Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cCFgMzX_LhGXkTCiht0-5Sv-CZo.roa
File: cCFgMzX_LhGXkTCiht0-5Sv-CZo.roa (raw, json)
Hash identifier: sjuo80W6TF7etvzsgkbghbg+DEdEoSFx7gTAfrp2PNQ=
Subject key identifier: 70:21:60:33:35:FF:2E:11:97:91:30:A2:86:DD:3E:E5:2B:FE:09:9A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 353A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cCFgMzX_LhGXkTCiht0-5Sv-CZo.roa
Signing time: Sat 30 Mar 2024 13:22:14 +0000
ROA not before: Sat 30 Mar 2024 13:22:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13626 (0x353a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 13:22:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7021603335FF2E11979130A286DD3EE52BFE099A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:eb:3b:75:ef:df:b4:3d:09:a4:9f:d4:65:0e:
8a:af:b2:01:da:0e:34:70:dc:99:32:99:7e:bb:9b:
cb:5b:3e:a1:01:e4:d9:b3:d8:5e:68:e4:a5:d0:67:
19:1c:71:1d:d4:13:7a:e6:1d:73:c1:93:95:cd:cb:
e1:11:9d:14:07:c2:6b:48:8f:9c:eb:cd:73:e4:f1:
f3:53:eb:f8:f5:60:2f:ef:2a:c6:25:e5:78:c0:85:
9d:18:b3:6e:8c:1d:ca:23:24:95:46:a1:df:77:bf:
92:00:8c:99:50:8d:26:d7:a5:b9:6b:26:cc:ae:64:
10:a9:53:c4:1d:d2:d8:a1:8f:59:36:24:7c:41:e3:
f6:e5:57:24:8c:78:1c:7e:90:30:4b:91:ab:d3:c6:
eb:47:9f:77:44:61:49:01:ce:a7:01:63:0c:ce:f4:
44:07:c6:2e:b3:11:93:ea:8d:cd:66:0a:24:e5:5f:
b1:87:94:4a:13:1c:41:0b:9b:a3:21:98:cc:2d:1e:
22:24:9b:23:68:c4:d6:29:92:fd:b7:95:b9:99:d3:
e9:71:34:53:4c:a3:d8:21:20:ab:7e:96:03:54:fb:
04:60:76:26:69:16:c7:72:e1:8d:f4:14:48:e4:9f:
19:0e:a1:fd:c5:94:78:9f:05:a8:b9:2d:4f:8e:ad:
33:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:21:60:33:35:FF:2E:11:97:91:30:A2:86:DD:3E:E5:2B:FE:09:9A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cCFgMzX_LhGXkTCiht0-5Sv-CZo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
43:3d:80:0c:5e:49:ed:23:91:d9:5d:b0:71:14:61:f9:65:05:
d3:42:70:fa:c4:d3:33:da:cb:c8:24:f5:13:2d:68:68:c8:fa:
e4:37:f9:3a:cd:84:92:4a:34:16:18:d1:83:9e:01:cd:5a:8c:
74:bc:78:19:3a:61:cc:61:08:49:8f:55:ca:1a:0f:d0:c5:1e:
56:0e:4b:41:ca:a5:9b:a1:83:20:e2:13:2f:9e:cb:d7:a0:b0:
d9:02:df:65:f7:91:03:03:44:a5:ee:71:7f:0f:7e:89:18:51:
a4:98:61:44:af:29:ee:29:a6:36:f9:76:c4:7d:c8:4d:55:f2:
05:ee:07:78:94:cb:86:37:6c:30:8e:3c:48:26:2c:28:4b:a5:
aa:92:cd:e5:55:e3:78:ee:0f:6b:d5:f6:c1:21:44:2c:f2:1a:
dd:c6:bd:94:7c:e5:2f:6e:21:e5:68:16:81:5f:25:bb:07:32:
90:19:94:35:48:94:d3:e6:31:6d:e7:77:56:fc:98:0d:48:7d:
5a:82:8c:fe:0e:7d:fd:c2:5d:c7:7a:cb:98:d8:ba:e4:2d:a7:
73:10:77:ee:d0:f0:60:1d:43:7b:7e:87:7e:27:0b:6a:74:50:
c5:bc:00:77:f3:8b:4f:a1:28:79:d8:68:c4:4d:81:73:41:8b:
67:d3:00:aa
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNTowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
MzIyMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcwMjE2MDMzMzVGRjJF
MTE5NzkxMzBBMjg2REQzRUU1MkJGRTA5OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu6zt179+0PQmkn9RlDoqvsgHaDjRw3JkymX67m8tbPqEB5Nmz
2F5o5KXQZxkccR3UE3rmHXPBk5XNy+ERnRQHwmtIj5zrzXPk8fNT6/j1YC/vKsYl
5XjAhZ0Ys26MHcojJJVGod93v5IAjJlQjSbXpblrJsyuZBCpU8Qd0tihj1k2JHxB
4/blVySMeBx+kDBLkavTxutHn3dEYUkBzqcBYwzO9EQHxi6zEZPqjc1mCiTlX7GH
lEoTHEELm6MhmMwtHiIkmyNoxNYpkv23lbmZ0+lxNFNMo9ghIKt+lgNU+wRgdiZp
Fsdy4Y30FEjknxkOof3FlHifBai5LU+OrTPHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUcCFgMzX/LhGXkTCiht0+5Sv+CZowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NDRmdNelhfTGhHWGtU
Q2lodDAtNVN2LUNaby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQz2ADF5J7SOR2V2wcRRh+WUF00Jw+sTT
M9rLyCT1Ey1oaMj65Df5Os2Ekko0FhjRg54BzVqMdLx4GTphzGEISY9VyhoP0MUe
Vg5LQcqlm6GDIOITL57L16Cw2QLfZfeRAwNEpe5xfw9+iRhRpJhhRK8p7immNvl2
xH3ITVXyBe4HeJTLhjdsMI48SCYsKEulqpLN5VXjeO4Pa9X2wSFELPIa3ca9lHzl
L24h5WgWgV8luwcykBmUNUiU0+Yxbed3VvyYDUh9WoKM/g59/cJdx3rLmNi65C2n
cxB37tDwYB1De36HficLanRQxbwAd/OLT6EoedhoxE2Bc0GLZ9MAqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:36 2024 by rpki-client on console-fra.rpki-client.org