Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ddHXgTEtLVIPSWAyrTirto85cjA.roa
File: ddHXgTEtLVIPSWAyrTirto85cjA.roa (raw, json)
Hash identifier: wRh+DlG+He9yM0NmWPcS8CryZ5J49TIxkP4a8HLICq0=
Subject key identifier: 75:D1:D7:81:31:2D:2D:52:0F:49:60:32:AD:38:AB:B6:8F:39:72:30
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44EA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ddHXgTEtLVIPSWAyrTirto85cjA.roa
Signing time: Sat 20 Apr 2024 11:23:04 +0000
ROA not before: Sat 20 Apr 2024 11:23:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17642 (0x44ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 11:23:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=75D1D781312D2D520F496032AD38ABB68F397230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d3:b4:81:c4:1c:eb:6b:0b:37:57:8d:0f:90:
81:18:54:7a:40:0e:0d:9a:d8:e2:43:ab:c4:e2:b5:
b3:df:d0:30:4f:d5:64:67:e1:8e:34:e9:f2:25:8c:
01:a0:c6:f2:16:1d:11:e9:bf:2d:3e:79:45:f9:82:
7b:bb:b3:45:28:64:68:a2:c0:75:10:2a:42:d8:58:
54:ca:0a:f0:25:94:d4:f3:a0:0a:94:10:8a:ea:1e:
fb:7d:39:30:c8:53:81:c6:0c:99:06:ea:82:ed:0e:
47:63:8c:a9:3b:1b:58:e0:8c:41:5b:92:e5:4f:18:
26:c5:d5:c5:ad:6c:47:4c:29:aa:99:20:b6:02:a6:
06:a0:37:d0:bc:6f:92:f8:e0:d8:9b:52:b6:54:fc:
58:f8:08:ea:eb:7f:99:a7:70:e6:8d:d8:5b:46:cc:
71:fd:09:0a:75:bc:16:ca:4c:5a:cd:9e:4f:8b:e4:
ab:c7:9d:19:19:f0:90:00:9f:90:26:e0:de:be:97:
ae:29:49:9d:af:39:cf:d6:86:fc:bc:8a:25:51:95:
33:d9:a0:5b:81:2f:91:c5:d1:a6:7d:1b:66:59:b7:
ce:e3:a6:03:9f:e5:39:d0:c4:70:26:48:71:95:74:
7e:a5:bb:bd:bb:9c:c2:e3:15:2c:c0:29:48:a4:d6:
e0:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D1:D7:81:31:2D:2D:52:0F:49:60:32:AD:38:AB:B6:8F:39:72:30
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ddHXgTEtLVIPSWAyrTirto85cjA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:fb:1e:c5:e0:3a:6c:2f:dd:bc:a6:a1:d7:7e:76:5e:a2:64:
c3:e1:59:31:f1:89:83:57:ab:b0:e0:96:c1:6e:8e:4d:76:3d:
5e:87:3b:0e:28:8d:aa:e4:c1:49:a6:2c:9a:fd:aa:2c:24:a1:
06:a0:8c:ec:2b:40:19:8f:2c:af:fd:1c:8a:91:5d:cc:4b:d7:
64:4e:2b:27:ce:8e:25:80:23:16:46:24:53:05:d6:6c:1f:d8:
8e:7c:4f:60:40:16:e9:a6:99:8a:da:b0:74:be:d3:ff:a6:42:
3c:d8:6f:5e:69:0e:97:48:82:18:1a:4b:89:f3:6c:47:eb:35:
6e:81:48:f9:7f:0c:ae:83:e5:53:86:dc:d0:05:07:b3:ac:9d:
66:01:88:11:cf:7f:0e:01:48:88:cb:a0:9f:ba:73:e7:da:72:
99:46:b5:05:04:ea:68:b6:58:95:84:a5:85:a3:86:ca:94:3c:
37:10:02:e5:35:aa:1e:a0:c0:b4:05:2a:19:bc:95:c1:a9:96:
a9:6c:cb:b1:3b:3d:4b:c4:ee:5e:60:a0:53:cd:7b:90:72:7f:
8e:6e:78:5a:84:be:14:26:54:5f:8d:ee:85:63:e4:2a:70:8b:
f6:44:a0:ca:dd:ac:73:2e:3e:26:2a:aa:50:c0:f7:4a:a1:ae:
99:3a:4f:2f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICROowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
MTIzMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc1RDFENzgxMzEyRDJE
NTIwRjQ5NjAzMkFEMzhBQkI2OEYzOTcyMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/07SBxBzraws3V40PkIEYVHpADg2a2OJDq8TitbPf0DBP1WRn
4Y406fIljAGgxvIWHRHpvy0+eUX5gnu7s0UoZGiiwHUQKkLYWFTKCvAllNTzoAqU
EIrqHvt9OTDIU4HGDJkG6oLtDkdjjKk7G1jgjEFbkuVPGCbF1cWtbEdMKaqZILYC
pgagN9C8b5L44NibUrZU/Fj4COrrf5mncOaN2FtGzHH9CQp1vBbKTFrNnk+L5KvH
nRkZ8JAAn5Am4N6+l64pSZ2vOc/Whvy8iiVRlTPZoFuBL5HF0aZ9G2ZZt87jpgOf
5TnQxHAmSHGVdH6lu727nMLjFSzAKUik1uBRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUddHXgTEtLVIPSWAyrTirto85cjAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RkSFhnVEV0TFZJUFNX
QXlyVGlydG84NWNqQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAgfsexeA6bC/dvKah1352XqJkw+FZMfGJ
g1ersOCWwW6OTXY9Xoc7DiiNquTBSaYsmv2qLCShBqCM7CtAGY8sr/0cipFdzEvX
ZE4rJ86OJYAjFkYkUwXWbB/YjnxPYEAW6aaZitqwdL7T/6ZCPNhvXmkOl0iCGBpL
ifNsR+s1boFI+X8MroPlU4bc0AUHs6ydZgGIEc9/DgFIiMugn7pz59pymUa1BQTq
aLZYlYSlhaOGypQ8NxAC5TWqHqDAtAUqGbyVwamWqWzLsTs9S8TuXmCgU817kHJ/
jm54WoS+FCZUX43uhWPkKnCL9kSgyt2scy4+JiqqUMD3SqGumTpPLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:37 2024 by rpki-client on console-fra.rpki-client.org