43:0c:19:dd:99:33:
be:84:0b:12:c2:c0:97:ae:7b:61:f9:85:7d:1c:a9:98:d7:a8:
d4:e8:c6:c9:1a:0a:cb:04:3f:ef:93:26:6a:ff:7b:c5:f4:ff:
c1:63:63:a1:79:f5:59:a0:db:6c:5e:0a:59:bf:83:60:9f:92:
6c:82:3a:3b:ac:4f:1f:ce:a9:76:aa:24:7f:b2:52:c7:56:c9:
08:a8:08:ba:60:21:88:a0:f7:df:59:32:a9:d9:54:14:ee:30:
92:cf:3c:14:28:db:cd:e7:41:bc:81:7a:5e:3a:ee:22:b4:ca:
46:fe:5e:61:59:61:db:5e:ad:63:60:67:b9:63:6f:7c:05:58:
ed:d7:5c:3d:e3:28:0c:3a:b5:c1:50:a5:f4:17:b3:31:cd:fe:
0d:92:8f:40:b1:24:66:1a:15:c1:4c:78:17:f7:15:78:f8:09:
a9:51:da:75
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICWBowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTYw
MTI0NDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDREQTkwOTVCOEJBQzcz
RDY3RTJCQzE3Q0IyM0IyRjU2M0E1MjI3RjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwGph8d9qjrRvI1XEHgAVc7NG/9pyZKZI/PUhyqQqeIpaj/wia
ooZ47SFZyU7ai7nXAHnwLkWkuGSOpp5PLajT9NNPEC79KgPqJflP76JKbxitu2tA
WDd5tk19S5dixF62+4jCL16ZNTMDVrwQBGE+yE+yPB/BD+sPqzgCu+ucYoumVjdC
nQ7xIK5FBVb632L0rHwDjIYUdPy7R0e9EvwSFaoxJz+M8v82aMGQ6ePyyATtTflG
it3jl+GGm7vQ+YAqk1AX085//vYtvCWacpkIfey+sdZo1NCBRQr1qAkA4bKFbfQb
glr1VlZRCeBMKc3DCsDkauyw71WXNlZCIVFfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUTakJW4usc9Z+K8F8sjsvVjpSJ/UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1Rha0pXNHVzYzlaLUs4
RjhzanN2VmpwU0pfVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAg5tC07NFJCNSTGmdxhfjqxQsIXhh9rZS
rGrMQ7vXBWz3HzDTKNX9TDRwz6CWxj5gC+2WSQ4BqaBy4GDHDdvzhjRe4jua5O36
scH2Z+h3gwL0skA1QwwZ3ZkzvoQLEsLAl657YfmFfRypmNeo1OjGyRoKywQ/75Mm
av97xfT/wWNjoXn1WaDbbF4KWb+DYJ+SbII6O6xPH86pdqokf7JSx1bJCKgIumAh
iKD331kyqdlUFO4wks88FCjbzedBvIF6XjruIrTKRv5eYVlh216tY2BnuWNvfAVY
7ddcPeMoDDq1wVCl9BezMc3+DZKPQLEkZhoVwUx4F/cVePgJqVHadQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:44 2024 by rpki-client on console-ams.rpki-client.org