Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/aioP9E_tA1iQe2gsj92ZpW77ARk.roa
File: aioP9E_tA1iQe2gsj92ZpW77ARk.roa (raw, json)
Hash identifier: wNbXdhcbKYkHbD8scOj3YfQoKKJIeuX79PwVnm8z2MQ=
Subject key identifier: 6A:2A:0F:F4:4F:ED:03:58:90:7B:68:2C:8F:DD:99:A5:6E:FB:01:19
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43C2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aioP9E_tA1iQe2gsj92ZpW77ARk.roa
Signing time: Thu 18 Apr 2024 22:22:59 +0000
ROA not before: Thu 18 Apr 2024 22:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17346 (0x43c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 22:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6A2A0FF44FED0358907B682C8FDD99A56EFB0119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c6:ab:e2:eb:10:a1:62:aa:34:a7:42:f0:f9:
ca:82:84:0d:7b:31:70:a2:07:8c:69:30:2b:15:87:
3a:cb:d0:ed:78:63:02:54:14:91:90:03:ec:f6:90:
88:df:c2:da:28:ba:a6:01:b5:f0:6c:17:8b:bb:52:
2b:8c:45:1c:ad:7a:fe:22:08:94:a0:55:59:53:79:
cf:49:5b:1f:44:25:59:2b:c5:6a:f7:ef:69:81:6b:
ab:57:3d:a6:f8:94:04:4d:e0:25:41:f6:a6:2c:83:
7a:6d:68:11:3c:31:93:74:4e:fc:dd:52:05:52:dd:
47:af:63:e1:0a:5f:38:40:96:8b:67:52:14:be:fd:
b1:0b:4d:b8:22:1a:c2:4a:6c:9b:76:b8:fb:83:71:
77:b2:d8:56:78:7a:77:0a:11:75:51:48:0b:79:c5:
12:dc:0e:95:01:1d:16:e3:17:74:28:52:59:89:24:
c0:6f:d4:41:1e:c5:83:83:9f:1b:fa:10:2e:9b:6b:
82:fa:a5:86:1c:0a:c8:36:a7:18:ef:6e:20:3d:0c:
e0:f1:9f:fe:33:bb:72:c9:f9:96:6d:c8:c7:b5:ac:
06:8a:11:57:91:89:83:e5:fb:91:7c:34:f5:9c:c4:
04:67:20:ad:b7:85:9e:55:70:64:ba:73:42:56:d1:
9f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:2A:0F:F4:4F:ED:03:58:90:7B:68:2C:8F:DD:99:A5:6E:FB:01:19
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aioP9E_tA1iQe2gsj92ZpW77ARk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:f8:c7:6d:c3:36:85:2c:de:0d:54:fa:f9:3e:ee:33:4b:b4:
1c:a3:1e:42:42:03:69:12:f6:94:10:f3:4d:87:b2:c7:b3:65:
a6:3c:38:ee:a1:b3:5a:a0:d3:9f:68:9c:1d:3f:2d:a3:bb:01:
20:b3:d0:b8:b4:f8:dd:28:88:19:44:62:fd:4f:c7:f5:38:af:
b2:ec:32:12:cb:41:19:0a:10:7b:d7:fa:a2:36:4a:f3:04:90:
01:88:d1:1a:22:ed:f0:f3:d8:b7:40:6b:ad:8b:bd:0f:df:12:
4a:3f:d2:1f:a5:f3:eb:03:cc:54:4d:6f:a8:3c:ae:f3:22:d4:
f5:e8:59:32:47:40:29:2b:4b:96:fc:ec:e6:9f:e5:f5:67:56:
59:f0:49:63:fc:25:14:ec:49:58:1e:72:2e:48:1c:d3:74:38:
77:2e:ee:90:36:68:64:33:fa:37:6e:33:04:54:21:57:0a:d5:
58:7c:ec:7d:3e:14:61:2f:03:c3:83:b5:1f:3c:db:e8:28:4f:
03:3a:15:ed:ac:83:e8:10:82:da:96:5e:49:28:3a:8a:d8:09:
44:15:9f:7b:52:24:15:5c:f3:24:89:f6:ae:ff:0b:5e:67:28:
da:11:a8:40:f4:68:71:7e:2e:c4:6f:8f:3c:e9:a8:c0:ab:14:
bb:bf:ed:d3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ8IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgy
MjIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBMkEwRkY0NEZFRDAz
NTg5MDdCNjgyQzhGREQ5OUE1NkVGQjAxMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbxqvi6xChYqo0p0Lw+cqChA17MXCiB4xpMCsVhzrL0O14YwJU
FJGQA+z2kIjfwtoouqYBtfBsF4u7UiuMRRytev4iCJSgVVlTec9JWx9EJVkrxWr3
72mBa6tXPab4lARN4CVB9qYsg3ptaBE8MZN0TvzdUgVS3UevY+EKXzhAlotnUhS+
/bELTbgiGsJKbJt2uPuDcXey2FZ4encKEXVRSAt5xRLcDpUBHRbjF3QoUlmJJMBv
1EEexYODnxv6EC6ba4L6pYYcCsg2pxjvbiA9DODxn/4zu3LJ+ZZtyMe1rAaKEVeR
iYPl+5F8NPWcxARnIK23hZ5VcGS6c0JW0Z8fAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUaioP9E/tA1iQe2gsj92ZpW77ARkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Fpb1A5RV90QTFpUWUy
Z3NqOTJacFc3N0FSay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAVPjHbcM2hSzeDVT6+T7uM0u0HKMeQkID
aRL2lBDzTYeyx7Nlpjw47qGzWqDTn2icHT8to7sBILPQuLT43SiIGURi/U/H9Tiv
suwyEstBGQoQe9f6ojZK8wSQAYjRGiLt8PPYt0BrrYu9D98SSj/SH6Xz6wPMVE1v
qDyu8yLU9ehZMkdAKStLlvzs5p/l9WdWWfBJY/wlFOxJWB5yLkgc03Q4dy7ukDZo
ZDP6N24zBFQhVwrVWHzsfT4UYS8Dw4O1Hzzb6ChPAzoV7ayD6BCC2pZeSSg6itgJ
RBWfe1IkFVzzJIn2rv8LXmco2hGoQPRocX4uxG+PPOmowKsUu7/t0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:34 2024 by rpki-client on console-fra.rpki-client.org