Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VzrfadL6KCHiSlttgif4Lsynzew.roa
File: VzrfadL6KCHiSlttgif4Lsynzew.roa (raw, json)
Hash identifier: +CI5lTNBPWxIqay95St3BCdskN+0iMpo3sohpQ8otzU=
Subject key identifier: 57:3A:DF:69:D2:FA:28:21:E2:4A:5B:6D:82:27:F8:2E:CC:A7:CD:EC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A2A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VzrfadL6KCHiSlttgif4Lsynzew.roa
Signing time: Sat 06 Apr 2024 03:22:26 +0000
ROA not before: Sat 06 Apr 2024 03:22:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14890 (0x3a2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 03:22:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=573ADF69D2FA2821E24A5B6D8227F82ECCA7CDEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3d:25:0c:2e:84:17:51:18:41:4e:f7:a5:b6:
96:3b:c9:ad:27:94:30:9e:a9:ba:93:a8:24:2a:69:
fd:36:69:ef:79:e8:0d:99:bb:79:da:2b:34:0c:93:
59:79:8c:ed:e0:68:58:94:9b:09:82:75:84:63:d7:
20:a0:37:b8:36:9e:a3:34:b6:37:92:ab:07:2c:19:
89:07:af:45:0c:cf:19:20:9f:98:a6:51:36:e6:52:
f8:db:de:0f:2d:65:7f:cd:a3:7a:0f:91:f2:dd:6b:
70:cc:16:12:35:2f:3c:72:05:4a:d4:d3:d0:ea:49:
84:f2:24:61:53:46:31:87:55:bc:a3:a1:fb:fa:72:
2a:fb:2e:0c:6a:f5:e4:f6:f2:fb:ff:a6:d7:b1:47:
ec:cc:ce:13:b7:aa:ef:5c:e1:0b:82:73:7e:24:30:
a8:3b:4c:de:37:cc:94:49:f3:23:1b:f2:3c:1b:4e:
70:4e:78:83:dc:44:a5:56:a8:99:cb:ec:ff:d8:3b:
10:c4:36:77:01:d0:70:24:f8:b6:08:9e:e7:f2:92:
4c:28:7a:63:1d:10:8f:ca:d6:32:59:fb:26:75:52:
c8:d3:a9:1a:76:0f:42:e2:2f:e0:6a:75:37:65:3d:
7f:30:6b:e8:67:bb:f1:c2:30:6a:1a:66:0a:b3:b5:
13:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:3A:DF:69:D2:FA:28:21:E2:4A:5B:6D:82:27:F8:2E:CC:A7:CD:EC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VzrfadL6KCHiSlttgif4Lsynzew.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6f:8b:93:0d:2c:89:f2:bb:f7:c1:ce:ed:bc:23:e0:32:fd:8d:
7e:f9:88:3c:fe:d2:31:8e:6b:c0:4e:e4:07:86:8f:8a:80:fe:
51:53:e5:fa:5c:15:fa:3b:d8:56:68:6f:a8:bf:3d:8d:99:9b:
cc:a0:f4:d3:74:cd:52:9e:b3:f5:9d:5c:f8:c0:3f:fa:45:f3:
3d:ac:67:21:6d:30:eb:f2:99:51:a3:d5:2d:7e:2c:54:95:aa:
03:f2:32:f9:d7:2c:fd:cc:b7:52:77:f5:42:b6:5f:9e:3b:e4:
06:41:85:50:4e:de:30:85:c1:09:2f:f3:67:e6:83:ef:3c:f5:
88:1c:2b:ee:8f:44:85:be:9b:bf:28:59:59:3d:a1:90:04:32:
23:ea:ba:c2:d3:b2:cc:73:10:6f:c5:d4:39:2b:04:ec:55:1b:
a0:5d:2a:f7:59:5d:08:0d:c7:ad:6b:21:f5:90:f1:9d:6e:fc:
64:fe:6c:2e:ba:cb:49:46:b3:b6:c1:71:1b:76:4b:16:73:ae:
f9:46:d2:b6:b5:56:65:82:64:a2:b5:25:66:b6:b3:8b:ab:6e:
3d:a8:47:56:7e:d0:87:3e:c0:fd:e7:19:60:95:8f:da:ac:91:
55:c5:b7:55:93:fc:32:a1:71:cf:ac:c7:e0:b4:cd:0b:5e:a9:
62:97:e0:8c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOiowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYw
MzIyMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU3M0FERjY5RDJGQTI4
MjFFMjRBNUI2RDgyMjdGODJFQ0NBN0NERUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBPSUMLoQXURhBTveltpY7ya0nlDCeqbqTqCQqaf02ae956A2Z
u3naKzQMk1l5jO3gaFiUmwmCdYRj1yCgN7g2nqM0tjeSqwcsGYkHr0UMzxkgn5im
UTbmUvjb3g8tZX/No3oPkfLda3DMFhI1LzxyBUrU09DqSYTyJGFTRjGHVbyjofv6
cir7Lgxq9eT28vv/ptexR+zMzhO3qu9c4QuCc34kMKg7TN43zJRJ8yMb8jwbTnBO
eIPcRKVWqJnL7P/YOxDENncB0HAk+LYInufykkwoemMdEI/K1jJZ+yZ1UsjTqRp2
D0LiL+BqdTdlPX8wa+hnu/HCMGoaZgqztRO7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVzrfadL6KCHiSlttgif4LsynzewwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1Z6cmZhZEw2S0NIaVNs
dHRnaWY0THN5bnpldy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAb4uTDSyJ8rv3wc7tvCPgMv2NfvmIPP7S
MY5rwE7kB4aPioD+UVPl+lwV+jvYVmhvqL89jZmbzKD003TNUp6z9Z1c+MA/+kXz
PaxnIW0w6/KZUaPVLX4sVJWqA/Iy+dcs/cy3Unf1QrZfnjvkBkGFUE7eMIXBCS/z
Z+aD7zz1iBwr7o9Ehb6bvyhZWT2hkAQyI+q6wtOyzHMQb8XUOSsE7FUboF0q91ld
CA3HrWsh9ZDxnW78ZP5sLrrLSUaztsFxG3ZLFnOu+UbStrVWZYJkorUlZrazi6tu
PahHVn7Qhz7A/ecZYJWP2qyRVcW3VZP8MqFxz6zH4LTNC16pYpfgjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:29 2024 by rpki-client on console-fra.rpki-client.org