Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/a1qTZYhCVNuWsYrP0FKD6K1Gnxk.roa
File: a1qTZYhCVNuWsYrP0FKD6K1Gnxk.roa (raw, json)
Hash identifier: MElM5HA3+XltVFAwjLL4xyse1s+WqIllsGHl2jTKrF0=
Subject key identifier: 6B:5A:93:65:88:42:54:DB:96:B1:8A:CF:D0:52:83:E8:AD:46:9F:19
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 426A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/a1qTZYhCVNuWsYrP0FKD6K1Gnxk.roa
Signing time: Wed 17 Apr 2024 03:22:57 +0000
ROA not before: Wed 17 Apr 2024 03:22:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17002 (0x426a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 03:22:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6B5A9365884254DB96B18ACFD05283E8AD469F19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:24:68:90:6c:d1:da:72:25:f1:9c:4c:61:49:
0c:fd:41:9f:3f:b9:3f:63:aa:b8:7f:42:ae:e4:c0:
e3:d8:b1:ab:9d:82:5c:f2:7e:23:cf:97:8c:ae:d3:
ee:91:19:44:88:9c:e7:ef:a5:bb:0a:b9:72:a4:1a:
1f:ac:bf:d7:fd:1f:c9:23:98:3e:9a:aa:f3:14:b5:
33:fa:dd:9a:6f:02:00:f1:25:66:f7:ff:c1:d6:b8:
49:ec:d1:68:83:27:35:3e:33:3e:ad:36:00:5f:d7:
15:09:8f:e6:b9:21:39:ff:a2:5e:23:1c:84:2e:f6:
1d:a6:e6:a5:1f:6a:8a:77:12:ba:00:74:27:50:e2:
ff:60:52:1f:8e:ba:35:27:c7:d6:b5:e2:83:aa:b4:
81:40:11:d3:0a:ff:b8:f5:cf:d2:3b:ed:2e:41:b3:
aa:9d:c8:85:1a:23:5d:06:d2:5a:db:8a:14:3b:ad:
22:b9:8b:5c:d4:e9:94:f3:32:c2:0a:6a:86:44:61:
3a:d8:f4:57:fd:0f:dc:e0:e1:3e:76:fa:cd:15:34:
35:b3:c8:95:ca:fe:60:76:6c:8a:27:a3:c9:32:e3:
8d:3f:e0:13:16:c2:d2:bc:90:b6:8b:b8:a4:c6:23:
56:86:88:96:10:5f:d2:53:d2:db:83:6c:a7:93:4c:
45:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:5A:93:65:88:42:54:DB:96:B1:8A:CF:D0:52:83:E8:AD:46:9F:19
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/a1qTZYhCVNuWsYrP0FKD6K1Gnxk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:c2:12:39:27:9c:cb:42:dd:70:ab:e6:19:a9:a5:a7:02:59:
90:48:0e:b3:5c:74:4e:0f:0f:93:7e:c7:a4:3d:1f:8f:c0:44:
85:54:98:cd:2f:aa:57:59:ac:3f:48:e5:29:95:01:b0:d9:55:
44:57:a2:7c:cb:92:75:75:72:99:8a:53:17:ad:3e:2f:10:ba:
d4:e1:c5:4b:b1:77:92:71:32:d5:63:1a:3e:87:f9:b3:c2:8b:
c1:2b:9b:a8:86:ad:91:f3:1a:b6:33:fe:0c:9f:bb:83:3d:31:
c0:4b:3a:20:6a:db:d2:d6:91:ff:fc:be:02:44:19:b9:8a:25:
6b:ed:79:19:ea:0a:cc:bb:54:b7:89:70:b1:47:b7:41:37:86:
ce:31:ca:10:13:99:0c:da:d8:91:74:3f:d1:4e:11:7a:ac:d1:
2f:66:dc:67:30:06:ec:17:88:64:8b:ac:42:36:91:53:8d:15:
10:3c:88:07:45:19:ff:a6:61:de:35:d5:18:40:de:5c:22:3f:
31:92:1c:d9:c2:d7:4a:4b:19:7c:b3:9e:83:80:dd:a9:41:7a:
16:b4:67:aa:3f:bd:da:81:c7:92:3d:e9:fc:f2:83:c3:31:5e:
25:98:6e:c0:84:14:50:38:19:69:a6:8b:50:5e:25:8c:08:09:
75:af:54:cf
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQmowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
MzIyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZCNUE5MzY1ODg0MjU0
REI5NkIxOEFDRkQwNTI4M0U4QUQ0NjlGMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEJGiQbNHaciXxnExhSQz9QZ8/uT9jqrh/Qq7kwOPYsaudglzy
fiPPl4yu0+6RGUSInOfvpbsKuXKkGh+sv9f9H8kjmD6aqvMUtTP63ZpvAgDxJWb3
/8HWuEns0WiDJzU+Mz6tNgBf1xUJj+a5ITn/ol4jHIQu9h2m5qUfaop3EroAdCdQ
4v9gUh+OujUnx9a14oOqtIFAEdMK/7j1z9I77S5Bs6qdyIUaI10G0lrbihQ7rSK5
i1zU6ZTzMsIKaoZEYTrY9Ff9D9zg4T52+s0VNDWzyJXK/mB2bIono8ky440/4BMW
wtK8kLaLuKTGI1aGiJYQX9JT0tuDbKeTTEXHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUa1qTZYhCVNuWsYrP0FKD6K1GnxkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ExcVRaWWhDVk51V3NZ
clAwRktENksxR254ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAecISOSecy0LdcKvmGamlpwJZkEgOs1x0
Tg8Pk37HpD0fj8BEhVSYzS+qV1msP0jlKZUBsNlVRFeifMuSdXVymYpTF60+LxC6
1OHFS7F3knEy1WMaPof5s8KLwSubqIatkfMatjP+DJ+7gz0xwEs6IGrb0taR//y+
AkQZuYola+15GeoKzLtUt4lwsUe3QTeGzjHKEBOZDNrYkXQ/0U4ReqzRL2bcZzAG
7BeIZIusQjaRU40VEDyIB0UZ/6Zh3jXVGEDeXCI/MZIc2cLXSksZfLOeg4DdqUF6
FrRnqj+92oHHkj3p/PKDwzFeJZhuwIQUUDgZaaaLUF4ljAgJda9Uzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:34 2024 by rpki-client on console-fra.rpki-client.org