Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/a3AgF7bk8-tj6UthJ-_VBrU-wNI.roa
File: a3AgF7bk8-tj6UthJ-_VBrU-wNI.roa (raw, json)
Hash identifier: 6B6qifAjtjGFCNd3EyHdeVivXduZAhRaNMN77Ehyoek=
Subject key identifier: 6B:70:20:17:B6:E4:F3:EB:63:E9:4B:61:27:EF:D5:06:B5:3E:C0:D2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5492
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/a3AgF7bk8-tj6UthJ-_VBrU-wNI.roa
Signing time: Sat 11 May 2024 08:24:24 +0000
ROA not before: Sat 11 May 2024 08:24:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21650 (0x5492)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 08:24:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6B702017B6E4F3EB63E94B6127EFD506B53EC0D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c9:83:da:e8:0a:d1:ae:28:c3:65:6a:f3:49:
67:54:9d:19:1c:91:33:27:b9:78:d1:08:8c:23:88:
49:af:e5:10:62:f2:98:42:b2:bf:f9:32:da:a2:99:
25:e4:0e:fd:b0:30:6e:16:71:2d:0e:d6:b9:59:23:
25:d8:e5:7c:c7:f8:7d:25:c6:e5:e7:a0:c8:37:59:
a8:cd:01:58:a6:3f:30:5d:15:15:ea:49:cb:0f:d0:
48:84:4b:c8:3b:f0:9d:e8:3b:be:cb:50:9a:75:52:
9b:77:73:2a:ac:35:d9:e0:3b:c2:ba:9e:6c:fa:23:
ff:19:8b:f9:47:d4:ec:4c:01:e8:46:07:53:2d:d6:
b2:0c:e3:56:d0:38:05:9e:b5:cc:b2:e3:f3:29:19:
48:95:3d:8e:35:db:1c:f5:35:0f:3b:2b:1e:f9:c5:
1a:6a:1e:01:ca:1e:29:65:b8:c8:fc:30:18:94:bb:
fa:0b:58:c3:6b:8b:57:8b:87:49:5c:1b:f8:e3:30:
b4:84:32:5c:c1:46:e4:48:7c:25:f7:f7:d7:87:ae:
16:cc:84:b6:02:0c:95:18:0a:28:62:12:15:e0:ac:
71:0f:e3:84:51:ae:f7:71:69:84:61:96:83:aa:e2:
c3:4e:ef:35:d9:cc:06:b3:34:05:9a:8b:8a:e8:b1:
98:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:70:20:17:B6:E4:F3:EB:63:E9:4B:61:27:EF:D5:06:B5:3E:C0:D2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/a3AgF7bk8-tj6UthJ-_VBrU-wNI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:46:bd:c1:47:0d:b9:f2:10:6e:5e:f8:9d:c8:d8:01:72:5f:
c0:b3:8c:2b:a2:fe:db:c2:2d:56:3e:93:4c:cf:21:4c:f1:1e:
79:d6:51:dc:33:46:5e:77:7a:d2:d3:92:4c:31:83:60:c0:33:
f9:96:d6:76:be:eb:94:a2:a1:11:e9:24:a5:90:e6:1d:cd:1d:
a1:77:4f:6c:cc:00:b2:34:7a:32:fa:2c:73:a9:6c:65:de:e5:
1b:c1:f8:f9:39:4d:0d:cd:de:c8:26:ff:5b:b6:71:da:55:ca:
1c:6a:5b:7c:4d:5a:9f:dc:40:fb:3b:3e:08:94:d9:59:c1:b7:
e3:3b:71:f5:c8:3f:6a:9e:93:fb:76:c0:e5:45:65:f3:f1:38:
1d:3c:6c:b3:f9:6f:66:d5:55:63:d3:24:03:fc:a7:85:22:5d:
e4:7e:e4:d8:4c:59:3e:cc:d4:41:f1:e0:f8:c4:ba:a3:64:42:
1c:01:03:bd:6d:d7:ad:52:0b:3a:3d:ef:23:46:78:0d:38:1c:
18:de:b2:f2:14:ce:c2:87:40:94:ae:90:c1:4c:38:8f:a4:af:
ef:5b:e9:8f:29:27:25:ff:e7:11:df:86:4a:95:fd:15:ff:5b:
9f:90:9d:90:6e:9f:95:7d:f2:8b:fe:c2:c1:6e:f7:91:a1:0c:
e6:a4:1a:4f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVJIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEw
ODI0MjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZCNzAyMDE3QjZFNEYz
RUI2M0U5NEI2MTI3RUZENTA2QjUzRUMwRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgyYPa6ArRrijDZWrzSWdUnRkckTMnuXjRCIwjiEmv5RBi8phC
sr/5MtqimSXkDv2wMG4WcS0O1rlZIyXY5XzH+H0lxuXnoMg3WajNAVimPzBdFRXq
ScsP0EiES8g78J3oO77LUJp1Upt3cyqsNdngO8K6nmz6I/8Zi/lH1OxMAehGB1Mt
1rIM41bQOAWetcyy4/MpGUiVPY412xz1NQ87Kx75xRpqHgHKHilluMj8MBiUu/oL
WMNri1eLh0lcG/jjMLSEMlzBRuRIfCX399eHrhbMhLYCDJUYCihiEhXgrHEP44RR
rvdxaYRhloOq4sNO7zXZzAazNAWai4rosZgdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUa3AgF7bk8+tj6UthJ+/VBrU+wNIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2EzQWdGN2JrOC10ajZV
dGhKLV9WQnJVLXdOSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAaUa9wUcNufIQbl74ncjYAXJfwLOMK6L+
28ItVj6TTM8hTPEeedZR3DNGXnd60tOSTDGDYMAz+ZbWdr7rlKKhEekkpZDmHc0d
oXdPbMwAsjR6Mvosc6lsZd7lG8H4+TlNDc3eyCb/W7Zx2lXKHGpbfE1an9xA+zs+
CJTZWcG34ztx9cg/ap6T+3bA5UVl8/E4HTxss/lvZtVVY9MkA/ynhSJd5H7k2ExZ
PszUQfHg+MS6o2RCHAEDvW3XrVILOj3vI0Z4DTgcGN6y8hTOwodAlK6QwUw4j6Sv
71vpjyknJf/nEd+GSpX9Ff9bn5CdkG6flX3yi/7CwW73kaEM5qQaTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:53 2024 by rpki-client on console-ams.rpki-client.org