Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_S4KVceaUfGj3zglg9bziXzrBrk.roa
File: _S4KVceaUfGj3zglg9bziXzrBrk.roa (raw, json)
Hash identifier: +XRo0B8x5AzSBVJBKlPA+yEvSqYpOSqXHSFNaOzQf2s=
Subject key identifier: FD:2E:0A:55:C7:9A:51:F1:A3:DF:38:25:83:D6:F3:89:7C:EB:06:B9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40A6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_S4KVceaUfGj3zglg9bziXzrBrk.roa
Signing time: Sun 14 Apr 2024 18:52:53 +0000
ROA not before: Sun 14 Apr 2024 18:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16550 (0x40a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 18:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FD2E0A55C79A51F1A3DF382583D6F3897CEB06B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:da:d8:c0:bd:8c:df:8c:37:ff:89:df:bb:01:
dc:ce:f2:44:d2:ef:fc:ac:72:4f:79:a5:75:46:54:
db:a7:4b:f5:47:0e:82:d1:f4:b1:01:f5:d4:bb:ec:
63:b4:fb:62:fc:a5:33:67:74:f2:f0:d4:bb:eb:7f:
f9:6a:0e:d7:d7:58:bd:e6:de:29:87:3f:44:83:7c:
64:3a:63:5c:45:23:33:68:ba:f4:0b:00:59:4a:e7:
a7:cc:fb:92:45:9c:d5:e5:80:9c:31:9c:ce:2e:c7:
c1:da:f4:e4:6d:16:42:39:c7:1d:24:32:e6:ef:64:
ab:6e:a1:c2:9c:f5:24:94:36:e9:24:a1:61:a7:88:
5d:62:46:45:68:39:7b:ae:c6:af:be:3b:05:17:12:
60:08:32:5f:c8:a4:5f:a9:50:02:3e:63:e6:01:8f:
2c:07:a8:87:30:48:4e:38:95:89:c7:58:ed:7a:67:
1c:61:bc:61:06:d6:1f:ad:a4:7d:55:17:64:07:5e:
0e:3a:24:57:c3:1c:c2:50:08:0f:6a:b8:e1:ec:4e:
41:7a:84:4a:76:60:7e:d5:cd:7c:cf:fb:53:27:96:
2a:17:ca:88:2a:27:65:f8:87:3f:03:28:72:12:c7:
90:ba:75:68:29:46:70:32:94:47:82:f3:a8:89:b4:
1d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:2E:0A:55:C7:9A:51:F1:A3:DF:38:25:83:D6:F3:89:7C:EB:06:B9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_S4KVceaUfGj3zglg9bziXzrBrk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:af:53:81:c9:6b:4c:3d:b9:1a:7e:d9:90:c6:78:5f:db:08:
80:31:45:d6:0a:26:4e:d3:64:57:d3:fa:da:63:e6:42:73:68:
32:34:63:af:2f:86:6b:78:10:99:cb:23:53:f7:26:d2:6a:53:
80:76:5a:b3:e5:99:74:77:c1:42:4c:80:07:15:ce:19:7c:ed:
9c:6a:2e:a9:97:55:3f:90:69:37:5f:db:9c:70:70:d9:76:cd:
7e:3d:fe:af:8a:0f:07:99:02:13:fa:2f:32:e6:6d:dd:21:23:
5e:23:c1:f4:f6:cb:97:44:ae:4c:fd:c9:a9:e1:95:40:1f:92:
07:c5:e3:7c:36:b9:15:ea:ef:8a:09:c9:10:61:fd:f4:87:32:
ce:47:7d:93:aa:5f:4e:0c:53:c6:06:87:3a:4e:b5:20:1d:58:
e1:6e:ef:7a:c4:f5:3a:52:71:8d:ac:d4:c5:77:af:d5:1f:ff:
e2:3d:14:f3:a5:26:f1:43:92:b7:d4:1f:15:18:71:43:19:00:
07:e7:cb:6c:a0:c1:d8:f0:ff:3b:39:ca:3f:8f:e8:44:7c:49:
22:78:bc:8c:da:e2:b1:f4:a5:1e:e0:50:f8:df:4e:b7:9d:c4:
cc:f3:3e:52:d6:f8:be:32:b3:a7:c7:04:d6:db:b7:aa:21:6e:
2a:4c:1a:2f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
ODUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZEMkUwQTU1Qzc5QTUx
RjFBM0RGMzgyNTgzRDZGMzg5N0NFQjA2QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN2tjAvYzfjDf/id+7AdzO8kTS7/ysck95pXVGVNunS/VHDoLR
9LEB9dS77GO0+2L8pTNndPLw1Lvrf/lqDtfXWL3m3imHP0SDfGQ6Y1xFIzNouvQL
AFlK56fM+5JFnNXlgJwxnM4ux8Ha9ORtFkI5xx0kMubvZKtuocKc9SSUNukkoWGn
iF1iRkVoOXuuxq++OwUXEmAIMl/IpF+pUAI+Y+YBjywHqIcwSE44lYnHWO16Zxxh
vGEG1h+tpH1VF2QHXg46JFfDHMJQCA9quOHsTkF6hEp2YH7VzXzP+1MnlioXyogq
J2X4hz8DKHISx5C6dWgpRnAylEeC86iJtB31AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU/S4KVceaUfGj3zglg9bziXzrBrkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19TNEtWY2VhVWZHajN6
Z2xnOWJ6aVh6ckJyay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAga9TgclrTD25Gn7ZkMZ4X9sIgDFF1gom
TtNkV9P62mPmQnNoMjRjry+Ga3gQmcsjU/cm0mpTgHZas+WZdHfBQkyABxXOGXzt
nGouqZdVP5BpN1/bnHBw2XbNfj3+r4oPB5kCE/ovMuZt3SEjXiPB9PbLl0SuTP3J
qeGVQB+SB8XjfDa5FervignJEGH99Icyzkd9k6pfTgxTxgaHOk61IB1Y4W7vesT1
OlJxjazUxXev1R//4j0U86Um8UOSt9QfFRhxQxkAB+fLbKDB2PD/OznKP4/oRHxJ
Ini8jNrisfSlHuBQ+N9Ot53EzPM+Utb4vjKzp8cE1tu3qiFuKkwaLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:52 2024 by rpki-client on console-ams.rpki-client.org