Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Ulz3lmAGWt7j8UgW0TN3KIPwzsY.roa
File: Ulz3lmAGWt7j8UgW0TN3KIPwzsY.roa (raw, json)
Hash identifier: ekUQuKKm16itU2qGKrcRfCV/1ldKRgAgA1LbfD3KSy8=
Subject key identifier: 52:5C:F7:96:60:06:5A:DE:E3:F1:48:16:D1:33:77:28:83:F0:CE:C6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5526
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ulz3lmAGWt7j8UgW0TN3KIPwzsY.roa
Signing time: Sun 12 May 2024 02:54:09 +0000
ROA not before: Sun 12 May 2024 02:54:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21798 (0x5526)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 02:54:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=525CF79660065ADEE3F14816D133772883F0CEC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3d:54:82:c7:21:c3:2a:22:4f:85:ec:cc:dc:
67:80:2d:a4:91:dc:65:33:80:c2:22:39:9f:a7:bb:
24:57:98:41:a6:5b:b9:f1:4b:c6:4a:57:0d:ff:bf:
76:97:16:89:24:40:d5:45:5e:a0:f6:52:08:71:20:
4d:f7:85:90:6e:77:80:fd:5a:ee:63:e2:fb:0d:6f:
7a:96:f4:c0:65:ba:fc:a3:7d:4a:4a:b9:f7:2a:b2:
e5:13:d0:18:d8:63:ca:44:9f:3a:e1:46:27:cc:84:
14:f9:ad:2e:b6:c9:20:0e:35:d3:b7:c7:1c:04:31:
d2:cf:27:be:53:81:a1:51:63:3d:18:9c:28:70:57:
db:ab:22:8c:e5:ed:96:68:68:1f:ed:99:dc:30:04:
56:e7:69:88:dc:cd:56:69:b3:74:15:4a:c7:ee:15:
20:fa:8e:0e:37:f3:1e:9c:4f:e3:88:bf:08:63:dc:
5a:b4:83:8c:08:0f:5d:13:31:2b:f9:b4:e1:af:54:
8c:e9:84:15:6f:03:88:90:64:f1:8d:5c:fe:b2:12:
3b:28:71:e9:80:8a:28:e2:d0:5f:5a:a1:2f:6a:e4:
89:e7:ac:bd:02:bb:9f:f3:12:53:c6:55:e6:e6:2d:
04:b7:e5:1f:56:df:1a:8d:7a:8e:d1:83:c2:b0:0e:
68:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:5C:F7:96:60:06:5A:DE:E3:F1:48:16:D1:33:77:28:83:F0:CE:C6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ulz3lmAGWt7j8UgW0TN3KIPwzsY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:97:1e:11:65:1a:ba:2f:60:6d:ea:b0:11:73:77:ad:d5:83:
88:d2:b5:ef:51:d2:f9:54:f5:c9:43:95:5a:da:66:03:f2:b3:
54:10:a0:cc:4b:09:33:10:b0:2e:a5:c7:4a:50:ab:07:64:7d:
e7:da:2e:e8:92:86:31:58:c7:e5:f2:59:17:cd:f6:9a:ed:c3:
f5:63:82:e7:4a:5c:46:4b:2c:99:12:70:a2:81:9e:32:e2:8d:
ad:93:2e:68:c3:65:41:2d:7b:d3:cb:f0:f5:c8:af:7b:ce:f5:
f2:9a:9b:72:b0:1e:fc:46:48:8e:ff:eb:6a:3f:30:19:71:4f:
a7:be:2d:11:98:a1:77:56:77:f4:db:8d:92:c6:ca:5c:33:18:
20:8c:a1:a0:4c:43:7c:b5:cb:24:75:bd:2c:5a:aa:10:5c:ec:
a4:3f:d7:47:32:f1:cf:e5:89:34:ac:a2:5c:a5:7c:e5:38:a1:
a1:36:95:f7:db:87:e8:67:be:3f:97:38:62:bc:ff:e5:67:95:
19:53:11:f9:e5:a7:de:2a:0a:8e:24:f8:65:07:b4:19:b7:9b:
69:8b:4a:31:e2:70:a1:1e:28:40:c2:a2:c6:78:f9:5b:4b:30:
9b:4c:61:37:1d:0b:92:eb:21:f3:a2:37:66:00:f1:8f:35:b9:
b3:87:7a:b2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVSYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIw
MjU0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUyNUNGNzk2NjAwNjVB
REVFM0YxNDgxNkQxMzM3NzI4ODNGMENFQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNPVSCxyHDKiJPhezM3GeALaSR3GUzgMIiOZ+nuyRXmEGmW7nx
S8ZKVw3/v3aXFokkQNVFXqD2UghxIE33hZBud4D9Wu5j4vsNb3qW9MBluvyjfUpK
ufcqsuUT0BjYY8pEnzrhRifMhBT5rS62ySAONdO3xxwEMdLPJ75TgaFRYz0YnChw
V9urIozl7ZZoaB/tmdwwBFbnaYjczVZps3QVSsfuFSD6jg438x6cT+OIvwhj3Fq0
g4wID10TMSv5tOGvVIzphBVvA4iQZPGNXP6yEjsocemAiiji0F9aoS9q5InnrL0C
u5/zElPGVebmLQS35R9W3xqNeo7Rg8KwDmgJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUUlz3lmAGWt7j8UgW0TN3KIPwzsYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VsejNsbUFHV3Q3ajhV
Z1cwVE4zS0lQd3pzWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKJceEWUaui9gbeqwEXN3rdWDiNK171HS
+VT1yUOVWtpmA/KzVBCgzEsJMxCwLqXHSlCrB2R959ou6JKGMVjH5fJZF832mu3D
9WOC50pcRkssmRJwooGeMuKNrZMuaMNlQS1708vw9cive8718pqbcrAe/EZIjv/r
aj8wGXFPp74tEZihd1Z39NuNksbKXDMYIIyhoExDfLXLJHW9LFqqEFzspD/XRzLx
z+WJNKyiXKV85TihoTaV99uH6Ge+P5c4Yrz/5WeVGVMR+eWn3ioKjiT4ZQe0Gbeb
aYtKMeJwoR4oQMKixnj5W0swm0xhNx0Lkush86I3ZgDxjzW5s4d6sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:45 2024 by rpki-client on console-ams.rpki-client.org