Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/U3jf6JbjdothkVOwmBeizd0Bu5w.roa
File: U3jf6JbjdothkVOwmBeizd0Bu5w.roa (raw, json)
Hash identifier: mK6eH2Ra4zoeBpmbsc60eiV+eQKLAHLjjT65nYIy794=
Subject key identifier: 53:78:DF:E8:96:E3:76:8B:61:91:53:B0:98:17:A2:CD:DD:01:BB:9C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 360A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/U3jf6JbjdothkVOwmBeizd0Bu5w.roa
Signing time: Sun 31 Mar 2024 15:22:12 +0000
ROA not before: Sun 31 Mar 2024 15:22:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13834 (0x360a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 15:22:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5378DFE896E3768B619153B09817A2CDDD01BB9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:25:f6:d6:39:34:5e:5e:d8:4c:0d:0d:a5:5b:
92:30:4d:03:23:0f:e8:39:95:c5:f2:bf:12:fb:20:
f8:96:c3:d9:34:e1:e2:24:b5:f2:a3:cc:3c:9b:db:
31:4a:b4:92:ae:73:1b:f5:ab:73:b6:5a:09:04:3e:
cd:47:a3:ad:9e:df:cd:3b:46:92:b9:1d:d4:53:fb:
f4:df:c1:69:10:1d:9b:a8:5e:ca:ad:23:00:e0:fd:
51:49:a0:99:e0:1e:52:0d:d4:72:1a:be:c7:d3:81:
d2:7d:54:ec:27:e3:5a:ab:e7:b5:56:73:b9:5b:37:
14:d3:7c:2b:f8:1d:bc:b6:cb:68:8a:8a:c7:d4:24:
f0:82:93:e8:6e:d5:d7:17:f4:43:ea:23:7e:a4:d6:
91:0f:86:76:7d:c8:ab:58:42:bd:0e:6c:4a:c1:c3:
6a:45:ab:ac:f3:69:3c:28:1e:96:09:ba:32:90:1f:
e4:5d:c5:39:f2:b5:6c:3d:2d:cf:80:08:98:4a:e6:
df:66:f2:f1:d1:a9:b8:4a:18:9c:ee:d9:ff:27:fe:
78:50:b0:53:e3:40:76:1b:4a:66:7a:78:03:0d:c5:
bc:0c:0d:fc:56:4b:38:85:6b:ba:19:23:08:cd:bd:
bc:72:0a:a3:95:99:7e:35:70:9e:f8:df:90:36:c6:
03:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:78:DF:E8:96:E3:76:8B:61:91:53:B0:98:17:A2:CD:DD:01:BB:9C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/U3jf6JbjdothkVOwmBeizd0Bu5w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:76:4b:50:e0:73:b4:7e:81:c7:b5:24:dd:c0:5c:9d:ae:f3:
38:dd:1e:3e:f2:c8:d5:d1:75:9d:11:e9:fb:04:1f:79:b3:06:
b7:de:3a:84:c0:71:b6:4c:29:0d:94:23:e5:08:ad:f3:69:bb:
f3:15:d6:8e:3c:c6:d9:b3:86:9f:81:8e:f0:be:4d:8d:9f:88:
5f:7a:7e:2d:e4:20:f5:c6:5a:a9:b6:96:d4:7c:e7:db:b2:5a:
8d:7e:29:17:71:ff:c0:79:c1:0a:bc:cb:b1:72:53:41:c2:54:
25:07:ba:cb:a2:1e:0a:02:e0:7e:e8:c3:6e:f0:9e:a6:24:1c:
79:4e:49:d6:67:7e:e0:9f:34:c5:97:22:46:e4:76:b5:1f:38:
c4:10:3e:98:3e:b3:3e:04:cd:d1:44:1e:a1:8a:33:f3:36:ad:
74:a8:3f:1b:f2:76:07:d1:47:44:66:78:0c:ee:70:26:54:d8:
a0:8a:e0:5b:f2:d0:2c:43:dc:30:41:a9:3d:23:8a:69:c4:52:
47:ab:0f:d2:5f:d7:19:45:e1:0d:66:0b:09:1e:64:f1:cc:23:
ad:87:05:a1:5e:82:82:bb:3d:cc:8b:9c:bd:84:8e:35:cc:59:
ae:6a:30:9b:49:e7:d7:3c:ec:f0:c0:55:fe:61:80:57:ae:ca:
8c:0a:a7:24
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNgowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
NTIyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzNzhERkU4OTZFMzc2
OEI2MTkxNTNCMDk4MTdBMkNEREQwMUJCOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTJfbWOTReXthMDQ2lW5IwTQMjD+g5lcXyvxL7IPiWw9k04eIk
tfKjzDyb2zFKtJKucxv1q3O2WgkEPs1Ho62e3807RpK5HdRT+/TfwWkQHZuoXsqt
IwDg/VFJoJngHlIN1HIavsfTgdJ9VOwn41qr57VWc7lbNxTTfCv4Hby2y2iKisfU
JPCCk+hu1dcX9EPqI36k1pEPhnZ9yKtYQr0ObErBw2pFq6zzaTwoHpYJujKQH+Rd
xTnytWw9Lc+ACJhK5t9m8vHRqbhKGJzu2f8n/nhQsFPjQHYbSmZ6eAMNxbwMDfxW
SziFa7oZIwjNvbxyCqOVmX41cJ7435A2xgNbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUU3jf6JbjdothkVOwmBeizd0Bu5wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1UzamY2SmJqZG90aGtW
T3dtQmVpemQwQnU1dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAC3ZLUOBztH6Bx7Uk3cBcna7zON0ePvLI
1dF1nRHp+wQfebMGt946hMBxtkwpDZQj5Qit82m78xXWjjzG2bOGn4GO8L5NjZ+I
X3p+LeQg9cZaqbaW1Hzn27JajX4pF3H/wHnBCrzLsXJTQcJUJQe6y6IeCgLgfujD
bvCepiQceU5J1md+4J80xZciRuR2tR84xBA+mD6zPgTN0UQeoYoz8zatdKg/G/J2
B9FHRGZ4DO5wJlTYoIrgW/LQLEPcMEGpPSOKacRSR6sP0l/XGUXhDWYLCR5k8cwj
rYcFoV6Cgrs9zIucvYSONcxZrmowm0nn1zzs8MBV/mGAV67KjAqnJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:44 2024 by rpki-client on console-ams.rpki-client.org