Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_b2_rSRqU8m-ZNyt9Ra5hQIBc00.roa
File: _b2_rSRqU8m-ZNyt9Ra5hQIBc00.roa (raw, json)
Hash identifier: LZJc41jrN0zr8peW8GzdTjI+CHYjTcHJtndwGBNfIxc=
Subject key identifier: FD:BD:BF:AD:24:6A:53:C9:BE:64:DC:AD:F5:16:B9:85:02:01:73:4D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FEE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_b2_rSRqU8m-ZNyt9Ra5hQIBc00.roa
Signing time: Sat 13 Apr 2024 19:52:53 +0000
ROA not before: Sat 13 Apr 2024 19:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16366 (0x3fee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 19:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FDBDBFAD246A53C9BE64DCADF516B9850201734D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:05:1a:d9:93:35:75:90:ef:ea:32:c9:31:67:
e6:dc:07:91:04:72:cf:ea:02:48:7d:0b:36:e9:1e:
40:24:6f:5d:7c:01:bd:0d:88:58:6f:a8:b8:e6:de:
7b:f7:9b:2b:8c:13:7d:61:d0:c7:2f:cf:86:aa:9d:
80:89:cb:78:a1:84:68:27:9b:a5:b1:10:1f:c5:46:
2d:ed:c3:6f:ab:91:b9:f1:df:8c:26:46:58:c6:47:
14:8b:d0:1c:81:f0:6a:b6:3d:86:6a:3c:ea:cc:da:
94:f3:22:2e:bf:c7:90:ff:38:16:0c:9c:80:d5:7e:
61:b3:9e:4e:d6:a9:43:7a:5c:25:31:ff:d2:a7:5d:
85:2a:c5:29:36:6b:9d:bf:34:ff:b9:59:cb:7e:c3:
f0:dc:fa:e5:9f:02:4b:c6:25:ab:aa:10:68:58:09:
9c:d1:b6:42:31:a5:81:58:4e:f4:89:4a:73:a3:28:
b4:c3:45:d4:83:73:c6:78:1f:1d:bc:d1:b6:98:22:
bf:b6:01:14:c3:f8:8a:ae:f0:89:c9:59:01:f3:39:
ac:34:87:c7:9a:c9:10:06:e1:65:c0:7e:e3:cd:47:
24:22:7c:71:65:83:9b:24:47:07:b7:82:00:48:cd:
0e:42:9b:15:e1:a0:85:c4:da:bf:2a:db:49:56:4d:
3f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:BD:BF:AD:24:6A:53:C9:BE:64:DC:AD:F5:16:B9:85:02:01:73:4D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_b2_rSRqU8m-ZNyt9Ra5hQIBc00.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b8:5e:f6:b6:4f:fb:bb:46:28:f4:4f:75:bf:93:99:4c:ff:c9:
79:bc:02:9b:c5:f6:35:86:6e:40:7d:63:28:61:b4:53:af:ec:
e3:89:8f:9c:e4:30:84:2f:1b:59:d9:06:8b:db:fa:75:dd:27:
c3:ff:dd:8a:4e:6c:34:b8:e9:cf:90:44:36:ae:32:9b:1a:50:
9c:a4:51:4b:8a:76:77:d6:4a:87:6e:36:cd:4c:01:d8:7d:d0:
f2:dd:57:b9:2a:77:e2:8b:c7:9c:ce:fc:40:35:0a:60:a5:b3:
10:74:eb:a2:6a:5d:75:b3:28:06:23:30:07:03:21:50:3b:04:
f4:11:87:19:b5:46:78:ca:17:25:d9:98:b2:43:09:d6:41:a8:
50:86:81:1a:84:9c:c5:7b:02:b6:f4:70:80:60:8c:8a:a1:ac:
d6:2e:2d:09:ab:2f:0e:1b:5c:b8:a9:c9:87:ed:2c:bc:72:11:
cb:a9:65:66:44:2e:68:f9:88:d8:6e:a1:70:61:e7:b3:c4:59:
f2:e7:90:45:b0:94:c5:b4:0d:28:66:c0:30:0f:b9:ef:fc:93:
67:1e:ce:71:8f:55:e7:d5:f8:de:e3:7b:26:df:a4:8f:25:13:
ae:7b:ca:60:6b:fc:83:b6:f5:0e:0b:c2:f4:6b:e3:fe:b5:4d:
0b:f1:6a:ff
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP+4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
OTUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZEQkRCRkFEMjQ2QTUz
QzlCRTY0RENBREY1MTZCOTg1MDIwMTczNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+BRrZkzV1kO/qMskxZ+bcB5EEcs/qAkh9CzbpHkAkb118Ab0N
iFhvqLjm3nv3myuME31h0Mcvz4aqnYCJy3ihhGgnm6WxEB/FRi3tw2+rkbnx34wm
RljGRxSL0ByB8Gq2PYZqPOrM2pTzIi6/x5D/OBYMnIDVfmGznk7WqUN6XCUx/9Kn
XYUqxSk2a52/NP+5Wct+w/Dc+uWfAkvGJauqEGhYCZzRtkIxpYFYTvSJSnOjKLTD
RdSDc8Z4Hx280baYIr+2ARTD+Iqu8InJWQHzOaw0h8eayRAG4WXAfuPNRyQifHFl
g5skRwe3ggBIzQ5CmxXhoIXE2r8q20lWTT+HAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU/b2/rSRqU8m+ZNyt9Ra5hQIBc00wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19iMl9yU1JxVThtLVpO
eXQ5UmE1aFFJQmMwMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAuF72tk/7u0Yo9E91v5OZTP/JebwCm8X2
NYZuQH1jKGG0U6/s44mPnOQwhC8bWdkGi9v6dd0nw//dik5sNLjpz5BENq4ymxpQ
nKRRS4p2d9ZKh242zUwB2H3Q8t1XuSp34ovHnM78QDUKYKWzEHTrompddbMoBiMw
BwMhUDsE9BGHGbVGeMoXJdmYskMJ1kGoUIaBGoScxXsCtvRwgGCMiqGs1i4tCasv
DhtcuKnJh+0svHIRy6llZkQuaPmI2G6hcGHns8RZ8ueQRbCUxbQNKGbAMA+57/yT
Zx7OcY9V59X43uN7Jt+kjyUTrnvKYGv8g7b1DgvC9Gvj/rVNC/Fq/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:33 2024 by rpki-client on console-fra.rpki-client.org