Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dVdKkcj-PbqHf9tnSsGZ07RtEkk.roa
File: dVdKkcj-PbqHf9tnSsGZ07RtEkk.roa (raw, json)
Hash identifier: cLCgzC+sUodMnSVFSbCPCXmptTNm8q8tQ0/GT2zRY4M=
Subject key identifier: 75:57:4A:91:C8:FE:3D:BA:87:7F:DB:67:4A:C1:99:D3:B4:6D:12:49
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 337A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dVdKkcj-PbqHf9tnSsGZ07RtEkk.roa
Signing time: Thu 28 Mar 2024 05:22:02 +0000
ROA not before: Thu 28 Mar 2024 05:22:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13178 (0x337a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 05:22:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=75574A91C8FE3DBA877FDB674AC199D3B46D1249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:76:93:db:97:79:c0:18:ab:56:ac:7e:2a:a4:
97:9a:26:79:ff:79:0e:0d:ba:a1:72:18:c4:90:88:
e2:f7:a5:2e:ea:aa:1b:ee:6c:bc:b2:d0:2f:d8:0e:
51:57:26:6e:2c:ff:8e:05:bc:33:76:b5:f9:67:52:
99:f0:50:ad:b1:d4:8e:da:cb:05:38:20:98:88:22:
d6:a0:be:f9:e6:46:98:ed:27:b6:34:47:3f:92:e3:
f9:2c:19:24:2c:d2:83:ef:e6:ff:63:49:58:7a:31:
dc:ab:31:10:39:73:9a:a9:5d:7d:17:f5:d8:37:16:
9b:2a:51:76:0e:c8:b1:76:49:62:c2:37:7b:90:57:
73:b0:86:46:98:46:85:be:9a:bc:15:4f:52:4c:8e:
3c:1d:72:48:a4:40:6c:30:2f:5f:d2:d4:e8:f2:66:
3d:e0:76:d7:c4:1c:b4:e3:26:f9:82:d2:2b:9b:6e:
e1:1b:c4:c3:df:f2:04:da:81:26:ae:f2:76:1b:43:
bc:10:4c:4b:29:0d:d4:f2:32:e4:a2:49:a4:70:ca:
81:80:79:07:cb:df:86:1f:6f:97:fb:f3:b6:10:87:
d2:b6:dc:5b:82:c2:47:27:37:6e:16:fc:53:65:69:
20:86:fc:52:fb:f6:ae:7e:90:68:ea:01:75:2e:dc:
cf:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:57:4A:91:C8:FE:3D:BA:87:7F:DB:67:4A:C1:99:D3:B4:6D:12:49
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dVdKkcj-PbqHf9tnSsGZ07RtEkk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:e2:7c:cc:3b:08:e3:04:49:3a:68:7d:c8:05:b7:6b:52:bc:
42:3f:96:c9:fd:0a:e3:d1:4e:71:c7:44:e7:aa:da:2a:5e:b9:
b1:85:4f:17:9f:34:f8:22:ca:f6:6c:74:fc:9b:62:37:1f:cf:
70:6d:4f:34:e5:ad:c6:2d:c8:62:00:26:52:3e:48:b1:5b:ae:
99:3d:a3:aa:5f:6b:40:80:ec:61:3f:01:ab:0a:39:67:70:91:
97:0a:7a:3a:5d:2f:87:c3:e6:62:82:d3:2a:cc:34:51:c1:1f:
a0:37:78:1d:e4:aa:cb:b0:e9:1c:87:26:08:a9:a4:01:8b:33:
07:34:f9:89:33:3c:0a:8c:6a:19:cb:1a:84:7b:b9:72:5b:dd:
07:e9:64:b7:61:e1:d6:bb:19:19:87:89:e3:55:0c:41:56:b0:
40:c0:d6:18:ee:b3:92:b0:b4:bc:a9:f4:5d:90:45:33:d9:94:
f0:99:34:60:90:71:b6:4e:57:3f:5e:31:a3:76:79:9d:e4:ab:
67:cf:4c:44:d1:85:15:2f:71:ef:9e:78:2b:2e:da:00:b4:64:
6f:bf:c6:79:79:34:24:72:75:9f:43:6f:85:c5:4e:3d:26:27:
5b:42:1b:af:b6:1d:15:f0:5b:3b:3f:e8:76:4f:d5:57:0d:96:
04:68:f0:a0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICM3owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgw
NTIyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc1NTc0QTkxQzhGRTNE
QkE4NzdGREI2NzRBQzE5OUQzQjQ2RDEyNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJdpPbl3nAGKtWrH4qpJeaJnn/eQ4NuqFyGMSQiOL3pS7qqhvu
bLyy0C/YDlFXJm4s/44FvDN2tflnUpnwUK2x1I7aywU4IJiIItagvvnmRpjtJ7Y0
Rz+S4/ksGSQs0oPv5v9jSVh6MdyrMRA5c5qpXX0X9dg3FpsqUXYOyLF2SWLCN3uQ
V3OwhkaYRoW+mrwVT1JMjjwdckikQGwwL1/S1OjyZj3gdtfEHLTjJvmC0iubbuEb
xMPf8gTagSau8nYbQ7wQTEspDdTyMuSiSaRwyoGAeQfL34Yfb5f787YQh9K23FuC
wkcnN24W/FNlaSCG/FL79q5+kGjqAXUu3M8BAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdVdKkcj+PbqHf9tnSsGZ07RtEkkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RWZEtrY2otUGJxSGY5
dG5Tc0daMDdSdEVray5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEASeJ8zDsI4wRJOmh9yAW3a1K8Qj+Wyf0K
49FOccdE56raKl65sYVPF580+CLK9mx0/JtiNx/PcG1PNOWtxi3IYgAmUj5IsVuu
mT2jql9rQIDsYT8Bqwo5Z3CRlwp6Ol0vh8PmYoLTKsw0UcEfoDd4HeSqy7DpHIcm
CKmkAYszBzT5iTM8CoxqGcsahHu5clvdB+lkt2Hh1rsZGYeJ41UMQVawQMDWGO6z
krC0vKn0XZBFM9mU8Jk0YJBxtk5XP14xo3Z5neSrZ89MRNGFFS9x7554Ky7aALRk
b7/GeXk0JHJ1n0NvhcVOPSYnW0Ibr7YdFfBbOz/odk/VVw2WBGjwoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:37 2024 by rpki-client on console-fra.rpki-client.org