Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dYyXKIN0h3KlA0KQsnTng9XmAjs.roa
File: dYyXKIN0h3KlA0KQsnTng9XmAjs.roa (raw, json)
Hash identifier: zoOWlb/2oQ0DFIazN8M4By5nZ8gVADmLFaCdxPeBnZE=
Subject key identifier: 75:8C:97:28:83:74:87:72:A5:03:42:90:B2:74:E7:83:D5:E6:02:3B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37CE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dYyXKIN0h3KlA0KQsnTng9XmAjs.roa
Signing time: Tue 02 Apr 2024 23:52:17 +0000
ROA not before: Tue 02 Apr 2024 23:52:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14286 (0x37ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 23:52:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=758C972883748772A5034290B274E783D5E6023B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:1f:5b:6b:8b:b3:2d:c9:da:e7:89:71:5e:75:
62:34:4b:46:a7:3d:33:e2:8e:af:a0:e9:77:cc:b8:
82:c2:7e:a8:c2:d4:15:b8:55:d2:ba:1d:aa:d2:b9:
c1:93:5b:db:c1:5c:38:fe:d8:6a:26:78:ec:de:ae:
fa:58:20:d2:8e:72:9f:a4:35:ea:f8:3d:c3:ed:3b:
54:1b:dd:26:14:16:18:59:e7:a3:4d:f4:95:cc:ed:
9f:f1:4b:2c:b4:ea:b1:35:df:9f:1e:4a:c1:da:b2:
38:7d:7d:f0:3b:50:2a:13:d4:45:3e:77:13:21:ab:
12:1c:5f:b9:18:07:9d:07:71:56:76:78:64:5a:47:
37:dc:f3:4c:2c:00:46:e5:89:05:24:4c:af:72:2a:
98:44:7e:80:13:39:3e:64:74:05:49:13:26:c6:de:
79:de:34:a3:e3:dc:92:01:d0:5c:3c:ad:23:a8:7f:
4c:61:fb:cc:1f:73:47:75:b3:16:1a:fe:1e:f1:32:
7d:83:0a:df:56:a4:d5:21:92:1d:1e:fc:b8:45:85:
70:86:ef:99:1b:4b:af:af:54:26:0b:50:41:ff:2f:
9b:7e:2d:bf:f8:d7:13:01:16:6d:4d:9d:a4:22:80:
ac:29:55:5e:ca:5e:7f:24:a7:e7:0c:58:b5:55:0c:
cc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:8C:97:28:83:74:87:72:A5:03:42:90:B2:74:E7:83:D5:E6:02:3B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dYyXKIN0h3KlA0KQsnTng9XmAjs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:ba:13:d2:12:3a:c0:4d:96:da:dd:2e:ea:46:be:86:bb:04:
54:76:4e:d8:c6:b7:06:da:2f:89:8d:cb:9d:5b:11:50:30:f5:
50:66:7b:74:f2:18:7e:9d:c7:20:ec:d0:23:a1:19:3e:8c:04:
ed:37:b3:01:fa:8c:27:70:1c:57:c3:1c:10:46:36:4b:11:5b:
7d:e7:61:bd:b7:5c:cd:eb:c7:bf:f4:3c:ba:4d:79:f2:88:74:
f9:97:4a:57:55:10:f8:76:60:e5:33:da:6b:2b:71:ff:47:cb:
92:57:37:26:a7:12:6f:85:4d:2d:81:db:46:c3:fe:e0:e6:d7:
b7:f8:7e:f6:59:5a:1c:c8:ea:4b:94:ee:f9:1a:95:b6:50:b4:
46:d3:c6:17:c9:46:2f:0d:26:c5:bb:a7:23:4f:dc:cd:c6:d7:
cd:24:10:f6:d4:62:17:e3:6e:2e:ca:c0:b3:09:62:e4:f5:f4:
58:78:2a:2d:7c:27:94:30:1e:82:f9:ae:37:40:b4:a4:bc:75:
9b:fa:1d:39:0e:80:3e:22:ed:dc:bf:68:2f:be:d4:da:05:2c:
e9:fc:fd:85:e9:b2:94:e4:1d:9b:6c:7d:06:bb:97:be:34:8c:
30:96:6e:63:a5:f1:bc:da:0d:2d:e6:35:cd:31:17:6e:60:59:
48:eb:b9:16
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICN84wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIy
MzUyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc1OEM5NzI4ODM3NDg3
NzJBNTAzNDI5MEIyNzRFNzgzRDVFNjAyM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxH1tri7MtydrniXFedWI0S0anPTPijq+g6XfMuILCfqjC1BW4
VdK6HarSucGTW9vBXDj+2GomeOzervpYINKOcp+kNer4PcPtO1Qb3SYUFhhZ56NN
9JXM7Z/xSyy06rE1358eSsHasjh9ffA7UCoT1EU+dxMhqxIcX7kYB50HcVZ2eGRa
Rzfc80wsAEbliQUkTK9yKphEfoATOT5kdAVJEybG3nneNKPj3JIB0Fw8rSOof0xh
+8wfc0d1sxYa/h7xMn2DCt9WpNUhkh0e/LhFhXCG75kbS6+vVCYLUEH/L5t+Lb/4
1xMBFm1NnaQigKwpVV7KXn8kp+cMWLVVDMx5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdYyXKIN0h3KlA0KQsnTng9XmAjswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RZeVhLSU4waDNLbEEw
S1FzblRuZzlYbUFqcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAk7oT0hI6wE2W2t0u6ka+hrsEVHZO2Ma3
BtoviY3LnVsRUDD1UGZ7dPIYfp3HIOzQI6EZPowE7TezAfqMJ3AcV8McEEY2SxFb
fedhvbdczevHv/Q8uk158oh0+ZdKV1UQ+HZg5TPaaytx/0fLklc3JqcSb4VNLYHb
RsP+4ObXt/h+9llaHMjqS5Tu+RqVtlC0RtPGF8lGLw0mxbunI0/czcbXzSQQ9tRi
F+NuLsrAswli5PX0WHgqLXwnlDAegvmuN0C0pLx1m/odOQ6APiLt3L9oL77U2gUs
6fz9hemylOQdm2x9BruXvjSMMJZuY6XxvNoNLeY1zTEXbmBZSOu5Fg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:37 2024 by rpki-client on console-fra.rpki-client.org