Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/czZ5VdMEn8jiNusxahGvX5NAkgY.roa
File: czZ5VdMEn8jiNusxahGvX5NAkgY.roa (raw, json)
Hash identifier: ZxjrqmVGBWDE8pP0smJ82Nn7qPstOJ6X+xSVN0QBTiI=
Subject key identifier: 73:36:79:55:D3:04:9F:C8:E2:36:EB:31:6A:11:AF:5F:93:40:92:06
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3506
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/czZ5VdMEn8jiNusxahGvX5NAkgY.roa
Signing time: Sat 30 Mar 2024 06:52:36 +0000
ROA not before: Sat 30 Mar 2024 06:52:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13574 (0x3506)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 06:52:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=73367955D3049FC8E236EB316A11AF5F93409206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:88:34:57:db:cd:01:2f:e3:06:3d:79:3f:9c:
b3:37:be:32:62:f7:0e:2b:c1:e6:25:c3:4f:96:31:
60:60:81:4e:8f:17:72:9e:22:b8:75:be:af:00:17:
f0:dc:55:f5:9b:c1:09:60:d1:93:b8:dd:b3:7a:a6:
41:75:45:72:57:6f:68:2d:2c:6d:c1:62:52:bb:df:
1f:4c:02:3c:ab:fe:bc:c2:2d:51:4e:ef:11:de:8f:
ed:12:d9:70:7f:61:7e:c8:9e:0a:c1:42:4a:d1:57:
28:40:cd:ad:f3:c8:a2:05:c3:79:84:a7:b1:db:cb:
4c:9c:bc:73:5b:b0:6a:87:b1:51:67:ef:22:1c:18:
00:e9:dd:dd:e9:65:aa:ac:16:65:0b:d7:60:68:cd:
3a:6c:de:b4:00:89:eb:33:78:ef:52:1c:a6:77:fb:
89:57:c1:7c:37:46:2e:98:53:c8:b1:66:6a:59:fe:
69:76:8b:93:01:e5:b7:54:c9:ce:23:c9:92:1a:c1:
22:c1:be:e8:92:7c:7c:23:8d:10:c5:73:e9:66:fa:
4e:54:3e:7c:e2:ba:8d:10:ea:f8:c7:8b:40:30:31:
cd:a1:0a:55:f7:d2:4d:5a:df:7d:47:6f:9c:fe:cd:
7e:a1:3f:f4:1c:cd:75:20:a3:4f:c9:49:e0:73:42:
79:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:36:79:55:D3:04:9F:C8:E2:36:EB:31:6A:11:AF:5F:93:40:92:06
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/czZ5VdMEn8jiNusxahGvX5NAkgY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:0b:00:12:2b:31:e2:83:d8:96:4f:36:c4:82:e2:7e:12:58:
a2:e3:57:26:8b:36:8b:70:5f:9f:58:26:48:87:19:a4:83:e1:
c3:5b:cd:85:98:98:05:44:96:2d:4c:73:43:1b:06:57:e1:16:
da:e7:82:3f:d8:80:25:ce:cf:f4:09:a5:ef:2e:47:d9:c6:68:
3c:73:36:aa:60:c5:23:c4:a1:38:c8:bf:34:84:8c:81:9d:30:
3a:d8:f0:f9:56:94:67:cf:4b:f8:a2:9b:05:6f:0f:09:d0:5d:
e3:a1:83:76:76:82:1c:ec:9a:bc:f4:18:e2:c1:fc:87:2f:84:
cb:9c:8c:cc:ba:3c:c4:b4:ea:6a:95:fe:92:f9:31:90:d1:c5:
23:7d:c1:a0:3d:97:4b:5e:b4:53:9b:47:15:2b:bb:a5:f8:ea:
e8:28:b4:01:0b:68:18:68:1d:d4:2b:e1:27:b4:3c:53:55:f9:
7d:18:3b:f9:76:f0:7c:b7:8c:ec:b4:bd:8f:17:a4:fb:92:6a:
7b:22:b3:ff:63:34:fe:6a:c1:fa:8c:1d:25:b7:93:a8:0e:3f:
7f:bf:4b:84:7c:36:3a:c9:07:32:6d:31:12:9e:b8:6c:67:01:
22:29:f2:87:9f:1c:b3:89:10:93:45:b9:71:3c:47:21:4f:74:
bc:46:28:75
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNQYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
NjUyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDczMzY3OTU1RDMwNDlG
QzhFMjM2RUIzMTZBMTFBRjVGOTM0MDkyMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3iDRX280BL+MGPXk/nLM3vjJi9w4rweYlw0+WMWBggU6PF3Ke
Irh1vq8AF/DcVfWbwQlg0ZO43bN6pkF1RXJXb2gtLG3BYlK73x9MAjyr/rzCLVFO
7xHej+0S2XB/YX7IngrBQkrRVyhAza3zyKIFw3mEp7Hby0ycvHNbsGqHsVFn7yIc
GADp3d3pZaqsFmUL12BozTps3rQAieszeO9SHKZ3+4lXwXw3Ri6YU8ixZmpZ/ml2
i5MB5bdUyc4jyZIawSLBvuiSfHwjjRDFc+lm+k5UPnziuo0Q6vjHi0AwMc2hClX3
0k1a331Hb5z+zX6hP/QczXUgo0/JSeBzQnmdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUczZ5VdMEn8jiNusxahGvX5NAkgYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2N6WjVWZE1FbjhqaU51
c3hhaEd2WDVOQWtnWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAPgsAEisx4oPYlk82xILifhJYouNXJos2
i3Bfn1gmSIcZpIPhw1vNhZiYBUSWLUxzQxsGV+EW2ueCP9iAJc7P9Aml7y5H2cZo
PHM2qmDFI8ShOMi/NISMgZ0wOtjw+VaUZ89L+KKbBW8PCdBd46GDdnaCHOyavPQY
4sH8hy+Ey5yMzLo8xLTqapX+kvkxkNHFI33BoD2XS160U5tHFSu7pfjq6Ci0AQto
GGgd1CvhJ7Q8U1X5fRg7+XbwfLeM7LS9jxek+5JqeyKz/2M0/mrB+owdJbeTqA4/
f79LhHw2OskHMm0xEp64bGcBIinyh58cs4kQk0W5cTxHIU90vEYodQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:36 2024 by rpki-client on console-fra.rpki-client.org