Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UDwiSyvPTdRsCfDHLtmIkCwd9oQ.roa
File: UDwiSyvPTdRsCfDHLtmIkCwd9oQ.roa (raw, json)
Hash identifier: eZ3enXRj8MtJW+gMe+AiNlt4MYMqswlJCQGz/LbgXE0=
Subject key identifier: 50:3C:22:4B:2B:CF:4D:D4:6C:09:F0:C7:2E:D9:88:90:2C:1D:F6:84
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43E2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UDwiSyvPTdRsCfDHLtmIkCwd9oQ.roa
Signing time: Fri 19 Apr 2024 02:23:00 +0000
ROA not before: Fri 19 Apr 2024 02:23:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17378 (0x43e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 02:23:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=503C224B2BCF4DD46C09F0C72ED988902C1DF684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:93:9c:ab:7b:71:ba:b3:0b:b3:d0:82:a1:7b:
61:e0:9c:eb:85:d3:a1:db:10:f4:a6:28:23:51:81:
ac:7e:d8:09:8a:e6:5a:65:04:26:41:86:f4:ff:f0:
a4:85:88:26:ed:85:3d:e8:ce:30:2b:27:4f:1f:df:
a5:91:4f:2a:a6:24:c5:11:60:b5:63:2e:9f:9c:90:
12:0c:90:03:ff:fb:e0:21:12:f3:a1:89:16:69:67:
e0:d9:f7:ed:83:b6:3d:dc:b7:58:60:dd:8c:76:37:
48:c0:77:7d:19:48:1e:e1:af:f7:0b:06:b5:b4:78:
74:8b:1b:a7:ca:8b:45:a2:31:b4:e7:c2:5e:a4:d0:
60:23:f5:ea:f2:0d:1a:e4:9f:19:ee:5d:df:d3:2b:
1c:74:5c:c5:13:6a:40:10:1f:26:79:6b:25:b3:03:
53:a9:3b:99:e1:41:59:65:3b:cb:b5:0d:04:89:36:
93:dc:1d:90:05:cb:05:75:1c:a2:70:9f:83:29:a4:
4c:41:d1:86:ab:d5:ef:ba:8e:1f:4c:61:d4:74:fb:
c2:92:fc:04:d1:50:2c:14:fc:5a:4f:97:cf:9d:ca:
9f:02:ad:dc:a5:e4:ba:e4:fd:b5:49:5a:f0:51:17:
fe:85:42:c3:aa:2b:1c:db:c4:66:72:09:3d:66:cb:
3a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3C:22:4B:2B:CF:4D:D4:6C:09:F0:C7:2E:D9:88:90:2C:1D:F6:84
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UDwiSyvPTdRsCfDHLtmIkCwd9oQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:5f:61:7d:4e:47:95:69:b6:64:52:dd:81:89:db:7e:cb:18:
85:0e:d3:f6:62:4f:5a:75:60:0e:9c:f6:bc:11:cd:ae:fe:3e:
51:a2:0e:26:a9:99:57:ad:36:43:56:e0:c6:05:3e:44:b1:66:
22:97:92:6d:04:93:20:e3:71:ec:bf:24:75:b9:83:39:91:d6:
c5:15:22:a6:59:33:ef:62:c5:45:9e:31:3d:26:cb:7c:04:00:
cd:27:5a:bb:85:f2:b3:e9:da:f9:f6:8d:1a:86:0b:a2:a4:d6:
74:4d:d9:2d:2c:71:1c:16:bf:c7:03:61:79:57:1c:44:1f:3b:
7b:34:31:1c:15:b7:c6:36:b7:08:f5:cd:78:84:39:40:00:0c:
0f:98:b1:0f:6d:e1:f8:cc:e1:31:cd:05:3e:e2:6a:2f:57:45:
e3:7b:85:2b:6a:f9:93:33:e3:d0:48:51:eb:45:90:75:3a:7b:
bd:9c:e7:c8:2c:58:98:07:18:f2:eb:03:ba:38:50:a0:03:ad:
3c:49:b7:48:69:7c:0c:1c:32:69:ce:b9:84:6d:01:bf:7f:38:
9c:d7:f7:78:49:da:0b:f6:3c:83:3f:4d:5e:d1:66:4c:1a:a7:
d1:d5:10:32:da:5f:76:f9:70:ef:15:02:05:38:0a:7e:32:4f:
e0:30:6f:0c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
MjIzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUwM0MyMjRCMkJDRjRE
RDQ2QzA5RjBDNzJFRDk4ODkwMkMxREY2ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMk5yre3G6swuz0IKhe2HgnOuF06HbEPSmKCNRgax+2AmK5lpl
BCZBhvT/8KSFiCbthT3ozjArJ08f36WRTyqmJMURYLVjLp+ckBIMkAP/++AhEvOh
iRZpZ+DZ9+2Dtj3ct1hg3Yx2N0jAd30ZSB7hr/cLBrW0eHSLG6fKi0WiMbTnwl6k
0GAj9eryDRrknxnuXd/TKxx0XMUTakAQHyZ5ayWzA1OpO5nhQVllO8u1DQSJNpPc
HZAFywV1HKJwn4MppExB0Yar1e+6jh9MYdR0+8KS/ATRUCwU/FpPl8+dyp8Crdyl
5Lrk/bVJWvBRF/6FQsOqKxzbxGZyCT1myzrHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUUDwiSyvPTdRsCfDHLtmIkCwd9oQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VEd2lTeXZQVGRSc0Nm
REhMdG1Ja0N3ZDlvUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAdl9hfU5HlWm2ZFLdgYnbfssYhQ7T9mJP
WnVgDpz2vBHNrv4+UaIOJqmZV602Q1bgxgU+RLFmIpeSbQSTIONx7L8kdbmDOZHW
xRUiplkz72LFRZ4xPSbLfAQAzSdau4Xys+na+faNGoYLoqTWdE3ZLSxxHBa/xwNh
eVccRB87ezQxHBW3xja3CPXNeIQ5QAAMD5ixD23h+MzhMc0FPuJqL1dF43uFK2r5
kzPj0EhR60WQdTp7vZznyCxYmAcY8usDujhQoAOtPEm3SGl8DBwyac65hG0Bv384
nNf3eEnaC/Y8gz9NXtFmTBqn0dUQMtpfdvlw7xUCBTgKfjJP4DBvDA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:45 2024 by rpki-client on console-ams.rpki-client.org