Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/W_wzblcSnlrgQfM2FFoGhveQces.roa
File: W_wzblcSnlrgQfM2FFoGhveQces.roa (raw, json)
Hash identifier: s6tTV931kEabJSGUKTY/I9BUhrtjdu5LAEqwHfYUfb0=
Subject key identifier: 5B:FC:33:6E:57:12:9E:5A:E0:41:F3:36:14:5A:06:86:F7:90:71:EB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5776
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/W_wzblcSnlrgQfM2FFoGhveQces.roa
Signing time: Wed 15 May 2024 04:54:10 +0000
ROA not before: Wed 15 May 2024 04:54:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22390 (0x5776)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 04:54:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5BFC336E57129E5AE041F336145A0686F79071EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:37:1a:c2:c4:9d:a1:6f:a9:a7:08:f7:91:c3:
d9:8c:31:e0:a1:e2:05:45:dd:bc:14:87:c4:18:91:
49:e1:32:7e:34:1a:61:4b:9e:48:04:60:41:c6:80:
13:26:1a:58:3a:5a:5c:a3:5d:28:7a:36:56:25:68:
8a:ed:10:4e:19:f2:9d:6a:3c:01:60:b0:0f:e3:9f:
1e:2b:6f:ce:5c:5d:96:e7:9b:de:62:62:9a:6c:57:
fd:1c:35:bb:13:2b:4e:97:70:2b:81:74:c9:07:c0:
2b:d5:39:a7:92:95:29:f9:f3:1e:a1:8d:16:6f:5d:
e3:35:10:c0:4b:69:d6:75:da:3a:8b:84:a4:a2:ea:
8d:8c:4c:63:16:50:01:e1:a5:1f:2a:42:12:86:7b:
d6:15:b8:15:2c:ab:fb:f9:ba:31:10:12:af:b6:f3:
4a:ed:88:c7:ef:2f:e8:ae:85:96:17:87:8a:23:b7:
4b:74:c0:d7:81:78:69:ce:1c:67:c9:96:57:c6:e2:
b7:4c:5f:3f:39:8b:16:a8:20:db:b5:27:10:0d:89:
ec:f6:8b:6a:86:c8:e5:70:a4:7c:cb:f6:b4:11:83:
33:d8:47:46:6b:fa:60:63:90:20:03:cc:00:18:5a:
13:9e:c5:05:56:26:d0:c2:b2:d5:e1:67:80:db:ab:
a8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:FC:33:6E:57:12:9E:5A:E0:41:F3:36:14:5A:06:86:F7:90:71:EB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/W_wzblcSnlrgQfM2FFoGhveQces.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:02:d2:49:69:03:f5:4f:df:1e:82:1f:51:cb:9b:0d:08:a9:
04:1a:42:09:39:50:24:03:86:b0:d6:03:d9:1f:4d:5a:41:8b:
3a:e8:4b:6a:3d:61:0d:cc:f7:67:44:76:07:f9:3e:e4:38:b9:
1f:fe:98:ef:13:c3:c9:0f:c6:8c:c4:0d:2f:64:17:c3:ec:11:
76:ad:f5:88:2b:64:a4:9d:62:76:93:5f:a7:cd:5a:73:51:63:
68:f2:95:09:0c:d8:ee:09:42:71:fe:bf:7e:9f:29:f7:c9:2a:
bd:cf:98:c8:43:c9:44:33:93:2f:38:10:76:f7:ce:4e:55:7d:
60:ae:09:bf:aa:0c:d9:92:da:57:9c:2d:fc:3f:89:48:c7:fd:
16:dc:f6:44:a2:d4:7c:db:9c:1e:ef:06:e4:50:ee:0e:e8:73:
ad:fe:45:ef:25:2d:12:14:60:65:cc:16:ce:e0:5d:92:70:a9:
e7:89:83:d5:c9:43:60:54:9b:1f:95:a3:19:f8:d8:a3:c7:6b:
f6:cf:f3:e5:d7:f1:31:f3:d0:be:44:68:37:ef:62:96:ba:fb:
7a:b0:e5:e7:a9:35:f7:d3:73:f5:04:94:bc:c6:41:c7:c8:8a:
4d:d6:2f:b5:8a:f7:05:af:a4:20:8c:fa:01:d9:c2:64:2f:a1:
ba:99:bd:ac
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICV3YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUw
NDU0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVCRkMzMzZFNTcxMjlF
NUFFMDQxRjMzNjE0NUEwNjg2Rjc5MDcxRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5NxrCxJ2hb6mnCPeRw9mMMeCh4gVF3bwUh8QYkUnhMn40GmFL
nkgEYEHGgBMmGlg6WlyjXSh6NlYlaIrtEE4Z8p1qPAFgsA/jnx4rb85cXZbnm95i
YppsV/0cNbsTK06XcCuBdMkHwCvVOaeSlSn58x6hjRZvXeM1EMBLadZ12jqLhKSi
6o2MTGMWUAHhpR8qQhKGe9YVuBUsq/v5ujEQEq+280rtiMfvL+iuhZYXh4ojt0t0
wNeBeGnOHGfJllfG4rdMXz85ixaoINu1JxANiez2i2qGyOVwpHzL9rQRgzPYR0Zr
+mBjkCADzAAYWhOexQVWJtDCstXhZ4Dbq6i/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUW/wzblcSnlrgQfM2FFoGhveQceswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dfd3pibGNTbmxyZ1Fm
TTJGRm9HaHZlUWNlcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAFwLSSWkD9U/fHoIfUcubDQipBBpCCTlQ
JAOGsNYD2R9NWkGLOuhLaj1hDcz3Z0R2B/k+5Di5H/6Y7xPDyQ/GjMQNL2QXw+wR
dq31iCtkpJ1idpNfp81ac1FjaPKVCQzY7glCcf6/fp8p98kqvc+YyEPJRDOTLzgQ
dvfOTlV9YK4Jv6oM2ZLaV5wt/D+JSMf9Ftz2RKLUfNucHu8G5FDuDuhzrf5F7yUt
EhRgZcwWzuBdknCp54mD1clDYFSbH5WjGfjYo8dr9s/z5dfxMfPQvkRoN+9ilrr7
erDl56k199Nz9QSUvMZBx8iKTdYvtYr3Ba+kIIz6AdnCZC+hupm9rA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:48 2024 by rpki-client on console-ams.rpki-client.org