Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VWkKd9VpQaFpm0j2jzq4gQ-3dws.roa
File: VWkKd9VpQaFpm0j2jzq4gQ-3dws.roa (raw, json)
Hash identifier: zg+P6BaXSEF/icz27fc5NIxHb2h+In14PpNMp2+3T88=
Subject key identifier: 55:69:0A:77:D5:69:41:A1:69:9B:48:F6:8F:3A:B8:81:0F:B7:77:0B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 485A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VWkKd9VpQaFpm0j2jzq4gQ-3dws.roa
Signing time: Thu 25 Apr 2024 01:23:18 +0000
ROA not before: Thu 25 Apr 2024 01:23:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18522 (0x485a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 01:23:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=55690A77D56941A1699B48F68F3AB8810FB7770B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:72:64:78:80:66:60:c8:7c:ca:29:69:c9:8d:
fc:74:4b:e6:db:28:fa:ce:6f:af:f8:a7:0c:65:76:
b8:3f:f4:97:e7:28:87:4f:c4:89:a9:e5:94:96:40:
2c:a9:5f:ff:9d:f6:11:81:f2:7e:27:bd:17:8e:79:
5f:1c:28:09:b4:a5:39:01:ff:e6:29:7c:b2:ae:af:
29:5b:47:d0:84:ac:17:4b:5b:c7:5a:bc:0c:ad:e4:
c5:bd:ad:53:89:3b:3b:b6:a6:07:40:9e:37:1f:7d:
fa:fd:7a:5e:8f:de:7c:6c:b3:c3:f5:06:40:03:f0:
73:08:59:2f:39:22:43:05:9e:b2:c2:d3:16:d3:04:
33:c2:bf:aa:87:78:82:98:60:5d:68:97:74:bc:40:
c6:17:97:30:0c:21:01:f3:22:aa:cc:82:98:dd:35:
e6:6b:bc:22:9a:cc:a6:e5:46:37:07:73:03:67:f1:
05:4a:8f:4e:37:4e:71:b0:c5:c6:94:c5:b3:9e:31:
11:74:e9:46:9e:0b:4b:9a:27:e0:89:cd:05:d1:73:
ec:a8:9d:6b:77:fd:1d:c3:6c:6e:cc:e6:5d:3a:5b:
63:9b:cb:d5:ba:0e:5a:b8:ba:47:b1:85:d1:dd:18:
d3:25:8b:a9:e3:b2:6b:ea:c2:a7:ab:49:9e:60:55:
09:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:69:0A:77:D5:69:41:A1:69:9B:48:F6:8F:3A:B8:81:0F:B7:77:0B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VWkKd9VpQaFpm0j2jzq4gQ-3dws.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:d4:da:6b:37:d6:d9:79:bb:2d:3c:d3:77:6e:70:64:18:12:
3e:0a:f0:aa:50:3a:52:6d:78:f0:91:c7:fd:2c:0f:fe:c3:d9:
c2:cd:19:61:a8:8e:4b:b4:eb:c7:3f:ae:56:84:6c:7e:4a:e6:
8d:50:f3:94:9a:26:58:0b:0f:ba:68:22:66:e5:b5:3f:18:d6:
94:7c:7a:22:29:d6:27:9e:5b:92:d4:a2:bf:4e:44:26:59:b4:
be:a3:85:d2:7c:11:c1:f0:7e:56:f0:53:17:c8:b3:cc:fc:c2:
67:bc:2b:36:82:0f:8a:6a:cd:45:e4:ca:c5:91:26:5d:a9:ea:
16:2f:2d:05:5d:98:31:4b:f3:42:66:03:33:6b:27:d3:2e:5a:
ec:f2:7b:70:3e:44:e2:a5:c2:a0:1c:ef:8f:84:5e:af:d2:8c:
03:9f:a6:a3:bc:28:05:b5:10:87:fd:f5:55:b2:d7:fa:8a:fe:
47:04:11:7f:e3:c3:16:3a:2c:83:e6:d2:c4:66:7d:08:0e:55:
33:7e:cb:54:aa:43:9a:c9:f0:a7:7a:d8:7e:74:fa:52:d9:3c:
8a:1f:f3:44:be:fc:fe:56:ca:91:a6:80:51:a8:98:ed:61:8e:
7b:1f:64:5b:11:4d:b1:a5:e9:cf:bb:e4:3e:29:3c:f9:8f:8e:
e9:7c:48:3b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUw
MTIzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU1NjkwQTc3RDU2OTQx
QTE2OTlCNDhGNjhGM0FCODgxMEZCNzc3MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDacmR4gGZgyHzKKWnJjfx0S+bbKPrOb6/4pwxldrg/9JfnKIdP
xImp5ZSWQCypX/+d9hGB8n4nvReOeV8cKAm0pTkB/+YpfLKurylbR9CErBdLW8da
vAyt5MW9rVOJOzu2pgdAnjcfffr9el6P3nxss8P1BkAD8HMIWS85IkMFnrLC0xbT
BDPCv6qHeIKYYF1ol3S8QMYXlzAMIQHzIqrMgpjdNeZrvCKazKblRjcHcwNn8QVK
j043TnGwxcaUxbOeMRF06UaeC0uaJ+CJzQXRc+yonWt3/R3DbG7M5l06W2Oby9W6
Dlq4ukexhdHdGNMli6njsmvqwqerSZ5gVQmjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVWkKd9VpQaFpm0j2jzq4gQ+3dwswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZXa0tkOVZwUWFGcG0w
ajJqenE0Z1EtM2R3cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEANtTaazfW2Xm7LTzTd25wZBgSPgrwqlA6
Um148JHH/SwP/sPZws0ZYaiOS7Trxz+uVoRsfkrmjVDzlJomWAsPumgiZuW1PxjW
lHx6IinWJ55bktSiv05EJlm0vqOF0nwRwfB+VvBTF8izzPzCZ7wrNoIPimrNReTK
xZEmXanqFi8tBV2YMUvzQmYDM2sn0y5a7PJ7cD5E4qXCoBzvj4Rer9KMA5+mo7wo
BbUQh/31VbLX+or+RwQRf+PDFjosg+bSxGZ9CA5VM37LVKpDmsnwp3rYfnT6Utk8
ih/zRL78/lbKkaaAUaiY7WGOex9kWxFNsaXpz7vkPik8+Y+O6XxIOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:28 2024 by rpki-client on console-fra.rpki-client.org