Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bLtE3pfzJ6pEAoJchkAbvddiTWc.roa
File: bLtE3pfzJ6pEAoJchkAbvddiTWc.roa (raw, json)
Hash identifier: ukNKvk0wjZfaQFWv2e3OcDpoIRnqYHE4fx41/I+TEm4=
Subject key identifier: 6C:BB:44:DE:97:F3:27:AA:44:02:82:5C:86:40:1B:BD:D7:62:4D:67
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41A2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bLtE3pfzJ6pEAoJchkAbvddiTWc.roa
Signing time: Tue 16 Apr 2024 02:23:25 +0000
ROA not before: Tue 16 Apr 2024 02:23:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16802 (0x41a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 02:23:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6CBB44DE97F327AA4402825C86401BBDD7624D67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:06:ea:69:63:0d:bb:ad:65:fb:c0:57:84:65:
5a:89:f3:90:6e:a6:37:6e:25:e0:04:1f:3b:8f:67:
a1:5d:3f:64:00:d6:ba:74:5e:6e:f0:d4:85:12:eb:
f5:9a:88:f7:2f:5c:9a:06:9f:bb:bb:8a:ff:88:24:
a5:92:69:6c:b6:e8:0a:2d:3c:1d:03:bb:cc:be:cb:
51:a3:de:5d:78:b8:28:32:cc:c7:8e:d4:cd:0f:44:
3a:91:39:a9:d4:86:a8:29:07:c6:38:5d:35:58:8e:
db:78:5a:08:b4:b5:f3:0e:aa:cc:0d:d7:64:3d:7b:
5d:ae:1e:4c:fa:f9:e1:ad:73:2f:7d:15:e1:0c:ff:
bb:70:6f:76:bc:89:3f:82:f8:0d:04:b5:c0:9f:f9:
37:75:c8:2f:b3:06:91:ef:f5:0d:98:1d:42:1e:09:
cf:05:8f:2d:e8:59:df:d8:50:d6:de:87:30:8f:b7:
e0:7a:28:95:bc:cb:6a:62:85:89:33:d3:56:92:82:
36:e5:78:1b:7b:ab:de:6f:f0:5d:18:b9:28:6a:f3:
a8:28:19:56:ac:cb:94:e7:21:b2:27:45:bb:32:94:
7b:d0:e4:13:de:0d:75:37:60:ee:af:b5:76:c7:00:
c3:c1:61:ba:c3:26:01:de:7a:b2:51:e8:bc:a0:3c:
74:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BB:44:DE:97:F3:27:AA:44:02:82:5C:86:40:1B:BD:D7:62:4D:67
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bLtE3pfzJ6pEAoJchkAbvddiTWc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:33:81:bb:d5:49:53:cc:d1:ef:18:11:81:ab:8c:1a:19:49:
f8:08:f1:1d:c8:5a:47:e7:eb:40:07:b3:81:0b:8f:35:d3:3d:
90:6b:d3:34:04:ac:15:97:f4:db:3f:df:9d:2f:c2:8c:62:bc:
5d:86:47:51:cf:2c:9b:87:4f:0a:9c:23:33:2c:5a:6f:d0:cb:
cd:71:74:64:8e:c4:66:bb:bc:09:90:08:d4:a7:53:55:78:1b:
45:81:90:09:ef:4c:52:4b:bc:83:e6:0c:51:b9:ff:ba:c9:9a:
21:80:2c:09:21:99:0d:a0:bd:09:7c:d9:14:2d:20:97:ab:69:
30:ed:b8:ab:16:2e:e6:7c:b7:03:30:33:5d:1e:d8:82:2f:97:
72:af:b0:24:ca:e6:36:7e:fc:32:63:4b:a5:43:8b:98:53:e7:
05:f2:1b:a1:1b:45:2c:17:fb:17:9d:d9:a2:c1:db:f0:d1:67:
d6:0d:9a:35:9d:30:0e:ab:ec:d2:c0:19:6d:23:85:a1:65:bd:
82:2e:d8:9f:e9:7d:0e:a3:bd:ef:f6:b2:ff:9a:ce:17:61:50:
bd:80:8a:74:22:2f:49:83:81:37:35:f9:dd:8b:9f:20:05:29:
d6:9a:79:ef:04:63:a9:32:16:89:26:58:61:8d:b0:93:f5:1b:
4d:4d:8a:d7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQaIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
MjIzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZDQkI0NERFOTdGMzI3
QUE0NDAyODI1Qzg2NDAxQkJERDc2MjRENjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLBuppYw27rWX7wFeEZVqJ85BupjduJeAEHzuPZ6FdP2QA1rp0
Xm7w1IUS6/WaiPcvXJoGn7u7iv+IJKWSaWy26AotPB0Du8y+y1Gj3l14uCgyzMeO
1M0PRDqROanUhqgpB8Y4XTVYjtt4Wgi0tfMOqswN12Q9e12uHkz6+eGtcy99FeEM
/7twb3a8iT+C+A0EtcCf+Td1yC+zBpHv9Q2YHUIeCc8Fjy3oWd/YUNbehzCPt+B6
KJW8y2pihYkz01aSgjbleBt7q95v8F0YuShq86goGVasy5TnIbInRbsylHvQ5BPe
DXU3YO6vtXbHAMPBYbrDJgHeerJR6LygPHTXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUbLtE3pfzJ6pEAoJchkAbvddiTWcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JMdEUzcGZ6SjZwRUFv
SmNoa0FidmRkaVRXYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAlDOBu9VJU8zR7xgRgauMGhlJ+AjxHcha
R+frQAezgQuPNdM9kGvTNASsFZf02z/fnS/CjGK8XYZHUc8sm4dPCpwjMyxab9DL
zXF0ZI7EZru8CZAI1KdTVXgbRYGQCe9MUku8g+YMUbn/usmaIYAsCSGZDaC9CXzZ
FC0gl6tpMO24qxYu5ny3AzAzXR7Ygi+Xcq+wJMrmNn78MmNLpUOLmFPnBfIboRtF
LBf7F53ZosHb8NFn1g2aNZ0wDqvs0sAZbSOFoWW9gi7Yn+l9DqO97/ay/5rOF2FQ
vYCKdCIvSYOBNzX53YufIAUp1pp57wRjqTIWiSZYYY2wk/UbTU2K1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:35 2024 by rpki-client on console-fra.rpki-client.org