Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/eIYmKu2gpZdKViThWxwr1dnNNx0.roa
File: eIYmKu2gpZdKViThWxwr1dnNNx0.roa (raw, json)
Hash identifier: s0cXbOVzYpE93sz2Tko5BUqqB8KG1U8c5Cuhu3Mxxxw=
Subject key identifier: 78:86:26:2A:ED:A0:A5:97:4A:56:24:E1:5B:1C:2B:D5:D9:CD:37:1D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35DA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eIYmKu2gpZdKViThWxwr1dnNNx0.roa
Signing time: Sun 31 Mar 2024 09:22:10 +0000
ROA not before: Sun 31 Mar 2024 09:22:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13786 (0x35da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 09:22:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7886262AEDA0A5974A5624E15B1C2BD5D9CD371D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b3:dc:9e:20:2a:25:4a:29:40:95:78:79:50:
34:07:71:9e:dd:00:0a:aa:70:a9:ff:82:f4:94:fe:
aa:03:38:5a:6b:2e:f1:c6:a1:9d:10:26:ed:73:f9:
bb:eb:24:2d:bf:3f:73:45:99:e0:52:c8:38:2d:20:
cc:6a:2f:61:c5:c3:a6:64:59:fa:fd:43:f2:56:22:
8a:91:40:6a:cd:8a:a6:b5:c2:d7:b9:41:30:91:8f:
5a:ab:8f:aa:76:e9:65:20:0b:50:2a:83:de:d1:73:
08:5b:ca:4a:3a:dd:40:b3:ba:97:ed:17:b1:0f:87:
e3:35:5a:5c:31:8e:44:9d:22:33:cd:d8:07:ab:50:
79:fa:50:5d:14:d4:be:ee:af:f1:c1:b0:7e:c1:a7:
2a:2b:20:78:18:a2:17:06:a9:4a:04:31:ee:c3:ae:
53:ed:34:6a:b6:95:7c:5c:4a:ca:f6:a6:ef:e8:2c:
cb:99:af:0f:c6:ff:6f:b2:17:69:2b:99:42:de:e0:
7a:c6:c9:75:76:8d:a6:36:92:cb:60:62:65:d2:d9:
05:59:f8:95:57:f3:5f:53:42:ab:f7:27:f6:2b:55:
6d:6e:04:7f:83:97:2d:0d:c0:e4:84:60:94:70:1d:
03:89:c9:b6:eb:99:8a:c1:ef:33:14:42:ef:d4:f1:
33:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:86:26:2A:ED:A0:A5:97:4A:56:24:E1:5B:1C:2B:D5:D9:CD:37:1D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eIYmKu2gpZdKViThWxwr1dnNNx0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:12:d7:c1:44:bf:90:c2:ef:3a:5b:91:c4:de:e2:aa:0c:a8:
99:f0:83:0f:72:20:67:1e:f0:54:4e:03:a7:0e:7c:4f:01:f5:
4d:33:a8:f2:84:9e:66:dd:46:0d:44:c4:50:6e:8c:e2:46:4d:
4d:3b:db:bd:32:b2:90:15:b1:30:49:7b:80:a7:f9:0e:ee:26:
7f:a5:12:77:7e:98:79:ca:9f:4c:94:35:72:68:cd:19:2f:6a:
a1:22:83:35:36:04:0e:80:fe:b1:e5:4e:bc:3a:68:4e:a4:7c:
f9:0f:e2:0c:37:5b:7e:25:3d:fb:42:b6:7f:71:8a:77:99:c3:
ab:79:53:b9:dc:7a:88:92:8d:17:ee:f8:29:7b:b4:0e:69:2c:
2c:36:10:7d:98:4f:7c:85:78:8e:f7:46:d4:a6:cd:92:3e:d0:
93:1a:3d:b5:b9:19:69:d9:55:36:26:46:70:a0:d1:29:07:28:
29:81:b8:14:af:9c:d7:df:9c:3a:78:1b:60:cb:3c:e4:f6:00:
1a:70:09:91:79:4b:fe:02:c1:16:0e:8b:52:eb:d1:80:12:6f:
80:b9:f8:bb:e2:cd:d1:3c:85:db:d0:65:1b:56:d8:15:bc:6a:
5e:87:09:e8:28:34:8c:67:eb:27:1b:1d:69:3b:f6:e9:82:1d:
45:d1:9b:7a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
OTIyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc4ODYyNjJBRURBMEE1
OTc0QTU2MjRFMTVCMUMyQkQ1RDlDRDM3MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCls9yeIColSilAlXh5UDQHcZ7dAAqqcKn/gvSU/qoDOFprLvHG
oZ0QJu1z+bvrJC2/P3NFmeBSyDgtIMxqL2HFw6ZkWfr9Q/JWIoqRQGrNiqa1wte5
QTCRj1qrj6p26WUgC1Aqg97Rcwhbyko63UCzupftF7EPh+M1WlwxjkSdIjPN2Aer
UHn6UF0U1L7ur/HBsH7BpyorIHgYohcGqUoEMe7DrlPtNGq2lXxcSsr2pu/oLMuZ
rw/G/2+yF2krmULe4HrGyXV2jaY2kstgYmXS2QVZ+JVX819TQqv3J/YrVW1uBH+D
ly0NwOSEYJRwHQOJybbrmYrB7zMUQu/U8TPVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUeIYmKu2gpZdKViThWxwr1dnNNx0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VJWW1LdTJncFpkS1Zp
VGhXeHdyMWRuTk54MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAphLXwUS/kMLvOluRxN7iqgyomfCDD3Ig
Zx7wVE4Dpw58TwH1TTOo8oSeZt1GDUTEUG6M4kZNTTvbvTKykBWxMEl7gKf5Du4m
f6USd36YecqfTJQ1cmjNGS9qoSKDNTYEDoD+seVOvDpoTqR8+Q/iDDdbfiU9+0K2
f3GKd5nDq3lTudx6iJKNF+74KXu0DmksLDYQfZhPfIV4jvdG1KbNkj7Qkxo9tbkZ
adlVNiZGcKDRKQcoKYG4FK+c19+cOngbYMs85PYAGnAJkXlL/gLBFg6LUuvRgBJv
gLn4u+LN0TyF29BlG1bYFbxqXocJ6Cg0jGfrJxsdaTv26YIdRdGbeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:37 2024 by rpki-client on console-fra.rpki-client.org