Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/afTt30tg-fnbLDb4OSX_HiSQEa0.roa
File: afTt30tg-fnbLDb4OSX_HiSQEa0.roa (raw, json)
Hash identifier: T7N8F7pz67EAN5LjDn0Hcb8pncmVI95MXIMG3DqCZUs=
Subject key identifier: 69:F4:ED:DF:4B:60:F9:F9:DB:2C:36:F8:39:25:FF:1E:24:90:11:AD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47CE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/afTt30tg-fnbLDb4OSX_HiSQEa0.roa
Signing time: Wed 24 Apr 2024 07:53:12 +0000
ROA not before: Wed 24 Apr 2024 07:53:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18382 (0x47ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 07:53:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=69F4EDDF4B60F9F9DB2C36F83925FF1E249011AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e2:4e:06:50:10:f0:92:54:c6:35:f7:c8:55:
52:2d:6c:d3:96:71:30:7c:26:f6:d5:9d:e7:e7:8f:
10:16:7b:c2:3d:cb:36:0a:f7:ed:ec:7f:6e:ea:c0:
d3:01:0e:8f:7b:cf:2f:36:07:ce:57:06:0e:ff:e7:
df:56:1b:56:9b:cd:93:ac:6d:cc:36:1d:ad:ff:54:
d3:1b:0f:3e:27:ea:d0:25:21:5a:f1:fa:10:8a:41:
e3:ee:4f:f3:0d:65:bc:61:d7:b4:e5:a5:3b:37:13:
f9:da:e7:0c:39:4e:31:a3:e8:ff:86:de:6f:9d:43:
df:51:55:b4:e4:20:be:91:a9:97:0c:45:96:dd:f6:
56:59:7f:8d:a1:83:2e:de:5e:03:75:e8:4b:7a:b4:
b9:c3:dd:6d:41:89:80:e8:4f:54:88:08:63:7b:75:
22:b9:13:bc:27:9e:d8:db:cb:1b:b7:ff:78:03:81:
6a:5f:e2:0c:aa:82:a7:3b:8d:e5:32:5c:16:49:4f:
e4:ce:80:89:47:54:02:90:a4:19:1b:09:af:ee:82:
c5:a5:60:c1:60:d1:02:b5:47:4e:f1:75:34:57:ba:
6f:a4:12:d2:09:fc:23:47:a9:52:50:d3:95:44:1e:
b6:62:67:52:05:8f:2d:24:74:03:37:15:8c:3d:ec:
e8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F4:ED:DF:4B:60:F9:F9:DB:2C:36:F8:39:25:FF:1E:24:90:11:AD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/afTt30tg-fnbLDb4OSX_HiSQEa0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bc:4b:e1:1b:5c:1b:cf:06:5c:41:5f:00:3b:9a:59:46:5a:f5:
25:75:6f:c2:00:31:f2:f3:8f:09:3c:8a:07:e8:fd:7c:63:ca:
2c:0a:db:36:f1:61:4d:fc:f4:cf:ed:b5:0d:38:cc:1e:82:1f:
9d:2d:9e:ad:18:87:26:d1:f6:f6:be:72:af:e3:78:06:a2:1a:
49:a2:25:36:1e:eb:f5:2d:d2:d9:ff:94:72:f7:9a:00:89:77:
31:fa:79:13:be:45:a4:55:3c:bb:8f:c0:39:21:eb:cf:79:d5:
0f:e4:e3:e2:ab:e8:41:e4:5c:fb:20:81:d5:53:24:07:96:97:
e8:b1:fb:b0:1d:87:8a:ae:b9:31:85:b2:15:e9:a9:50:54:22:
43:5b:27:e7:6f:f1:83:9a:74:5a:9b:d4:27:a7:b9:08:a7:e6:
cb:3f:70:18:ff:db:7f:d2:81:6d:c4:23:79:47:5f:8f:70:73:
c9:2e:70:b6:12:82:ea:ac:f8:1c:bf:6e:10:ee:65:86:eb:5d:
81:92:ba:85:12:37:de:19:a2:9f:3b:09:f7:de:cd:6c:91:2a:
ac:77:ec:35:14:9f:f4:38:ee:bd:96:6d:4e:ed:f4:4b:fe:97:
62:f1:e6:44:48:e8:bc:bc:94:a7:92:24:42:da:0d:40:69:23:
b5:e3:6b:28
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR84wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
NzUzMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY5RjRFRERGNEI2MEY5
RjlEQjJDMzZGODM5MjVGRjFFMjQ5MDExQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC94k4GUBDwklTGNffIVVItbNOWcTB8JvbVnefnjxAWe8I9yzYK
9+3sf27qwNMBDo97zy82B85XBg7/599WG1abzZOsbcw2Ha3/VNMbDz4n6tAlIVrx
+hCKQePuT/MNZbxh17TlpTs3E/na5ww5TjGj6P+G3m+dQ99RVbTkIL6RqZcMRZbd
9lZZf42hgy7eXgN16Et6tLnD3W1BiYDoT1SICGN7dSK5E7wnntjbyxu3/3gDgWpf
4gyqgqc7jeUyXBZJT+TOgIlHVAKQpBkbCa/ugsWlYMFg0QK1R07xdTRXum+kEtIJ
/CNHqVJQ05VEHrZiZ1IFjy0kdAM3FYw97OjpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUafTt30tg+fnbLDb4OSX/HiSQEa0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FmVHQzMHRnLWZuYkxE
YjRPU1hfSGlTUUVhMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAvEvhG1wbzwZcQV8AO5pZRlr1JXVvwgAx
8vOPCTyKB+j9fGPKLArbNvFhTfz0z+21DTjMHoIfnS2erRiHJtH29r5yr+N4BqIa
SaIlNh7r9S3S2f+UcveaAIl3Mfp5E75FpFU8u4/AOSHrz3nVD+Tj4qvoQeRc+yCB
1VMkB5aX6LH7sB2Hiq65MYWyFempUFQiQ1sn52/xg5p0WpvUJ6e5CKfmyz9wGP/b
f9KBbcQjeUdfj3BzyS5wthKC6qz4HL9uEO5lhutdgZK6hRI33hminzsJ997NbJEq
rHfsNRSf9DjuvZZtTu30S/6XYvHmREjovLyUp5IkQtoNQGkjteNrKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:54 2024 by rpki-client on console-ams.rpki-client.org