Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ar3HzEin4nnkZ07okSroJn9-a7Y.roa
File: ar3HzEin4nnkZ07okSroJn9-a7Y.roa (raw, json)
Hash identifier: qUoleUM1utABTny5G1hK84h7xswVg97bfC6OppvV9Zs=
Subject key identifier: 6A:BD:C7:CC:48:A7:E2:79:E4:67:4E:E8:91:2A:E8:26:7F:7E:6B:B6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F16
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ar3HzEin4nnkZ07okSroJn9-a7Y.roa
Signing time: Fri 12 Apr 2024 16:52:51 +0000
ROA not before: Fri 12 Apr 2024 16:52:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16150 (0x3f16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 16:52:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6ABDC7CC48A7E279E4674EE8912AE8267F7E6BB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:c7:3f:41:be:fc:78:ff:2c:53:b6:f4:04:61:
bb:3a:35:8d:5e:ff:f7:0b:95:6f:f0:1d:c4:a9:db:
27:b3:7a:0d:24:84:0f:26:5c:3b:bf:a1:07:da:22:
ea:bd:c6:86:af:6c:60:78:de:b3:6f:93:10:53:01:
bc:18:d1:e8:87:91:05:ea:10:b2:30:57:19:41:b8:
de:70:37:6b:c5:12:63:4e:78:2c:cd:31:04:4b:2f:
76:03:90:7d:e9:26:56:f0:fe:a1:8c:cd:33:93:e2:
f8:44:1c:a4:e6:5d:d5:48:54:d6:d6:fc:3c:88:e3:
c3:a6:d6:6e:bb:fe:9b:2e:fc:03:62:a7:61:45:fb:
cd:1b:9c:de:a8:35:68:0e:08:60:14:42:97:77:22:
34:59:49:01:a5:80:b2:01:a6:8c:a1:71:4f:88:9f:
37:dd:1a:15:df:e0:76:0f:68:de:c5:c2:16:7e:80:
b7:62:07:98:0d:76:ca:d3:df:47:38:52:03:f9:5f:
31:d0:37:5a:fe:57:46:2c:32:cf:ca:a9:d1:b8:41:
72:79:98:a7:58:21:9f:ef:45:53:49:a7:75:1a:53:
e1:19:bd:97:6a:51:f4:82:85:94:47:0b:fb:71:96:
20:09:33:30:91:b7:ee:9f:64:21:e3:7e:5d:8e:f0:
f0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BD:C7:CC:48:A7:E2:79:E4:67:4E:E8:91:2A:E8:26:7F:7E:6B:B6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ar3HzEin4nnkZ07okSroJn9-a7Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:04:58:24:fa:a0:95:a1:b7:1e:11:6a:2d:37:72:83:f1:5e:
2d:64:bf:4a:0f:c8:c6:bc:5d:7d:e6:e2:a8:0d:34:3f:e4:88:
9a:86:b9:b0:af:ac:bd:83:53:42:34:be:d5:3d:6f:bc:47:2e:
59:6e:3e:1f:90:92:92:ae:85:59:a9:b3:45:0b:72:5b:8c:21:
52:fc:57:3c:56:94:b7:1c:1f:b0:53:62:75:c3:30:66:01:ab:
4f:5b:93:d5:82:35:3a:65:6e:09:1e:a8:0b:db:4a:c3:e0:47:
fd:25:a6:90:08:b9:d0:1e:95:ba:74:21:76:4a:e6:10:0f:31:
e2:09:5e:80:b7:bf:ea:e8:da:46:fa:cf:a8:ae:d8:03:5a:89:
f8:be:17:d1:8f:2d:2e:d4:59:ea:e8:4f:49:55:0c:d8:16:4f:
00:80:7a:fb:77:f9:9a:33:46:d2:ff:40:24:75:cd:8a:83:13:
96:16:4e:0c:af:d5:59:a5:75:02:b3:18:32:89:3a:7b:a2:8e:
d3:2a:52:a4:2c:f2:09:5a:71:07:e5:82:20:03:53:02:98:37:
51:34:14:84:3c:55:05:53:ee:3e:53:20:39:63:e2:55:ee:db:
3d:6a:80:3f:a1:91:aa:ac:95:f3:90:52:4a:cb:37:5e:2f:ae:
05:cd:63:0f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPxYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIx
NjUyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBQkRDN0NDNDhBN0Uy
NzlFNDY3NEVFODkxMkFFODI2N0Y3RTZCQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrxz9Bvvx4/yxTtvQEYbs6NY1e//cLlW/wHcSp2yezeg0khA8m
XDu/oQfaIuq9xoavbGB43rNvkxBTAbwY0eiHkQXqELIwVxlBuN5wN2vFEmNOeCzN
MQRLL3YDkH3pJlbw/qGMzTOT4vhEHKTmXdVIVNbW/DyI48Om1m67/psu/ANip2FF
+80bnN6oNWgOCGAUQpd3IjRZSQGlgLIBpoyhcU+InzfdGhXf4HYPaN7FwhZ+gLdi
B5gNdsrT30c4UgP5XzHQN1r+V0YsMs/KqdG4QXJ5mKdYIZ/vRVNJp3UaU+EZvZdq
UfSChZRHC/txliAJMzCRt+6fZCHjfl2O8PCTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUar3HzEin4nnkZ07okSroJn9+a7YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FyM0h6RWluNG5ua1ow
N29rU3JvSm45LWE3WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEArQRYJPqglaG3HhFqLTdyg/FeLWS/Sg/I
xrxdfebiqA00P+SImoa5sK+svYNTQjS+1T1vvEcuWW4+H5CSkq6FWamzRQtyW4wh
UvxXPFaUtxwfsFNidcMwZgGrT1uT1YI1OmVuCR6oC9tKw+BH/SWmkAi50B6VunQh
dkrmEA8x4glegLe/6ujaRvrPqK7YA1qJ+L4X0Y8tLtRZ6uhPSVUM2BZPAIB6+3f5
mjNG0v9AJHXNioMTlhZODK/VWaV1ArMYMok6e6KO0ypSpCzyCVpxB+WCIANTApg3
UTQUhDxVBVPuPlMgOWPiVe7bPWqAP6GRqqyV85BSSss3Xi+uBc1jDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:34 2024 by rpki-client on console-fra.rpki-client.org