Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ZcdxjKLt7gZH_hr7GkE8Ny9Dy1c.roa
File: ZcdxjKLt7gZH_hr7GkE8Ny9Dy1c.roa (raw, json)
Hash identifier: cnZgNJrrEVdXR57yHWQxy38YJkOgA46LgL+zC7O10Y0=
Subject key identifier: 65:C7:71:8C:A2:ED:EE:06:47:FE:1A:FB:1A:41:3C:37:2F:43:CB:57
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 42C6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZcdxjKLt7gZH_hr7GkE8Ny9Dy1c.roa
Signing time: Wed 17 Apr 2024 14:53:00 +0000
ROA not before: Wed 17 Apr 2024 14:53:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17094 (0x42c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 14:53:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=65C7718CA2EDEE0647FE1AFB1A413C372F43CB57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:78:93:f4:35:ab:69:e9:39:b2:0b:f9:40:7a:
f9:3a:a6:4d:c3:c7:c4:78:f6:d4:3e:77:0f:a3:a1:
b2:a7:17:e3:b3:f1:39:6c:cf:11:07:75:32:f0:e8:
11:1d:72:e4:9d:9b:b3:00:7c:98:e0:97:33:18:a0:
16:b1:09:d7:52:c2:2c:34:2f:fb:2e:8f:34:a3:78:
e6:d8:02:80:9b:8a:ed:ae:6e:cc:5d:9c:fb:4d:93:
6f:7b:11:e8:0f:3b:9a:0f:01:81:9d:95:bd:fc:8b:
fe:8d:6c:dc:c1:1d:9c:22:20:39:10:f3:5a:b3:d4:
14:e1:f0:85:30:f9:a5:c8:de:c8:98:7d:64:ff:0b:
17:0d:84:3b:9d:68:2f:5d:77:dd:6e:61:c0:fc:d1:
b0:5c:e0:26:b7:07:5f:fa:b0:cf:d5:ba:98:ec:8e:
bb:f6:10:e3:87:6e:01:77:d8:6e:5e:3b:87:87:66:
e7:f1:10:38:9c:e3:9a:43:c6:72:d7:0b:0f:36:57:
e4:ab:2a:92:d1:6a:6d:6a:53:b5:ed:1e:e9:f5:40:
ab:c5:24:59:2e:93:14:16:ea:97:c4:5e:c0:69:10:
f8:04:92:91:63:82:2f:ff:14:c0:ab:a5:4b:ba:e4:
10:b6:80:5b:0c:99:44:3a:82:d3:41:da:43:c9:6c:
9e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C7:71:8C:A2:ED:EE:06:47:FE:1A:FB:1A:41:3C:37:2F:43:CB:57
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZcdxjKLt7gZH_hr7GkE8Ny9Dy1c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:b6:7e:d1:b7:2f:4b:82:44:b6:74:85:f6:46:6d:c5:fa:45:
f1:af:ba:7f:f6:d4:a0:47:a1:63:a5:5e:f4:4c:d0:e0:dd:ea:
95:ec:62:95:29:cd:db:1d:34:dd:0e:2f:68:3f:e5:db:c1:3a:
1b:ce:a5:db:5a:b0:91:ce:b7:13:d3:7e:47:c6:74:cb:1c:8d:
d5:ac:98:37:2d:0d:ac:3d:91:ec:ae:22:d9:1b:e4:64:d9:42:
c5:03:59:24:8b:2f:14:1c:92:10:48:35:e4:2d:6b:cd:55:f1:
80:ae:4d:03:ab:18:58:8d:45:56:11:31:57:c0:2b:58:1a:ef:
ba:5e:ff:f0:df:4c:cb:f6:ed:6a:da:45:8b:56:bc:54:c8:f2:
f2:92:37:0d:50:56:06:02:94:5a:37:0b:3c:4b:d9:e2:94:85:
96:76:3f:84:26:20:a1:47:5c:14:f6:88:b2:72:bd:67:7f:9d:
58:f9:84:90:96:01:d2:12:f0:a5:23:86:97:20:9b:58:16:39:
fe:db:ff:ff:77:af:5b:ef:40:02:9e:b7:b2:74:a1:a9:20:31:
78:99:82:d5:2d:96:fe:67:95:6e:93:18:59:b5:51:2e:70:f5:
fd:28:d9:68:ae:e9:27:db:ab:22:c6:6c:87:b2:fd:7a:65:d4:
bd:c3:6b:67
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQsYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcx
NDUzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY1Qzc3MThDQTJFREVF
MDY0N0ZFMUFGQjFBNDEzQzM3MkY0M0NCNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLeJP0Natp6TmyC/lAevk6pk3Dx8R49tQ+dw+jobKnF+Oz8Tls
zxEHdTLw6BEdcuSdm7MAfJjglzMYoBaxCddSwiw0L/sujzSjeObYAoCbiu2ubsxd
nPtNk297EegPO5oPAYGdlb38i/6NbNzBHZwiIDkQ81qz1BTh8IUw+aXI3siYfWT/
CxcNhDudaC9dd91uYcD80bBc4Ca3B1/6sM/Vupjsjrv2EOOHbgF32G5eO4eHZufx
EDic45pDxnLXCw82V+SrKpLRam1qU7XtHun1QKvFJFkukxQW6pfEXsBpEPgEkpFj
gi//FMCrpUu65BC2gFsMmUQ6gtNB2kPJbJ5HAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUZcdxjKLt7gZH/hr7GkE8Ny9Dy1cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1pjZHhqS0x0N2daSF9o
cjdHa0U4Tnk5RHkxYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAorZ+0bcvS4JEtnSF9kZtxfpF8a+6f/bU
oEehY6Ve9EzQ4N3qlexilSnN2x003Q4vaD/l28E6G86l21qwkc63E9N+R8Z0yxyN
1ayYNy0NrD2R7K4i2RvkZNlCxQNZJIsvFBySEEg15C1rzVXxgK5NA6sYWI1FVhEx
V8ArWBrvul7/8N9My/btatpFi1a8VMjy8pI3DVBWBgKUWjcLPEvZ4pSFlnY/hCYg
oUdcFPaIsnK9Z3+dWPmEkJYB0hLwpSOGlyCbWBY5/tv//3evW+9AAp63snShqSAx
eJmC1S2W/meVbpMYWbVRLnD1/SjZaK7pJ9urIsZsh7L9emXUvcNrZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:51 2024 by rpki-client on console-ams.rpki-client.org