Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/aWIkMCP2YweB4M3_ztHlzh04Kb0.roa
File: aWIkMCP2YweB4M3_ztHlzh04Kb0.roa (raw, json)
Hash identifier: ZlaSogkMWpmRPP+DztOOAmmkYusYPTIgCOqRRvk3VZY=
Subject key identifier: 69:62:24:30:23:F6:63:07:81:E0:CD:FF:CE:D1:E5:CE:1D:38:29:BD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4532
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aWIkMCP2YweB4M3_ztHlzh04Kb0.roa
Signing time: Sat 20 Apr 2024 20:23:05 +0000
ROA not before: Sat 20 Apr 2024 20:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17714 (0x4532)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 20:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6962243023F6630781E0CDFFCED1E5CE1D3829BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:68:94:e0:54:3f:a4:e1:75:d4:b2:51:34:0f:
1b:69:4d:aa:43:1e:68:02:8d:c1:75:15:15:9a:21:
65:e0:37:70:a6:b6:41:8f:30:da:7e:fd:f3:f0:97:
9c:f1:33:7b:b5:7d:f1:3e:f4:f1:1f:fe:3a:de:9f:
ab:c4:11:7a:07:34:c8:ad:82:90:a9:88:46:fb:e9:
91:b7:b2:bd:20:e2:12:c2:de:5f:05:8f:f1:4d:0a:
bd:8f:61:99:f0:ae:61:71:53:98:e0:0e:18:3b:34:
87:6f:38:f7:e4:c9:8b:ad:cf:6f:8c:5a:c9:4d:a6:
d8:42:b7:cb:be:eb:fd:b1:2a:56:4c:4b:ec:31:c9:
48:60:e1:9c:1f:87:b8:e2:29:5f:0f:e8:4a:be:ef:
df:4a:5c:c4:2f:f4:0d:8e:fd:5e:64:c1:1f:1f:ac:
10:e3:1a:51:b1:f5:12:fd:33:d1:43:f1:00:61:c8:
ff:99:7a:dc:5e:38:0d:27:99:f0:a1:e7:9c:8a:23:
b5:4d:47:71:40:7a:53:d1:d8:72:2e:b1:eb:3e:51:
c3:1d:c9:fc:10:9a:09:f9:47:f8:52:ef:54:35:c8:
27:a8:19:cb:67:4f:94:ec:4f:ab:89:7d:9c:74:2d:
3e:3b:48:e8:92:74:e1:79:28:8e:03:23:a3:12:36:
e8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:62:24:30:23:F6:63:07:81:E0:CD:FF:CE:D1:E5:CE:1D:38:29:BD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aWIkMCP2YweB4M3_ztHlzh04Kb0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:c2:df:64:a1:42:32:ec:cb:db:a4:d4:7d:4d:a9:47:20:5b:
c1:65:69:ea:62:d4:88:f3:aa:1e:4a:73:0f:1d:d6:80:af:8f:
ba:3f:a9:37:94:9f:32:e3:7e:a0:7c:41:e2:5e:c8:98:9c:a4:
0a:b5:45:f0:af:ab:0e:67:55:c6:71:de:42:d8:33:ee:5b:53:
c0:ed:be:28:17:5c:b8:09:7b:eb:6a:92:5c:ed:a7:95:27:5b:
03:35:9a:82:78:1c:53:c6:45:ef:1a:d4:0a:5d:a4:f6:81:ab:
6d:9d:b3:4e:69:8f:55:fb:8e:14:fe:ec:b8:a5:18:bd:52:6f:
99:4c:59:e6:3f:ff:04:b9:27:17:c8:77:04:5e:54:74:63:f9:
50:80:a8:0e:b8:bf:69:26:41:5b:80:d0:a6:81:74:90:7e:c6:
08:92:46:b5:03:2b:b7:cd:56:b8:d2:de:f5:c5:da:9a:df:22:
90:b5:d6:5a:42:02:b7:e8:5c:3f:5f:e1:72:b1:a8:ec:89:d3:
da:85:6b:46:c3:b5:0c:89:f8:33:be:38:f9:3e:3a:9f:17:04:
14:f1:b8:34:4b:4d:d0:be:cc:cd:4c:49:b9:bf:6c:49:c0:cb:
a1:56:12:b3:88:24:d5:d0:72:20:09:52:f7:69:f1:43:6f:b3:
47:5f:95:6a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRTIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAy
MDIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY5NjIyNDMwMjNGNjYz
MDc4MUUwQ0RGRkNFRDFFNUNFMUQzODI5QkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0aJTgVD+k4XXUslE0DxtpTapDHmgCjcF1FRWaIWXgN3CmtkGP
MNp+/fPwl5zxM3u1ffE+9PEf/jren6vEEXoHNMitgpCpiEb76ZG3sr0g4hLC3l8F
j/FNCr2PYZnwrmFxU5jgDhg7NIdvOPfkyYutz2+MWslNpthCt8u+6/2xKlZMS+wx
yUhg4Zwfh7jiKV8P6Eq+799KXMQv9A2O/V5kwR8frBDjGlGx9RL9M9FD8QBhyP+Z
etxeOA0nmfCh55yKI7VNR3FAelPR2HIuses+UcMdyfwQmgn5R/hS71Q1yCeoGctn
T5TsT6uJfZx0LT47SOiSdOF5KI4DI6MSNujXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUaWIkMCP2YweB4M3/ztHlzh04Kb0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FXSWtNQ1AyWXdlQjRN
M196dEhsemgwNEtiMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAcMLfZKFCMuzL26TUfU2pRyBbwWVp6mLU
iPOqHkpzDx3WgK+Puj+pN5SfMuN+oHxB4l7ImJykCrVF8K+rDmdVxnHeQtgz7ltT
wO2+KBdcuAl762qSXO2nlSdbAzWagngcU8ZF7xrUCl2k9oGrbZ2zTmmPVfuOFP7s
uKUYvVJvmUxZ5j//BLknF8h3BF5UdGP5UICoDri/aSZBW4DQpoF0kH7GCJJGtQMr
t81WuNLe9cXamt8ikLXWWkICt+hcP1/hcrGo7InT2oVrRsO1DIn4M744+T46nxcE
FPG4NEtN0L7MzUxJub9sScDLoVYSs4gk1dByIAlS92nxQ2+zR1+Vag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:34 2024 by rpki-client on console-fra.rpki-client.org