Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ZX2X7zUtledQf5iQP1fXcUubkW8.roa
File: ZX2X7zUtledQf5iQP1fXcUubkW8.roa (raw, json)
Hash identifier: x3YrKPFj+gGlb6UQ95dZByPp7aWgIG5MaaV3xC5Pw2U=
Subject key identifier: 65:7D:97:EF:35:2D:95:E7:50:7F:98:90:3F:57:D7:71:4B:9B:91:6F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4E4A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZX2X7zUtledQf5iQP1fXcUubkW8.roa
Signing time: Thu 02 May 2024 23:23:47 +0000
ROA not before: Thu 02 May 2024 23:23:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20042 (0x4e4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 23:23:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=657D97EF352D95E7507F98903F57D7714B9B916F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e2:b2:60:6b:bf:5d:68:bb:ec:99:bb:e5:59:
e5:dc:06:23:82:66:20:cc:1b:72:bf:b7:b8:0e:fb:
03:c4:ae:2c:c8:56:e5:be:d5:ca:7f:ad:73:df:f0:
de:a2:44:a0:11:84:de:90:2c:0a:66:53:8e:0e:78:
c0:92:be:3a:dc:5b:5e:30:2c:b8:6c:9c:eb:41:fd:
9f:3c:0f:98:88:e2:4c:05:ad:27:32:26:c7:3e:0f:
79:7a:30:2c:29:b8:cb:5b:ed:bb:75:0c:fa:ad:f1:
14:0c:3f:88:6c:12:0d:8f:c3:43:d0:73:fc:66:b6:
05:2a:fd:5f:e7:38:13:14:44:80:9c:5c:14:63:c5:
13:8a:67:c0:61:f2:f6:72:5b:60:e5:e0:7c:d1:4b:
df:e4:b3:b1:a6:54:78:6e:34:04:e3:05:a6:18:27:
6c:55:fe:7c:71:49:ce:b5:cd:1a:42:1d:0c:dd:6c:
72:30:95:53:35:43:8f:84:5b:93:5a:5a:fb:75:f8:
60:44:63:94:6a:fc:66:94:c3:dd:f5:59:a9:5c:70:
3c:5e:0f:81:f5:f5:e1:2c:1f:32:4d:a1:a8:a6:29:
00:49:fa:4f:98:2b:cb:d9:2e:c5:8a:d9:37:e8:e0:
7b:40:07:2c:37:bb:fc:cc:ad:1d:00:d7:4b:d2:00:
2d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:7D:97:EF:35:2D:95:E7:50:7F:98:90:3F:57:D7:71:4B:9B:91:6F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZX2X7zUtledQf5iQP1fXcUubkW8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:36:06:f6:a0:58:a2:ff:40:1e:0a:59:79:c5:1d:ac:75:0a:
c6:90:ca:61:d3:5c:f1:a0:80:20:18:b8:10:30:c3:e7:e2:64:
4d:9c:e3:61:5d:08:ba:59:65:53:d1:9d:93:bb:6b:55:8e:2c:
e5:48:04:ab:73:6a:b6:5c:f4:02:c1:da:86:c3:9a:49:24:cc:
99:9a:c0:b0:9b:7f:41:a4:f7:fb:51:46:10:ec:fc:d7:c6:b4:
2f:8d:c4:bc:ee:d7:09:ed:83:20:9d:8d:81:ca:16:12:49:77:
df:59:35:68:84:56:92:46:26:8d:ba:0b:02:bc:97:be:bb:c7:
23:d7:90:ec:13:4f:bd:00:b5:0b:74:41:dc:7b:83:eb:49:7a:
c4:cc:29:18:ec:c9:c9:24:99:12:6a:de:32:ed:ee:1b:f7:2a:
69:61:2d:07:41:a1:4d:4e:6b:48:92:ed:f2:dd:71:bb:64:25:
8f:50:10:5b:11:b5:32:89:d9:29:80:77:cd:a9:99:4b:74:d6:
a4:b6:3a:cf:aa:13:0f:9c:64:a1:36:af:cb:0d:84:c8:d7:b4:
5a:5d:2e:c7:58:b8:ce:43:60:85:82:74:3e:dc:37:de:44:8f:
3c:22:52:13:47:ae:c1:e1:47:28:fb:af:cd:d4:a6:b4:ec:45:
2e:6c:87:e8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTkowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIy
MzIzNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY1N0Q5N0VGMzUyRDk1
RTc1MDdGOTg5MDNGNTdENzcxNEI5QjkxNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZ4rJga79daLvsmbvlWeXcBiOCZiDMG3K/t7gO+wPErizIVuW+
1cp/rXPf8N6iRKARhN6QLApmU44OeMCSvjrcW14wLLhsnOtB/Z88D5iI4kwFrScy
Jsc+D3l6MCwpuMtb7bt1DPqt8RQMP4hsEg2Pw0PQc/xmtgUq/V/nOBMURICcXBRj
xROKZ8Bh8vZyW2Dl4HzRS9/ks7GmVHhuNATjBaYYJ2xV/nxxSc61zRpCHQzdbHIw
lVM1Q4+EW5NaWvt1+GBEY5Rq/GaUw931WalccDxeD4H19eEsHzJNoaimKQBJ+k+Y
K8vZLsWK2Tfo4HtAByw3u/zMrR0A10vSAC27AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUZX2X7zUtledQf5iQP1fXcUubkW8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1pYMlg3elV0bGVkUWY1
aVFQMWZYY1V1YmtXOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAIjYG9qBYov9AHgpZecUdrHUKxpDKYdNc
8aCAIBi4EDDD5+JkTZzjYV0IulllU9Gdk7trVY4s5UgEq3Nqtlz0AsHahsOaSSTM
mZrAsJt/QaT3+1FGEOz818a0L43EvO7XCe2DIJ2NgcoWEkl331k1aIRWkkYmjboL
AryXvrvHI9eQ7BNPvQC1C3RB3HuD60l6xMwpGOzJySSZEmreMu3uG/cqaWEtB0Gh
TU5rSJLt8t1xu2Qlj1AQWxG1MonZKYB3zamZS3TWpLY6z6oTD5xkoTavyw2EyNe0
Wl0ux1i4zkNghYJ0Ptw33kSPPCJSE0euweFHKPuvzdSmtOxFLmyH6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:32 2024 by rpki-client on console-fra.rpki-client.org