Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/d7n1vRB2lwDpbFo-uG6FiEfXO6o.roa
File: d7n1vRB2lwDpbFo-uG6FiEfXO6o.roa (raw, json)
Hash identifier: JMft5D8oNmtrdn7rBxeqnELQCzGjaab+ok/Le8kJ0d0=
Subject key identifier: 77:B9:F5:BD:10:76:97:00:E9:6C:5A:3E:B8:6E:85:88:47:D7:3B:AA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3746
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/d7n1vRB2lwDpbFo-uG6FiEfXO6o.roa
Signing time: Tue 02 Apr 2024 06:52:17 +0000
ROA not before: Tue 02 Apr 2024 06:52:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14150 (0x3746)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 06:52:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=77B9F5BD10769700E96C5A3EB86E858847D73BAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ad:07:2d:b9:c4:0b:92:a5:43:09:1e:15:f2:
c1:f6:67:23:8e:cc:b4:60:72:8e:03:c6:b8:ee:5f:
8c:7c:50:70:58:de:90:92:d1:62:6a:19:bd:31:8c:
83:e8:ca:d2:d3:dc:a2:c3:b7:ba:01:1f:9a:d3:7d:
7d:c0:fe:4d:72:c1:ce:85:b0:0b:98:6f:a2:67:d3:
11:ee:21:df:5c:1a:1f:d4:40:a3:f3:55:45:03:81:
c9:a3:c5:f0:03:24:a1:72:f5:a4:fe:6c:6a:b6:be:
8c:c3:46:2a:8e:f9:31:2e:a6:dc:7f:0a:30:6e:37:
65:6e:8b:45:45:75:24:5a:11:ab:23:c8:f9:eb:87:
5c:f8:13:c5:6a:14:c5:9e:cd:ce:d9:55:15:40:41:
f6:23:ec:6a:c1:63:20:83:14:b5:f8:44:e5:72:7f:
20:8b:98:87:a1:fb:3b:62:75:ac:13:82:48:2f:78:
d1:bf:97:af:16:05:1e:ee:da:53:48:24:0e:c8:3e:
a7:90:37:6d:b0:7f:f0:56:1f:46:1c:e4:00:5d:15:
dc:41:94:f1:34:a8:3b:9e:e3:14:9d:26:74:0f:c8:
6e:fd:e5:ad:18:8b:2b:f8:70:ff:e0:35:a5:fc:39:
8d:8b:99:38:18:33:3d:19:3a:69:c9:5b:a4:8c:45:
d8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B9:F5:BD:10:76:97:00:E9:6C:5A:3E:B8:6E:85:88:47:D7:3B:AA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/d7n1vRB2lwDpbFo-uG6FiEfXO6o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:9a:db:a9:f0:39:0b:20:80:12:fc:26:6c:ad:69:76:e5:59:
bf:f5:9e:fb:c4:da:1a:93:ec:1f:f7:56:ed:38:39:03:b9:c9:
2e:d5:05:89:39:9f:0e:21:1b:bd:19:16:88:47:98:ab:92:c9:
37:67:40:8a:ee:b5:b4:bf:fd:3e:4a:67:ce:ee:ca:c3:43:d9:
83:bb:62:7a:3f:7e:5b:dc:fe:3b:5d:e0:91:91:08:ee:d2:10:
c7:39:d2:d2:2d:aa:ce:fc:a1:5f:d0:b9:39:ae:01:2a:8a:75:
9d:77:4f:31:b4:b3:09:7c:c5:91:69:9f:54:a3:1d:c0:d7:9f:
62:82:76:7c:c7:3c:26:06:66:a2:a2:72:fd:33:b6:16:e2:fe:
f3:92:bf:80:72:36:7c:ac:a6:4a:aa:b4:fb:96:82:db:6e:43:
13:54:32:83:5c:ac:a3:b1:73:d1:a0:9c:c5:2a:c7:0b:8f:d4:
4e:74:93:c5:db:43:cb:4f:23:6b:86:6c:be:0c:44:bb:e1:f6:
d1:2d:5b:47:fb:73:ea:70:1a:c9:71:ca:e0:82:7e:ce:15:60:
40:5e:bc:96:a8:53:0f:52:e5:e0:6b:c9:73:16:18:0d:4e:1d:
f9:62:a7:a9:44:11:4c:bc:08:65:f8:df:8a:a5:59:46:0b:2b:
d7:e6:a2:3c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICN0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIw
NjUyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc3QjlGNUJEMTA3Njk3
MDBFOTZDNUEzRUI4NkU4NTg4NDdENzNCQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLrQctucQLkqVDCR4V8sH2ZyOOzLRgco4DxrjuX4x8UHBY3pCS
0WJqGb0xjIPoytLT3KLDt7oBH5rTfX3A/k1ywc6FsAuYb6Jn0xHuId9cGh/UQKPz
VUUDgcmjxfADJKFy9aT+bGq2vozDRiqO+TEuptx/CjBuN2Vui0VFdSRaEasjyPnr
h1z4E8VqFMWezc7ZVRVAQfYj7GrBYyCDFLX4ROVyfyCLmIeh+ztidawTgkgveNG/
l68WBR7u2lNIJA7IPqeQN22wf/BWH0Yc5ABdFdxBlPE0qDue4xSdJnQPyG795a0Y
iyv4cP/gNaX8OY2LmTgYMz0ZOmnJW6SMRdjnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUd7n1vRB2lwDpbFo+uG6FiEfXO6owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Q3bjF2UkIybHdEcGJG
by11RzZGaUVmWE82by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAXprbqfA5CyCAEvwmbK1pduVZv/We+8Ta
GpPsH/dW7Tg5A7nJLtUFiTmfDiEbvRkWiEeYq5LJN2dAiu61tL/9Pkpnzu7Kw0PZ
g7tiej9+W9z+O13gkZEI7tIQxznS0i2qzvyhX9C5Oa4BKop1nXdPMbSzCXzFkWmf
VKMdwNefYoJ2fMc8JgZmoqJy/TO2FuL+85K/gHI2fKymSqq0+5aC225DE1Qyg1ys
o7Fz0aCcxSrHC4/UTnSTxdtDy08ja4ZsvgxEu+H20S1bR/tz6nAayXHK4IJ+zhVg
QF68lqhTD1Ll4GvJcxYYDU4d+WKnqUQRTLwIZfjfiqVZRgsr1+aiPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:56 2024 by rpki-client on console-ams.rpki-client.org