Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/csL8E4dWs7fRX-whZNK8CH3dlxo.roa
File: csL8E4dWs7fRX-whZNK8CH3dlxo.roa (raw, json)
Hash identifier: fc49m+IR5cUYDxQFPXdAPZGFwkYmnUfXiN/WDfw0YJc=
Subject key identifier: 72:C2:FC:13:87:56:B3:B7:D1:5F:EC:21:64:D2:BC:08:7D:DD:97:1A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A5E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/csL8E4dWs7fRX-whZNK8CH3dlxo.roa
Signing time: Sat 06 Apr 2024 09:52:28 +0000
ROA not before: Sat 06 Apr 2024 09:52:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14942 (0x3a5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 09:52:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=72C2FC138756B3B7D15FEC2164D2BC087DDD971A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:10:43:d6:09:42:f5:41:7a:c4:45:ab:b5:43:
49:2b:3f:69:3d:7c:4c:32:59:c9:87:17:3c:cb:b8:
7c:73:03:30:b9:29:be:05:81:ea:69:31:0c:ba:40:
a9:09:88:0e:df:74:94:00:b3:62:a4:0e:09:bd:75:
6a:3d:50:8e:30:1b:9a:f4:4c:b9:03:bd:da:ae:fb:
ab:01:6f:93:2b:05:32:fb:a3:34:7f:a1:c1:09:a7:
ae:13:ef:a8:db:9c:2d:33:12:95:2b:a7:bd:d7:f3:
6e:63:ed:04:33:21:c1:50:b2:b1:f0:50:0c:93:b8:
06:63:f5:1f:17:7e:9f:b4:2a:f6:8a:ea:1d:fb:ec:
c1:15:b2:c9:fc:bb:74:09:52:29:c5:08:cf:f7:0b:
35:f0:36:22:67:0a:76:b8:9c:c0:74:6b:05:86:62:
d0:5a:da:1e:e0:34:b9:26:e2:92:93:ea:03:2e:91:
ca:df:dc:47:54:44:61:f9:1d:cd:28:53:04:16:a2:
ad:72:c6:3c:97:2f:4b:57:2d:2e:42:38:20:47:74:
19:27:bd:1e:ae:00:4f:54:c0:da:d6:ed:3c:c4:0a:
ad:0b:5b:41:06:82:d2:45:98:25:8d:bc:c8:ed:92:
77:c4:26:1d:7f:7e:95:16:9f:3d:36:a2:cc:5d:90:
a3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C2:FC:13:87:56:B3:B7:D1:5F:EC:21:64:D2:BC:08:7D:DD:97:1A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/csL8E4dWs7fRX-whZNK8CH3dlxo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:00:92:4c:11:5d:99:27:3d:7b:af:5a:e6:05:96:be:14:09:
e4:21:4e:5c:9f:2f:b5:20:88:ce:0c:7b:6f:69:0c:ca:b7:e6:
b2:9a:bb:a3:c5:90:32:ef:d5:d0:80:dc:da:cd:30:b8:b1:c5:
97:f3:b0:59:69:9d:4a:c3:3e:33:a4:2a:50:8b:70:b5:56:ae:
ed:09:00:2e:c8:c0:e3:50:a3:22:d9:a0:bc:8f:62:5f:68:08:
61:54:c7:1a:4d:4f:1c:26:18:32:fc:f5:3d:ea:8e:aa:90:96:
b3:c3:90:20:07:ca:a3:58:96:55:60:ce:23:71:73:a3:19:e4:
d8:1b:16:3d:b0:77:2f:b6:89:a8:ce:cb:70:91:f9:48:38:af:
2e:e0:93:50:e0:7a:e7:81:bd:28:9f:f3:93:dd:ff:c4:17:45:
83:37:b0:f9:2d:c5:ff:04:fc:a1:cb:5a:9c:3a:ae:a0:16:5f:
cf:7c:a6:68:8a:48:f7:d9:34:d4:ef:ce:e0:82:c7:e0:74:13:
34:61:4a:16:be:b3:a6:49:4c:65:7d:8e:b3:ab:bb:be:6d:63:
c4:bc:2b:fa:fb:2a:53:da:82:a6:b8:50:91:c1:f4:40:28:23:
42:c6:c4:97:aa:0a:5a:80:82:18:0d:cc:2c:6f:dd:b4:66:13:
73:05:fd:8f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOl4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYw
OTUyMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcyQzJGQzEzODc1NkIz
QjdEMTVGRUMyMTY0RDJCQzA4N0RERDk3MUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTEEPWCUL1QXrERau1Q0krP2k9fEwyWcmHFzzLuHxzAzC5Kb4F
geppMQy6QKkJiA7fdJQAs2KkDgm9dWo9UI4wG5r0TLkDvdqu+6sBb5MrBTL7ozR/
ocEJp64T76jbnC0zEpUrp73X825j7QQzIcFQsrHwUAyTuAZj9R8Xfp+0KvaK6h37
7MEVssn8u3QJUinFCM/3CzXwNiJnCna4nMB0awWGYtBa2h7gNLkm4pKT6gMukcrf
3EdURGH5Hc0oUwQWoq1yxjyXL0tXLS5COCBHdBknvR6uAE9UwNrW7TzECq0LW0EG
gtJFmCWNvMjtknfEJh1/fpUWnz02osxdkKNLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUcsL8E4dWs7fRX+whZNK8CH3dlxowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NzTDhFNGRXczdmUlgt
d2haTks4Q0gzZGx4by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAgACSTBFdmSc9e69a5gWWvhQJ5CFOXJ8v
tSCIzgx7b2kMyrfmspq7o8WQMu/V0IDc2s0wuLHFl/OwWWmdSsM+M6QqUItwtVau
7QkALsjA41CjItmgvI9iX2gIYVTHGk1PHCYYMvz1PeqOqpCWs8OQIAfKo1iWVWDO
I3Fzoxnk2BsWPbB3L7aJqM7LcJH5SDivLuCTUOB654G9KJ/zk93/xBdFgzew+S3F
/wT8octanDquoBZfz3ymaIpI99k01O/O4ILH4HQTNGFKFr6zpklMZX2Os6u7vm1j
xLwr+vsqU9qCprhQkcH0QCgjQsbEl6oKWoCCGA3MLG/dtGYTcwX9jw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:36 2024 by rpki-client on console-fra.rpki-client.org