Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VAOtDdGCYteFCypIEP2hCehstfo.roa
File: VAOtDdGCYteFCypIEP2hCehstfo.roa (raw, json)
Hash identifier: csrS7TL2kaX9MhJ/moM4AeowWyqim8bCkrotkKNFZtw=
Subject key identifier: 54:03:AD:0D:D1:82:62:D7:85:0B:2A:48:10:FD:A1:09:E8:6C:B5:FA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 39A2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VAOtDdGCYteFCypIEP2hCehstfo.roa
Signing time: Fri 05 Apr 2024 10:22:25 +0000
ROA not before: Fri 05 Apr 2024 10:22:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14754 (0x39a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 10:22:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5403AD0DD18262D7850B2A4810FDA109E86CB5FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:36:a1:91:9f:5a:0f:22:ce:1a:5f:3a:f0:70:
63:5a:7f:5a:d5:df:4a:d7:01:08:34:eb:66:ff:5f:
29:74:13:99:02:54:34:df:89:7f:d3:05:78:b5:4e:
09:aa:59:1f:03:da:4b:20:52:d5:90:dc:5b:93:50:
e3:92:56:76:9e:8a:b4:25:ea:e9:a6:56:d6:1e:98:
05:0c:6f:95:91:93:27:c4:82:01:a3:b4:bd:2a:c1:
d4:58:0e:b1:5d:9c:94:ef:2c:3b:aa:1b:55:53:1d:
51:0b:fa:30:88:e4:66:6d:d2:25:1c:73:0c:be:a6:
9f:9b:cb:69:b4:7d:6c:8f:b3:d5:37:b0:ee:60:43:
ec:50:b0:01:56:a6:51:1e:f0:d2:d5:50:30:56:58:
11:96:e2:42:ef:b4:d3:e9:4f:09:54:4b:2c:b5:06:
8b:fc:d5:5a:ba:70:f5:65:d8:97:79:37:8b:61:dc:
0b:8d:67:0f:40:92:55:4e:9e:11:88:b3:6d:fa:4d:
05:b8:c3:0a:fb:03:21:ee:71:6e:fd:af:12:41:b2:
29:06:80:7b:0b:36:f6:3c:6b:6c:00:3c:d7:83:f8:
43:3c:fd:c3:da:b0:64:d9:9d:42:b3:c2:40:70:10:
5a:6b:08:a3:b6:de:41:10:00:a0:b7:3f:63:1d:c6:
1e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:03:AD:0D:D1:82:62:D7:85:0B:2A:48:10:FD:A1:09:E8:6C:B5:FA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VAOtDdGCYteFCypIEP2hCehstfo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:44:6c:cd:5e:a3:79:9d:87:90:99:9d:a0:ca:42:25:a9:cf:
00:f5:ca:b0:d0:50:a1:e1:54:9b:21:93:73:a0:f1:1b:bd:62:
04:7c:ef:a1:75:75:54:dc:56:78:be:08:00:a1:f1:1b:c2:d2:
50:dc:ca:0c:58:a3:42:84:06:22:81:ed:ba:e4:d6:72:10:55:
53:eb:e3:b3:c9:2d:c6:59:d5:4a:5d:d0:0b:fe:b8:4a:cf:df:
d3:37:ad:0e:6c:12:81:ea:74:21:74:1e:fe:13:50:6a:35:29:
a4:06:82:17:e6:93:51:01:8d:2c:42:94:a2:04:a1:69:99:a5:
ec:a1:2f:fe:a8:a6:2a:81:a0:26:31:e7:34:33:3c:ee:38:2a:
25:8f:8c:3b:09:49:3a:07:d2:0c:02:03:0a:5e:4d:be:fa:ab:
cb:82:8a:be:6e:ba:81:fe:a5:26:45:ef:07:ab:b6:15:8c:32:
21:31:05:07:aa:bb:c9:12:09:f6:06:c5:0f:c8:57:9d:62:ab:
b1:ba:74:63:e8:37:ad:c2:1e:98:81:5c:fb:08:6c:79:54:16:
6a:ca:a2:b7:62:25:a2:4f:c9:85:04:69:72:41:64:f3:d9:30:
43:86:14:4d:3d:cf:46:60:a7:09:06:1c:62:a4:8d:27:f0:b3:
22:b4:e5:47
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOaIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUx
MDIyMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU0MDNBRDBERDE4MjYy
RDc4NTBCMkE0ODEwRkRBMTA5RTg2Q0I1RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbNqGRn1oPIs4aXzrwcGNaf1rV30rXAQg062b/Xyl0E5kCVDTf
iX/TBXi1TgmqWR8D2ksgUtWQ3FuTUOOSVnaeirQl6ummVtYemAUMb5WRkyfEggGj
tL0qwdRYDrFdnJTvLDuqG1VTHVEL+jCI5GZt0iUccwy+pp+by2m0fWyPs9U3sO5g
Q+xQsAFWplEe8NLVUDBWWBGW4kLvtNPpTwlUSyy1Bov81Vq6cPVl2Jd5N4th3AuN
Zw9AklVOnhGIs236TQW4wwr7AyHucW79rxJBsikGgHsLNvY8a2wAPNeD+EM8/cPa
sGTZnUKzwkBwEFprCKO23kEQAKC3P2Mdxh47AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVAOtDdGCYteFCypIEP2hCehstfowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZBT3REZEdDWXRlRkN5
cElFUDJoQ2Voc3Rmby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAJkRszV6jeZ2HkJmdoMpCJanPAPXKsNBQ
oeFUmyGTc6DxG71iBHzvoXV1VNxWeL4IAKHxG8LSUNzKDFijQoQGIoHtuuTWchBV
U+vjs8ktxlnVSl3QC/64Ss/f0zetDmwSgep0IXQe/hNQajUppAaCF+aTUQGNLEKU
ogShaZml7KEv/qimKoGgJjHnNDM87jgqJY+MOwlJOgfSDAIDCl5Nvvqry4KKvm66
gf6lJkXvB6u2FYwyITEFB6q7yRIJ9gbFD8hXnWKrsbp0Y+g3rcIemIFc+whseVQW
asqit2Ilok/JhQRpckFk89kwQ4YUTT3PRmCnCQYcYqSNJ/CzIrTlRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:28 2024 by rpki-client on console-fra.rpki-client.org