Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/d7-QVlcp_Lp0fW2QgDRVbUU3YIY.roa
File: d7-QVlcp_Lp0fW2QgDRVbUU3YIY.roa (raw, json)
Hash identifier: 1Arcc7xEZxXT8twT/RDztrUzptnqajWHj5RoV+5HyE8=
Subject key identifier: 77:BF:90:56:57:29:FC:BA:74:7D:6D:90:80:34:55:6D:45:37:60:86
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B2A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/d7-QVlcp_Lp0fW2QgDRVbUU3YIY.roa
Signing time: Sun 28 Apr 2024 19:23:29 +0000
ROA not before: Sun 28 Apr 2024 19:23:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19242 (0x4b2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 19:23:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=77BF90565729FCBA747D6D908034556D45376086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a7:6a:61:9d:b2:7c:b2:4a:48:36:32:fa:34:
2a:1a:46:d0:fe:3a:8c:b4:28:dd:4d:88:79:2c:7e:
d7:4a:6a:06:b4:66:04:71:7c:4e:38:d0:81:d8:3e:
41:ae:2a:44:cd:4f:0c:14:9b:de:39:1e:62:b9:fa:
a1:03:75:de:f6:0b:42:67:65:bf:fe:5b:3b:68:31:
e9:e2:07:46:25:ed:8a:c3:eb:90:40:e0:2e:24:c0:
d6:0e:aa:9d:e5:a1:72:9f:50:53:9b:7f:57:33:af:
e6:ab:6c:e4:1c:79:7d:0e:a1:9c:6f:62:88:f6:01:
47:53:8c:02:76:46:60:e8:34:5d:96:ef:a8:e4:0d:
21:57:ac:ff:ba:3d:4c:2c:ef:3a:b6:03:e6:92:7c:
46:d1:4c:6c:a6:8e:cc:f7:fa:a8:0d:48:93:a0:38:
8d:e5:a3:eb:a5:62:10:27:39:cc:1b:4b:28:06:06:
64:33:31:61:8b:fa:e9:47:18:bf:dc:c6:f2:f2:a8:
ed:f6:5d:b1:09:09:9d:61:b5:f2:66:9f:65:0e:0b:
54:33:5c:fb:41:ac:23:0d:3d:e5:0a:41:3e:9a:e9:
aa:11:9d:b2:88:8c:bf:47:f1:c9:2c:a8:0e:c7:2f:
26:d7:52:f9:79:24:74:e6:fd:0f:40:90:46:06:36:
3a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:BF:90:56:57:29:FC:BA:74:7D:6D:90:80:34:55:6D:45:37:60:86
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/d7-QVlcp_Lp0fW2QgDRVbUU3YIY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:ca:12:0f:f4:de:c0:b9:68:17:f6:8b:8b:7c:b3:a5:80:fc:
da:32:f1:62:8d:78:e8:23:b6:23:70:2f:04:af:30:63:ef:fc:
bb:2e:b2:16:18:bb:a3:1c:81:bf:29:09:c9:fa:5f:f6:8c:f4:
9d:3e:be:00:f0:60:cf:c2:12:ef:6c:90:13:68:a0:35:4d:48:
4d:78:40:04:d9:06:50:8f:4d:90:64:42:44:b1:f0:5d:40:fc:
97:ff:e5:d6:95:3b:09:e2:9b:6d:c2:b2:ef:ca:16:30:ae:51:
58:ae:99:d1:57:66:80:54:19:92:30:b4:86:59:54:32:a0:18:
9c:96:28:c5:3b:d4:22:71:48:70:95:0d:8e:55:bf:09:48:14:
b6:ee:86:27:d6:1c:11:19:09:17:cc:12:8c:65:29:00:d8:a3:
cb:3d:e6:a9:f2:62:78:e2:34:f4:5c:f4:09:64:87:4f:64:ae:
f1:07:3e:fc:4d:fc:7b:be:2e:22:89:ef:97:28:ef:43:c5:62:
a9:62:0a:3e:a6:0a:ff:2c:e9:65:d5:e5:e8:67:5f:01:d6:c3:
bf:19:57:e5:64:7e:b0:9f:38:5a:2e:f2:d2:a8:de:fc:9a:a3:
9e:5f:ef:be:07:9b:66:6c:a1:f7:bb:92:62:40:1d:9e:e3:42:
ff:46:0c:43
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
OTIzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc3QkY5MDU2NTcyOUZD
QkE3NDdENkQ5MDgwMzQ1NTZENDUzNzYwODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYp2phnbJ8skpINjL6NCoaRtD+Ooy0KN1NiHksftdKaga0ZgRx
fE440IHYPkGuKkTNTwwUm945HmK5+qEDdd72C0JnZb/+WztoMeniB0Yl7YrD65BA
4C4kwNYOqp3loXKfUFObf1czr+arbOQceX0OoZxvYoj2AUdTjAJ2RmDoNF2W76jk
DSFXrP+6PUws7zq2A+aSfEbRTGymjsz3+qgNSJOgOI3lo+ulYhAnOcwbSygGBmQz
MWGL+ulHGL/cxvLyqO32XbEJCZ1htfJmn2UOC1QzXPtBrCMNPeUKQT6a6aoRnbKI
jL9H8cksqA7HLybXUvl5JHTm/Q9AkEYGNjrjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUd7+QVlcp/Lp0fW2QgDRVbUU3YIYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Q3LVFWbGNwX0xwMGZX
MlFnRFJWYlVVM1lJWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKsoSD/TewLloF/aLi3yzpYD82jLxYo14
6CO2I3AvBK8wY+/8uy6yFhi7oxyBvykJyfpf9oz0nT6+APBgz8IS72yQE2igNU1I
TXhABNkGUI9NkGRCRLHwXUD8l//l1pU7CeKbbcKy78oWMK5RWK6Z0VdmgFQZkjC0
hllUMqAYnJYoxTvUInFIcJUNjlW/CUgUtu6GJ9YcERkJF8wSjGUpANijyz3mqfJi
eOI09Fz0CWSHT2Su8Qc+/E38e74uIonvlyjvQ8ViqWIKPqYK/yzpZdXl6GdfAdbD
vxlX5WR+sJ84Wi7y0qje/Jqjnl/vvgebZmyh97uSYkAdnuNC/0YMQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:36 2024 by rpki-client on console-fra.rpki-client.org