Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WCzapE2y3n4JlFFLmKX5PfVZaJE.roa
File: WCzapE2y3n4JlFFLmKX5PfVZaJE.roa (raw, json)
Hash identifier: kfJqJB4pOWuED9nwkD6HjUO4BdaNeaS4SOeQ7tHYNLA=
Subject key identifier: 58:2C:DA:A4:4D:B2:DE:7E:09:94:51:4B:98:A5:F9:3D:F5:59:68:91
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3616
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WCzapE2y3n4JlFFLmKX5PfVZaJE.roa
Signing time: Sun 31 Mar 2024 16:52:35 +0000
ROA not before: Sun 31 Mar 2024 16:52:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13846 (0x3616)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 16:52:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=582CDAA44DB2DE7E0994514B98A5F93DF5596891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:aa:d0:58:1a:11:76:e4:12:3a:0f:26:6a:79:
25:23:83:65:14:00:e4:17:f6:81:a2:ee:d7:f6:7b:
10:9a:e9:65:a7:c9:09:45:64:c9:0f:52:c4:07:ec:
e0:98:b6:b6:4c:79:ab:59:ff:8e:06:90:56:14:1d:
d9:bc:d9:13:78:47:04:0c:9b:b0:ad:fd:85:e4:a4:
7f:d5:65:cf:e8:7c:fa:30:86:0e:ab:b6:1c:3c:14:
96:fa:41:47:db:d7:1d:87:97:c5:95:66:fb:d5:70:
df:05:96:92:3b:73:7f:98:d5:98:38:9f:5e:b1:7c:
f9:37:85:dd:32:f0:f3:06:0e:1a:9d:0c:3d:25:48:
97:25:42:60:3f:02:bf:72:41:53:cd:52:62:8d:ae:
eb:8e:c3:53:68:3c:74:16:06:04:4b:de:e8:50:72:
bc:99:c2:db:80:cc:5a:56:85:1b:19:b3:87:97:0c:
df:70:0e:6c:fa:b5:27:63:2e:20:1b:25:15:ee:6d:
16:61:96:da:10:a4:db:a4:a8:45:53:6a:3d:af:8f:
50:19:0b:db:90:ae:a3:77:e6:0a:56:94:84:80:5f:
44:e7:1b:bc:fe:34:0e:50:67:36:22:6c:15:f5:d8:
fc:3e:a2:ba:d4:2e:c8:9d:b8:56:9a:fc:91:39:34:
e5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:2C:DA:A4:4D:B2:DE:7E:09:94:51:4B:98:A5:F9:3D:F5:59:68:91
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WCzapE2y3n4JlFFLmKX5PfVZaJE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:53:2a:18:ed:8b:04:53:94:4a:e4:e7:ad:45:cd:0e:24:53:
24:60:4e:0d:3e:54:10:55:26:dc:9b:8d:c2:56:69:f0:2d:44:
06:c3:6c:3c:53:80:a8:bb:c2:4b:aa:37:56:f1:a9:05:5b:09:
a9:87:49:77:49:fe:7b:69:22:ea:56:c2:ce:bc:fe:03:12:4b:
f1:62:35:9d:f1:71:58:46:45:99:7b:59:a0:ec:2e:90:a9:da:
51:2e:00:a7:95:80:95:1e:cb:b8:f7:eb:d8:b7:8e:b7:dc:58:
85:75:7e:37:92:c9:ff:93:41:27:6c:f4:88:f2:f3:0d:28:ea:
c7:28:0d:d0:d2:31:58:1e:2f:01:72:97:3c:fb:e8:b5:b5:f3:
d4:fa:9a:ce:6c:ea:f2:e7:08:aa:19:1c:78:eb:ac:0f:78:07:
87:5b:77:3b:52:b8:9d:bb:b4:9b:b0:56:9a:f5:da:ea:d2:1b:
b2:b9:37:d0:3a:90:22:36:61:b5:8e:cf:b3:a1:92:d0:23:2c:
e0:0c:f0:8c:7f:c0:fa:c6:55:a6:22:5c:55:86:71:25:2f:0c:
8d:5d:1a:7c:9d:3b:d0:03:40:b8:e9:25:dc:5f:e5:d2:36:46:
2f:77:05:8b:88:cc:6f:51:56:9b:8b:b0:35:f5:b5:c9:49:f1:
e8:a3:cf:fe
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
NjUyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU4MkNEQUE0NERCMkRF
N0UwOTk0NTE0Qjk4QTVGOTNERjU1OTY4OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvqtBYGhF25BI6DyZqeSUjg2UUAOQX9oGi7tf2exCa6WWnyQlF
ZMkPUsQH7OCYtrZMeatZ/44GkFYUHdm82RN4RwQMm7Ct/YXkpH/VZc/ofPowhg6r
thw8FJb6QUfb1x2Hl8WVZvvVcN8FlpI7c3+Y1Zg4n16xfPk3hd0y8PMGDhqdDD0l
SJclQmA/Ar9yQVPNUmKNruuOw1NoPHQWBgRL3uhQcryZwtuAzFpWhRsZs4eXDN9w
Dmz6tSdjLiAbJRXubRZhltoQpNukqEVTaj2vj1AZC9uQrqN35gpWlISAX0TnG7z+
NA5QZzYibBX12Pw+orrULsiduFaa/JE5NOU3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUWCzapE2y3n4JlFFLmKX5PfVZaJEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dDemFwRTJ5M240SmxG
RkxtS1g1UGZWWmFKRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAd1MqGO2LBFOUSuTnrUXNDiRTJGBODT5U
EFUm3JuNwlZp8C1EBsNsPFOAqLvCS6o3VvGpBVsJqYdJd0n+e2ki6lbCzrz+AxJL
8WI1nfFxWEZFmXtZoOwukKnaUS4Ap5WAlR7LuPfr2LeOt9xYhXV+N5LJ/5NBJ2z0
iPLzDSjqxygN0NIxWB4vAXKXPPvotbXz1Pqazmzq8ucIqhkceOusD3gHh1t3O1K4
nbu0m7BWmvXa6tIbsrk30DqQIjZhtY7Ps6GS0CMs4AzwjH/A+sZVpiJcVYZxJS8M
jV0afJ070ANAuOkl3F/l0jZGL3cFi4jMb1FWm4uwNfW1yUnx6KPP/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:47 2024 by rpki-client on console-ams.rpki-client.org