Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TngTXYnFh1UTdK99t0xvMtGrwJ0.roa
File: TngTXYnFh1UTdK99t0xvMtGrwJ0.roa (raw, json)
Hash identifier: bdp1IDGJ2biypHF8rX7J6v79Wo0TBbP+Tt1d5MA1USM=
Subject key identifier: 4E:78:13:5D:89:C5:87:55:13:74:AF:7D:B7:4C:6F:32:D1:AB:C0:9D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FAA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TngTXYnFh1UTdK99t0xvMtGrwJ0.roa
Signing time: Sat 13 Apr 2024 11:22:49 +0000
ROA not before: Sat 13 Apr 2024 11:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16298 (0x3faa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 11:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4E78135D89C587551374AF7DB74C6F32D1ABC09D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:01:dc:36:a4:27:8b:72:7b:3e:0b:18:99:ba:
54:1b:bb:ce:77:07:47:2b:9f:4f:10:4c:6d:7a:27:
dd:a2:c1:3a:03:4d:a7:91:e2:8b:cb:14:5c:2c:81:
e3:fe:fb:74:7f:42:68:0a:99:ba:20:5c:a2:d8:5d:
43:2a:32:4a:94:a1:3d:3d:2e:5d:66:f8:71:dc:dd:
80:75:11:a1:4c:4f:94:d5:e3:7f:85:ae:ae:0d:9e:
4e:86:5c:01:00:43:6c:d0:72:34:77:0f:66:38:de:
c9:e3:6a:08:65:fc:1d:7a:de:97:8c:ce:ab:fe:dc:
95:c6:58:54:b3:49:9e:32:df:ce:68:a7:c3:31:3e:
25:42:05:ef:31:6d:bb:e6:7e:f3:d9:2d:b3:95:83:
b0:35:61:c7:15:ad:63:b9:c1:dc:ff:34:66:66:24:
15:93:21:34:91:ad:59:f0:b9:fd:bc:6c:cb:25:41:
05:be:7f:ec:ec:1c:5b:ea:a5:a4:54:ff:42:3b:d0:
45:e0:af:04:21:a3:79:52:bc:93:40:2e:3d:5c:f8:
1f:8a:5c:73:f4:fd:db:8e:b7:65:fc:53:33:27:ab:
3c:38:eb:b3:9e:4e:77:bf:8c:89:51:1c:6f:ab:35:
c7:47:b7:14:13:d8:90:a1:28:f3:2a:75:dd:ef:32:
80:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:78:13:5D:89:C5:87:55:13:74:AF:7D:B7:4C:6F:32:D1:AB:C0:9D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TngTXYnFh1UTdK99t0xvMtGrwJ0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:fd:9d:99:9e:95:5d:81:67:70:6d:14:76:ac:9c:bc:cb:f6:
57:de:26:fc:ca:49:92:bb:cb:9c:c6:b4:f9:6d:49:d0:7f:4f:
47:5c:12:85:ab:41:1f:f3:08:e7:bf:31:d1:f0:4b:b9:90:70:
22:e2:90:2f:b8:30:50:07:f9:5a:de:41:7c:8e:7d:9e:48:e5:
a5:a2:07:19:38:78:3c:4a:b6:96:9b:7e:c7:e0:04:0b:16:f6:
f7:a9:94:ab:ae:fc:cd:dd:35:bf:1b:95:3f:f8:b3:75:ff:0e:
31:42:4b:6b:5a:1d:f4:e9:f2:4e:33:4e:cd:11:5d:4b:b2:51:
41:fe:93:1c:3a:73:61:d5:5e:5e:14:07:af:7f:d4:02:7b:76:
89:8d:ea:ac:49:70:72:56:83:26:88:62:a8:9d:61:4b:00:d9:
c1:47:de:7e:1b:e3:14:10:7e:0d:f6:e6:5f:15:a3:0d:35:6e:
d1:cc:c0:5a:4d:b5:12:68:58:c0:28:77:4b:37:45:9b:1a:72:
67:15:01:04:ab:0a:32:82:a7:ab:7c:5e:53:12:22:93:27:b7:
a6:8d:e4:47:af:1e:1c:34:da:70:3e:fb:54:0f:83:ad:f7:0e:
34:df:93:62:e6:49:31:fa:75:7e:c6:42:5f:8f:49:62:c8:72:
b5:55:6e:4a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP6owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
MTIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRFNzgxMzVEODlDNTg3
NTUxMzc0QUY3REI3NEM2RjMyRDFBQkMwOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClAdw2pCeLcns+CxiZulQbu853B0crn08QTG16J92iwToDTaeR
4ovLFFwsgeP++3R/QmgKmbogXKLYXUMqMkqUoT09Ll1m+HHc3YB1EaFMT5TV43+F
rq4Nnk6GXAEAQ2zQcjR3D2Y43snjaghl/B163peMzqv+3JXGWFSzSZ4y385op8Mx
PiVCBe8xbbvmfvPZLbOVg7A1YccVrWO5wdz/NGZmJBWTITSRrVnwuf28bMslQQW+
f+zsHFvqpaRU/0I70EXgrwQho3lSvJNALj1c+B+KXHP0/duOt2X8UzMnqzw467Oe
Tne/jIlRHG+rNcdHtxQT2JChKPMqdd3vMoBbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUTngTXYnFh1UTdK99t0xvMtGrwJ0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RuZ1RYWW5GaDFVVGRL
OTl0MHh2TXRHcndKMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAW/2dmZ6VXYFncG0UdqycvMv2V94m/MpJ
krvLnMa0+W1J0H9PR1wShatBH/MI578x0fBLuZBwIuKQL7gwUAf5Wt5BfI59nkjl
paIHGTh4PEq2lpt+x+AECxb296mUq678zd01vxuVP/izdf8OMUJLa1od9OnyTjNO
zRFdS7JRQf6THDpzYdVeXhQHr3/UAnt2iY3qrElwclaDJohiqJ1hSwDZwUfefhvj
FBB+DfbmXxWjDTVu0czAWk21EmhYwCh3SzdFmxpyZxUBBKsKMoKnq3xeUxIikye3
po3kR68eHDTacD77VA+DrfcONN+TYuZJMfp1fsZCX49JYshytVVuSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:44 2024 by rpki-client on console-ams.rpki-client.org