Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UcBTSYcmOOaE-L_hySvec1zYkD0.roa
File: UcBTSYcmOOaE-L_hySvec1zYkD0.roa (raw, json)
Hash identifier: UGUyOFopSTCy8paDDiEGyuW/8bxHIhLv/qxmLryQ5ns=
Subject key identifier: 51:C0:53:49:87:26:38:E6:84:F8:BF:E1:C9:2B:DE:73:5C:D8:90:3D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3486
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UcBTSYcmOOaE-L_hySvec1zYkD0.roa
Signing time: Fri 29 Mar 2024 14:52:10 +0000
ROA not before: Fri 29 Mar 2024 14:52:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13446 (0x3486)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 14:52:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=51C05349872638E684F8BFE1C92BDE735CD8903D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d3:09:45:8f:eb:4f:4f:f5:8c:80:87:ac:fc:
f2:ce:ba:bc:93:85:2a:89:64:f7:6b:78:12:99:16:
52:0a:9a:40:f9:d7:cb:4f:50:d7:21:d5:00:4f:93:
71:6b:6a:d6:45:51:91:79:79:5c:27:f8:37:ae:22:
6b:4c:05:8c:75:c9:05:41:bc:48:ac:89:9c:cb:9c:
c8:87:68:68:3b:7f:c3:31:f8:93:ae:e0:31:a9:1e:
55:c1:b8:f1:5b:a9:e8:e5:b5:29:a9:33:ea:27:a2:
fd:a1:74:25:fe:2e:e3:46:81:d4:b0:be:b3:1f:74:
88:f3:59:75:9f:bf:eb:52:e9:c8:1c:fe:60:d9:51:
0a:e2:f4:8c:a7:84:bb:a9:94:40:0d:aa:e0:67:6b:
52:e4:e4:d6:6d:0f:3c:7e:73:b6:5e:04:a4:8c:2a:
ca:f9:99:c0:1b:24:0d:07:0b:e5:06:ea:8e:c7:52:
67:1f:a4:c8:3c:29:02:ac:cf:10:10:50:cd:65:c2:
a5:19:7c:dc:c7:c4:e8:19:9a:50:d5:51:e9:8a:71:
7c:c9:eb:b3:e7:3c:8a:ba:1f:31:71:3f:a0:d6:45:
f9:42:7e:dc:e6:8e:4a:64:d0:c2:6c:83:05:68:b0:
fd:4a:e3:66:71:d7:af:44:79:62:2f:f6:2d:ec:94:
10:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C0:53:49:87:26:38:E6:84:F8:BF:E1:C9:2B:DE:73:5C:D8:90:3D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UcBTSYcmOOaE-L_hySvec1zYkD0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:9d:f1:e4:72:66:6d:2a:db:44:e7:25:b8:6b:bb:4a:fd:d1:
97:fa:04:ab:80:91:48:0d:7b:28:c3:94:9e:08:38:ab:17:b0:
cc:34:0b:0b:8a:8d:84:e4:cd:e2:2b:c4:64:89:2a:a9:83:c2:
fb:ef:bf:54:34:f3:0f:8d:7d:65:03:a1:45:aa:46:54:64:1d:
e7:da:57:4d:03:12:e0:eb:1c:0a:42:36:1d:fd:1a:5a:bd:1b:
50:bd:80:61:c9:39:8e:0e:8e:f5:ac:d3:85:3f:4c:ea:06:d7:
6c:17:67:b1:43:27:81:97:36:c1:d8:54:98:35:29:b4:50:59:
d2:bd:8a:6b:9c:52:42:96:fc:7c:f2:af:ab:e2:8b:59:27:89:
7b:6b:60:bc:ab:07:d3:c3:47:e4:ff:14:15:a5:70:97:78:b6:
6d:cd:10:7f:38:b0:ac:fa:01:18:b9:6b:da:dc:b9:4b:84:0f:
9d:50:63:e6:8c:e0:2e:b3:b6:c9:ab:62:15:6e:66:d3:53:01:
6f:66:4c:6e:1d:7f:86:6c:8e:b6:9b:b7:4a:62:d2:7d:64:15:
64:a9:82:90:5a:57:7b:97:5d:c8:72:24:11:2a:26:d3:d2:6f:
d0:59:db:13:67:75:29:a3:53:40:38:66:4a:94:08:1f:35:43:
f5:08:7c:d9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNIYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkx
NDUyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUxQzA1MzQ5ODcyNjM4
RTY4NEY4QkZFMUM5MkJERTczNUNEODkwM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp0wlFj+tPT/WMgIes/PLOuryThSqJZPdreBKZFlIKmkD518tP
UNch1QBPk3FratZFUZF5eVwn+DeuImtMBYx1yQVBvEisiZzLnMiHaGg7f8Mx+JOu
4DGpHlXBuPFbqejltSmpM+onov2hdCX+LuNGgdSwvrMfdIjzWXWfv+tS6cgc/mDZ
UQri9IynhLuplEANquBna1Lk5NZtDzx+c7ZeBKSMKsr5mcAbJA0HC+UG6o7HUmcf
pMg8KQKszxAQUM1lwqUZfNzHxOgZmlDVUemKcXzJ67PnPIq6HzFxP6DWRflCftzm
jkpk0MJsgwVosP1K42Zx169EeWIv9i3slBBBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUUcBTSYcmOOaE+L/hySvec1zYkD0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VjQlRTWWNtT09hRS1M
X2h5U3ZlYzF6WWtEMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAeZ3x5HJmbSrbROcluGu7Sv3Rl/oEq4CR
SA17KMOUngg4qxewzDQLC4qNhOTN4ivEZIkqqYPC+++/VDTzD419ZQOhRapGVGQd
59pXTQMS4OscCkI2Hf0aWr0bUL2AYck5jg6O9azThT9M6gbXbBdnsUMngZc2wdhU
mDUptFBZ0r2Ka5xSQpb8fPKvq+KLWSeJe2tgvKsH08NH5P8UFaVwl3i2bc0Qfziw
rPoBGLlr2ty5S4QPnVBj5ozgLrO2yatiFW5m01MBb2ZMbh1/hmyOtpu3SmLSfWQV
ZKmCkFpXe5ddyHIkESom09Jv0FnbE2d1KaNTQDhmSpQIHzVD9Qh82Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:28 2024 by rpki-client on console-fra.rpki-client.org