Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/b8A8MeBxpvnQgMrked_pVk5QI9w.roa
File: b8A8MeBxpvnQgMrked_pVk5QI9w.roa (raw, json)
Hash identifier: 7VpfbeAAraRiu5EeXIQbD/IOJdE3v++UnXdJdNQ4XYI=
Subject key identifier: 6F:C0:3C:31:E0:71:A6:F9:D0:80:CA:E4:79:DF:E9:56:4E:50:23:DC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3CFA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/b8A8MeBxpvnQgMrked_pVk5QI9w.roa
Signing time: Tue 09 Apr 2024 21:22:39 +0000
ROA not before: Tue 09 Apr 2024 21:22:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15610 (0x3cfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 21:22:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6FC03C31E071A6F9D080CAE479DFE9564E5023DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c7:42:d2:bb:77:8e:8f:08:fb:44:8f:fb:19:
6a:7e:5d:d9:dc:a1:56:0d:36:53:26:39:99:79:73:
fd:e4:1e:2f:51:df:8c:96:0b:96:32:34:8c:db:38:
10:09:5b:68:a3:c1:f6:dd:30:3d:fe:0c:a1:0a:18:
14:3b:bb:4f:7f:e9:cb:35:d1:21:07:25:54:03:6d:
df:ed:cd:1a:7c:20:66:16:40:54:e5:5d:7d:e5:4c:
a2:a3:9e:8d:51:8c:50:e6:13:4f:9d:de:52:28:4b:
ad:bb:82:48:b9:fd:4f:3e:3a:24:17:f8:44:65:43:
f9:aa:58:f6:e9:9d:3b:35:3e:38:5b:6a:b8:0e:25:
f9:41:22:98:61:aa:80:a5:3e:02:ef:35:15:04:0b:
46:76:66:32:77:8f:0e:f8:7b:5c:c4:4e:84:13:eb:
eb:bc:21:e9:fe:71:94:8a:51:79:db:e9:ff:d7:d6:
34:d8:c0:98:e2:5a:ea:7d:d7:53:8b:0a:8e:75:70:
1f:a0:e8:89:52:df:37:5f:f6:60:d6:1d:66:91:44:
23:f3:b2:cc:a9:77:ae:e4:fa:71:19:1c:da:64:44:
66:a1:9b:6c:4e:9d:66:87:11:76:69:19:cb:94:f5:
37:a4:ed:aa:4f:64:e7:14:14:33:0e:fa:c0:b2:46:
ab:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C0:3C:31:E0:71:A6:F9:D0:80:CA:E4:79:DF:E9:56:4E:50:23:DC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/b8A8MeBxpvnQgMrked_pVk5QI9w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:da:61:54:dd:09:01:05:87:31:f3:a8:47:c9:0f:05:a3:a5:
92:3f:47:86:5e:31:24:22:0b:b0:05:11:49:d3:74:17:d9:55:
f5:e1:ac:c7:7b:45:6d:e1:f1:cd:17:f2:d0:eb:1a:f7:4c:ec:
56:45:63:78:d2:de:64:7c:fd:92:7f:07:bf:a5:3b:83:ff:5d:
c0:c8:2b:27:24:fa:53:3e:24:74:9b:1c:a6:7b:d4:b6:3a:30:
80:de:bd:60:ef:b1:b6:45:96:8d:9e:70:2f:44:89:b1:54:fc:
d4:56:25:08:59:0b:a2:a8:92:e1:49:c9:d3:e8:b9:ba:77:d1:
7a:ca:63:71:5c:17:02:5f:14:8a:09:fc:33:81:d7:5b:68:d6:
9e:9b:d8:da:e0:de:56:c9:ba:d2:db:39:3c:1e:a9:d6:c9:c0:
11:9f:8b:cf:f1:25:45:d3:9b:c6:ce:c3:a0:b7:05:17:f5:6b:
28:9c:7e:be:fb:d2:07:e5:d7:bd:4b:21:7c:6d:26:d3:5b:eb:
1b:b5:02:68:02:38:6a:9e:3a:76:08:af:1f:89:34:b5:53:15:
8b:a0:04:67:50:dd:b7:ba:64:8e:72:9b:8f:b3:4a:e8:aa:2c:
41:8a:31:c3:0f:b0:f7:44:54:33:5a:29:c9:fc:1b:53:59:b2:
c2:28:cc:80
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDky
MTIyMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZGQzAzQzMxRTA3MUE2
RjlEMDgwQ0FFNDc5REZFOTU2NEU1MDIzREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/x0LSu3eOjwj7RI/7GWp+XdncoVYNNlMmOZl5c/3kHi9R34yW
C5YyNIzbOBAJW2ijwfbdMD3+DKEKGBQ7u09/6cs10SEHJVQDbd/tzRp8IGYWQFTl
XX3lTKKjno1RjFDmE0+d3lIoS627gki5/U8+OiQX+ERlQ/mqWPbpnTs1PjhbargO
JflBIphhqoClPgLvNRUEC0Z2ZjJ3jw74e1zEToQT6+u8Ien+cZSKUXnb6f/X1jTY
wJjiWup911OLCo51cB+g6IlS3zdf9mDWHWaRRCPzssypd67k+nEZHNpkRGahm2xO
nWaHEXZpGcuU9Tek7apPZOcUFDMO+sCyRqtnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUb8A8MeBxpvnQgMrked/pVk5QI9wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2I4QThNZUJ4cHZuUWdN
cmtlZF9wVms1UUk5dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEALdphVN0JAQWHMfOoR8kPBaOlkj9Hhl4x
JCILsAURSdN0F9lV9eGsx3tFbeHxzRfy0Osa90zsVkVjeNLeZHz9kn8Hv6U7g/9d
wMgrJyT6Uz4kdJscpnvUtjowgN69YO+xtkWWjZ5wL0SJsVT81FYlCFkLoqiS4UnJ
0+i5unfRespjcVwXAl8Uign8M4HXW2jWnpvY2uDeVsm60ts5PB6p1snAEZ+Lz/El
RdObxs7DoLcFF/VrKJx+vvvSB+XXvUshfG0m01vrG7UCaAI4ap46dgivH4k0tVMV
i6AEZ1Ddt7pkjnKbj7NK6KosQYoxww+w90RUM1opyfwbU1mywijMgA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:35 2024 by rpki-client on console-fra.rpki-client.org