Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cBsnOa44MD_xs0_PuUGgtvAVmaI.roa
File: cBsnOa44MD_xs0_PuUGgtvAVmaI.roa (raw, json)
Hash identifier: Re6JuheTCy301uYrgMMJ6WmBZ92wcTho6g3YofEnpzA=
Subject key identifier: 70:1B:27:39:AE:38:30:3F:F1:B3:4F:CF:B9:41:A0:B6:F0:15:99:A2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D32
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cBsnOa44MD_xs0_PuUGgtvAVmaI.roa
Signing time: Wed 10 Apr 2024 04:22:39 +0000
ROA not before: Wed 10 Apr 2024 04:22:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15666 (0x3d32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 04:22:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=701B2739AE38303FF1B34FCFB941A0B6F01599A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fc:c3:f9:a6:12:4d:50:bf:5d:2c:4d:c0:87:
94:ac:86:d8:31:6b:b2:8a:1f:4e:20:6b:4b:4e:5b:
00:2e:a3:5e:3f:73:c2:f1:df:32:92:c7:d9:93:49:
d3:65:15:4d:e4:00:80:45:59:bd:93:65:43:73:ce:
e6:61:8a:15:77:d4:24:01:79:10:19:d2:e3:50:f6:
87:26:40:2d:f9:c7:cd:27:0b:59:aa:01:39:f0:d0:
82:59:8a:65:99:2e:19:ee:a5:fa:3f:4a:f0:bd:3c:
c6:ea:f5:41:f5:b8:26:f4:f2:69:9f:9b:58:b0:7e:
f1:d0:90:f7:99:00:a2:c7:fd:69:9c:8b:8f:d3:e9:
9e:e6:db:d0:88:ed:11:57:21:11:71:7c:e9:89:23:
f6:2d:88:03:82:5a:9b:94:c8:35:89:ea:12:d9:4d:
95:a1:c5:07:d9:38:f4:b0:65:93:75:98:7b:d4:96:
8f:28:8d:06:53:f5:9c:e5:4c:a5:17:47:77:1d:e6:
04:06:f9:dc:b9:90:90:3d:79:51:b0:a5:0e:c4:60:
af:18:16:46:10:b7:2d:0d:d5:c0:9c:05:1e:e2:31:
6b:a8:de:a2:f4:33:91:21:b4:b7:b4:40:2d:5a:aa:
1c:d6:f4:5a:d7:32:43:f7:67:b7:52:a8:0a:4b:8e:
ad:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:1B:27:39:AE:38:30:3F:F1:B3:4F:CF:B9:41:A0:B6:F0:15:99:A2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cBsnOa44MD_xs0_PuUGgtvAVmaI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2f:45:dd:65:cc:17:6d:20:f1:29:84:0e:e3:f6:c9:3e:21:3a:
b4:ba:70:53:36:b0:2e:a3:e3:03:2f:0a:bb:45:68:7f:45:03:
a4:6e:9b:1d:a5:3d:5f:3a:fa:dc:7b:54:5e:6b:14:3c:cf:36:
10:1b:9b:11:c1:4e:19:68:2a:c1:cc:52:a5:d0:19:8c:fd:58:
6e:c1:26:1c:5a:12:e9:55:36:79:48:d6:65:84:94:87:bd:72:
dd:92:cd:be:7a:e6:5f:ea:b2:dc:f8:77:35:d1:a3:ce:51:33:
cf:62:a0:f1:df:d2:f4:cb:45:9c:91:19:cc:4d:1e:04:a8:11:
78:2d:bf:82:4c:8e:58:ad:4a:64:aa:03:7d:59:c1:48:c7:a0:
c2:3f:5d:53:fc:1c:99:19:f7:ab:34:1b:de:ff:e7:da:1c:3d:
7f:45:0d:52:3f:53:c1:b3:6f:a3:23:6a:28:41:a9:ae:f3:91:
d8:78:7a:b6:a8:32:1c:1d:6c:61:ba:3d:b6:2d:a4:a6:05:f5:
e3:d4:71:d4:e2:0c:6a:a4:48:6e:b7:dc:ce:3a:36:ad:85:93:
5d:03:20:52:28:ac:ca:d2:0a:89:88:48:1b:09:c9:e1:2f:09:
67:03:cb:f8:e6:11:3c:73:b3:ca:16:34:c4:09:0e:3b:67:38:
99:04:1c:1d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPTIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
NDIyMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcwMUIyNzM5QUUzODMw
M0ZGMUIzNEZDRkI5NDFBMEI2RjAxNTk5QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1/MP5phJNUL9dLE3Ah5Sshtgxa7KKH04ga0tOWwAuo14/c8Lx
3zKSx9mTSdNlFU3kAIBFWb2TZUNzzuZhihV31CQBeRAZ0uNQ9ocmQC35x80nC1mq
ATnw0IJZimWZLhnupfo/SvC9PMbq9UH1uCb08mmfm1iwfvHQkPeZAKLH/Wmci4/T
6Z7m29CI7RFXIRFxfOmJI/YtiAOCWpuUyDWJ6hLZTZWhxQfZOPSwZZN1mHvUlo8o
jQZT9ZzlTKUXR3cd5gQG+dy5kJA9eVGwpQ7EYK8YFkYQty0N1cCcBR7iMWuo3qL0
M5EhtLe0QC1aqhzW9FrXMkP3Z7dSqApLjq1HAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUcBsnOa44MD/xs0/PuUGgtvAVmaIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NCc25PYTQ0TURfeHMw
X1B1VUdndHZBVm1hSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAL0XdZcwXbSDxKYQO4/bJPiE6tLpwUzaw
LqPjAy8Ku0Vof0UDpG6bHaU9Xzr63HtUXmsUPM82EBubEcFOGWgqwcxSpdAZjP1Y
bsEmHFoS6VU2eUjWZYSUh71y3ZLNvnrmX+qy3Ph3NdGjzlEzz2Kg8d/S9MtFnJEZ
zE0eBKgReC2/gkyOWK1KZKoDfVnBSMegwj9dU/wcmRn3qzQb3v/n2hw9f0UNUj9T
wbNvoyNqKEGprvOR2Hh6tqgyHB1sYbo9ti2kpgX149Rx1OIMaqRIbrfczjo2rYWT
XQMgUiisytIKiYhIGwnJ4S8JZwPL+OYRPHOzyhY0xAkOO2c4mQQcHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:55 2024 by rpki-client on console-ams.rpki-client.org