Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WD0npagC3kPi5LciRu4K6Mb2b5g.roa
File: WD0npagC3kPi5LciRu4K6Mb2b5g.roa (raw, json)
Hash identifier: 2DIAA4YSSwllQeBiiEtL1ezs6Z0Gis85jDVvnrH8z5Q=
Subject key identifier: 58:3D:27:A5:A8:02:DE:43:E2:E4:B7:22:46:EE:0A:E8:C6:F6:6F:98
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A42
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WD0npagC3kPi5LciRu4K6Mb2b5g.roa
Signing time: Sat 06 Apr 2024 06:22:26 +0000
ROA not before: Sat 06 Apr 2024 06:22:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14914 (0x3a42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 06:22:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=583D27A5A802DE43E2E4B72246EE0AE8C6F66F98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:75:b1:14:46:ed:c8:d6:f9:79:5f:79:6b:2a:
c7:09:3a:f6:49:6d:51:96:f1:b0:79:44:9a:0c:b6:
76:3d:03:d1:10:0e:70:cf:bb:02:72:a1:a9:b8:a1:
fe:46:3b:8d:71:a7:d2:ea:10:e6:6a:b5:30:29:d0:
dc:cb:89:d1:42:a1:f1:9a:5d:6d:d8:91:ff:71:29:
de:91:e1:1f:d5:80:af:09:48:5a:b4:5b:66:5e:22:
17:48:03:e1:93:4f:f3:14:6b:d6:fd:b7:a8:30:8c:
11:e8:fe:96:e6:c4:3c:82:55:d4:f3:6c:eb:97:c7:
57:03:82:34:c7:26:f5:a2:2c:02:01:e6:ec:55:01:
65:13:62:63:7b:49:ce:98:33:4d:6d:8c:f3:b4:58:
72:68:8d:55:6e:bc:0d:4a:27:b1:da:6e:cc:ea:25:
72:55:5f:a7:14:45:2c:aa:69:01:b8:40:37:69:aa:
0b:19:72:97:64:e6:ff:c7:8f:f7:73:f6:6d:54:da:
b3:29:10:5c:d2:88:91:6e:fd:eb:e4:83:fe:f8:20:
d4:c8:92:23:06:60:68:94:7f:fd:1c:16:de:48:a9:
57:ef:82:d0:82:97:60:8e:66:7a:9c:d2:da:f3:a0:
b6:42:f4:9e:bf:d7:92:a4:22:52:4d:59:8d:89:6f:
96:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:3D:27:A5:A8:02:DE:43:E2:E4:B7:22:46:EE:0A:E8:C6:F6:6F:98
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WD0npagC3kPi5LciRu4K6Mb2b5g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:5c:b2:83:99:3b:d5:9e:2a:2a:f5:3a:21:d5:ca:cc:41:6c:
89:69:bf:17:75:f5:39:4a:2d:39:34:c8:80:ae:15:e5:fb:79:
50:8f:ce:6f:48:e5:d3:9e:32:27:87:e8:59:f6:11:b4:69:5f:
64:b1:a3:16:81:20:7a:8f:f5:ec:db:96:92:f3:90:82:75:ce:
7b:2d:04:b3:74:6e:c9:0f:8d:85:21:66:33:35:11:9e:72:15:
0e:92:85:2e:02:c3:29:6e:43:49:3f:b7:38:23:05:bb:19:2e:
44:b6:84:37:33:f3:d8:61:f3:cc:cc:51:0b:79:40:95:ca:6a:
f5:4f:28:2d:12:c4:ab:04:1b:80:44:48:ca:75:02:2d:1a:f5:
f7:18:b9:95:f9:74:7a:e5:6c:df:1f:e4:b8:a9:0d:6d:f6:15:
9e:03:10:c5:a7:f9:ec:40:6c:f9:e6:54:33:8a:92:b1:ca:51:
27:b3:0c:d6:4b:cb:a5:a8:f3:8b:2f:4e:8b:6f:ea:d4:c6:1f:
28:f2:65:5e:6e:d1:c1:b6:a7:85:e9:c6:51:c0:6e:2d:d1:c0:
31:b2:37:e2:90:2b:34:d3:e1:0d:47:8e:55:a0:a4:2f:a8:b4:
91:e7:f8:db:42:fa:97:d2:28:71:0d:a9:1b:ae:18:73:33:e2:
33:e1:8e:40
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOkIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYw
NjIyMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU4M0QyN0E1QTgwMkRF
NDNFMkU0QjcyMjQ2RUUwQUU4QzZGNjZGOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvdbEURu3I1vl5X3lrKscJOvZJbVGW8bB5RJoMtnY9A9EQDnDP
uwJyoam4of5GO41xp9LqEOZqtTAp0NzLidFCofGaXW3Ykf9xKd6R4R/VgK8JSFq0
W2ZeIhdIA+GTT/MUa9b9t6gwjBHo/pbmxDyCVdTzbOuXx1cDgjTHJvWiLAIB5uxV
AWUTYmN7Sc6YM01tjPO0WHJojVVuvA1KJ7HabszqJXJVX6cURSyqaQG4QDdpqgsZ
cpdk5v/Hj/dz9m1U2rMpEFzSiJFu/evkg/74INTIkiMGYGiUf/0cFt5IqVfvgtCC
l2COZnqc0trzoLZC9J6/15KkIlJNWY2Jb5bzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUWD0npagC3kPi5LciRu4K6Mb2b5gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dEMG5wYWdDM2tQaTVM
Y2lSdTRLNk1iMmI1Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAnVyyg5k71Z4qKvU6IdXKzEFsiWm/F3X1
OUotOTTIgK4V5ft5UI/Ob0jl054yJ4foWfYRtGlfZLGjFoEgeo/17NuWkvOQgnXO
ey0Es3RuyQ+NhSFmMzURnnIVDpKFLgLDKW5DST+3OCMFuxkuRLaENzPz2GHzzMxR
C3lAlcpq9U8oLRLEqwQbgERIynUCLRr19xi5lfl0euVs3x/kuKkNbfYVngMQxaf5
7EBs+eZUM4qSscpRJ7MM1kvLpajziy9Oi2/q1MYfKPJlXm7RwbanhenGUcBuLdHA
MbI34pArNNPhDUeOVaCkL6i0kef420L6l9IocQ2pG64YczPiM+GOQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:29 2024 by rpki-client on console-fra.rpki-client.org