Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/agUGyGwvKkSpJizu6S-tR_gaqbI.roa
File: agUGyGwvKkSpJizu6S-tR_gaqbI.roa (raw, json)
Hash identifier: LZA+9rR8o9/wjL2qN1vOrRRIoPx0WitThelpwD6Ns/s=
Subject key identifier: 6A:05:06:C8:6C:2F:2A:44:A9:26:2C:EE:E9:2F:AD:47:F8:1A:A9:B2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 38B2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/agUGyGwvKkSpJizu6S-tR_gaqbI.roa
Signing time: Thu 04 Apr 2024 04:22:20 +0000
ROA not before: Thu 04 Apr 2024 04:22:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14514 (0x38b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 04:22:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6A0506C86C2F2A44A9262CEEE92FAD47F81AA9B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:9a:b4:f0:51:19:79:30:fe:b8:56:25:12:53:
10:81:4d:88:00:dd:4e:3b:87:67:4e:14:d2:19:1b:
9d:79:d1:c4:3e:f9:43:b1:d4:22:6b:26:f5:e0:ff:
ca:f7:13:57:8d:0c:e3:41:f4:f9:15:41:8f:c9:39:
2b:b0:7e:66:32:c1:37:cc:d7:a8:f8:e0:92:64:80:
57:f6:d5:d8:10:b3:0d:52:b6:f1:d5:4b:84:c2:c8:
3b:3b:dd:42:ff:78:6a:3d:f5:f8:78:fa:7b:2c:6a:
a5:3d:36:23:6f:78:59:d5:b8:22:4f:44:39:08:53:
8e:bb:3e:d7:dc:f3:c7:ce:eb:85:02:f7:4e:42:2f:
9f:5a:a0:f4:e0:99:c0:1f:ac:79:32:58:b3:31:23:
ce:ff:c5:f7:7e:7b:a7:85:df:29:af:21:5c:eb:5c:
5e:56:09:36:a0:5f:12:6c:fc:5d:dd:1f:7d:9d:b3:
99:71:cf:a8:79:25:30:1b:2d:ef:87:15:24:46:d9:
e9:ff:f3:b1:45:27:c3:68:c4:af:79:f0:92:e8:6e:
95:f9:69:e7:01:45:1f:88:25:96:20:96:aa:e2:0d:
17:16:2c:0e:2e:0f:32:4a:ce:44:ce:d4:01:5f:32:
09:09:6e:0c:73:69:e9:e4:97:10:e7:e6:17:78:62:
1a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:05:06:C8:6C:2F:2A:44:A9:26:2C:EE:E9:2F:AD:47:F8:1A:A9:B2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/agUGyGwvKkSpJizu6S-tR_gaqbI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:76:22:d8:4d:bc:78:60:97:ec:49:e6:78:22:f9:65:fe:39:
cd:b3:76:83:b1:51:d8:0e:e6:54:97:d8:d8:1a:42:f0:9d:d3:
b2:8a:ba:92:b7:e9:7f:d6:a1:04:3b:76:54:02:5e:b5:34:42:
7e:86:0c:1a:85:a6:df:b9:e1:95:87:65:39:76:24:46:0d:c3:
ac:a9:88:09:61:e1:a2:13:99:cb:ad:c2:85:21:44:ec:3d:4a:
7a:49:4d:41:da:c2:1f:fc:ab:62:4f:ac:67:ed:41:41:6e:4d:
2e:82:c5:38:b1:50:5f:f0:cb:a6:af:6b:2a:3b:77:c9:c7:83:
d1:33:74:6a:a4:2e:d2:b9:ba:55:8d:f4:a3:ac:7a:3d:c0:86:
01:1d:90:99:d4:86:83:db:44:bb:eb:3f:6d:bc:b5:6e:8f:ea:
9d:8c:db:ba:bf:51:76:10:42:5b:4b:8c:62:27:0e:1b:08:6f:
a5:46:c2:94:79:34:6c:df:c2:e1:a4:d9:c7:57:13:b4:04:26:
b3:b7:dc:56:39:21:ee:05:83:33:d2:e2:47:c2:bf:42:d1:7d:
99:9a:84:ad:21:1f:46:ec:10:5a:ed:be:76:cc:9a:6f:60:be:
97:fc:da:c5:0b:b6:87:77:df:b2:dd:ac:b9:4b:3d:85:b8:7b:
04:d4:ab:b9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQw
NDIyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBMDUwNkM4NkMyRjJB
NDRBOTI2MkNFRUU5MkZBRDQ3RjgxQUE5QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD8mrTwURl5MP64ViUSUxCBTYgA3U47h2dOFNIZG5150cQ++UOx
1CJrJvXg/8r3E1eNDONB9PkVQY/JOSuwfmYywTfM16j44JJkgFf21dgQsw1StvHV
S4TCyDs73UL/eGo99fh4+nssaqU9NiNveFnVuCJPRDkIU467Ptfc88fO64UC905C
L59aoPTgmcAfrHkyWLMxI87/xfd+e6eF3ymvIVzrXF5WCTagXxJs/F3dH32ds5lx
z6h5JTAbLe+HFSRG2en/87FFJ8NoxK958JLobpX5aecBRR+IJZYglqriDRcWLA4u
DzJKzkTO1AFfMgkJbgxzaenklxDn5hd4YhptAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUagUGyGwvKkSpJizu6S+tR/gaqbIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FnVUd5R3d2S2tTcEpp
enU2Uy10Ul9nYXFiSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAonYi2E28eGCX7EnmeCL5Zf45zbN2g7FR
2A7mVJfY2BpC8J3Tsoq6krfpf9ahBDt2VAJetTRCfoYMGoWm37nhlYdlOXYkRg3D
rKmICWHhohOZy63ChSFE7D1KeklNQdrCH/yrYk+sZ+1BQW5NLoLFOLFQX/DLpq9r
Kjt3yceD0TN0aqQu0rm6VY30o6x6PcCGAR2QmdSGg9tEu+s/bby1bo/qnYzbur9R
dhBCW0uMYicOGwhvpUbClHk0bN/C4aTZx1cTtAQms7fcVjkh7gWDM9LiR8K/QtF9
mZqErSEfRuwQWu2+dsyab2C+l/zaxQu2h3ffst2suUs9hbh7BNSruQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:54 2024 by rpki-client on console-ams.rpki-client.org