Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fByTJAp941tybUIsexO7qIuLrO4.roa
File: fByTJAp941tybUIsexO7qIuLrO4.roa (raw, json)
Hash identifier: MKcng+A+viSRUpd4EOYMT+nvz+cJWAqhx597kcHFW4M=
Subject key identifier: 7C:1C:93:24:0A:7D:E3:5B:72:6D:42:2C:7B:13:BB:A8:8B:8B:AC:EE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B66
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fByTJAp941tybUIsexO7qIuLrO4.roa
Signing time: Mon 29 Apr 2024 02:53:39 +0000
ROA not before: Mon 29 Apr 2024 02:53:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19302 (0x4b66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 02:53:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7C1C93240A7DE35B726D422C7B13BBA88B8BACEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c4:d2:74:a9:1e:e4:a1:7f:ba:93:76:16:21:
93:20:ad:55:42:18:36:53:9e:73:92:90:ad:2d:bc:
8a:fe:df:83:d1:04:fc:b8:58:76:b9:fa:d1:f1:f9:
e2:5b:26:62:f2:7e:35:e7:e1:2a:0e:4f:e2:ca:0b:
20:d2:9d:5f:26:1a:22:f4:1a:4f:3f:55:06:81:cf:
cf:07:87:ec:c1:39:64:5e:85:77:10:a4:3a:cf:5a:
a4:ea:cb:b4:1e:80:41:24:90:9c:dc:35:54:bc:ef:
48:8a:87:f0:87:fc:fc:90:81:a1:19:53:80:9c:84:
41:4b:eb:8e:16:46:67:6d:8d:89:23:2d:51:b1:30:
b5:46:8d:1d:29:f4:51:10:09:ce:7c:9a:22:16:ae:
ff:d4:90:6d:a7:e9:ff:a2:c6:4f:77:3b:94:1e:e8:
96:49:24:78:29:9b:54:d7:e1:ef:af:64:f0:eb:6b:
6e:07:78:67:e6:11:97:c1:dc:ed:46:5d:c7:95:fe:
ff:ca:94:eb:1c:86:5f:97:68:1d:3a:a2:d5:bd:65:
13:6c:0e:b1:4b:7f:58:25:ed:03:0c:10:56:ab:10:
35:0a:89:b2:cd:42:b9:ad:11:12:25:85:7e:68:bf:
11:b1:4c:71:5a:8e:0b:07:ba:0f:95:98:d6:d8:db:
99:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:1C:93:24:0A:7D:E3:5B:72:6D:42:2C:7B:13:BB:A8:8B:8B:AC:EE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fByTJAp941tybUIsexO7qIuLrO4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:db:58:20:bb:f4:10:86:b8:b7:4f:0d:e9:61:d1:ad:c6:83:
c9:fe:a9:f9:5b:01:02:55:34:b3:1c:4e:92:3e:31:64:22:c9:
b4:b2:75:4e:5b:c1:12:cd:21:46:89:53:e6:1f:04:f2:ff:6c:
ff:d3:01:76:25:00:8a:52:b0:20:8b:a3:ea:d0:33:9c:cc:5c:
b7:3d:31:d3:c7:ae:d6:96:62:cb:c8:5f:85:f8:8b:01:31:b9:
f9:e4:c9:0c:18:05:e3:7a:d2:3a:3a:b2:af:ae:a8:39:96:6b:
da:bd:38:76:e7:e6:7e:ff:54:3d:a8:74:12:5a:35:2e:9b:cf:
b5:fe:7e:a6:66:a0:27:58:f1:a1:a3:d6:a4:b5:60:94:e5:83:
53:dd:92:9b:ef:a1:37:a1:a8:7a:9a:0b:86:de:52:df:c8:ac:
e7:44:1d:62:db:fd:06:34:ab:4a:68:a2:d4:a2:70:16:59:89:
0e:65:94:9d:1d:bf:a7:5e:42:d4:cc:79:10:35:bf:fe:1e:4c:
75:1c:3d:56:e5:4f:0f:9b:dd:f0:f1:2e:b3:c9:ef:3c:6e:15:
ad:0e:3b:3b:05:bd:e6:7f:95:3d:c2:72:99:d4:a1:ba:84:4d:
30:43:4d:09:0d:6b:2b:73:80:fc:f7:83:1e:3d:b5:32:7b:7c:
97:84:42:dc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICS2YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjkw
MjUzMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdDMUM5MzI0MEE3REUz
NUI3MjZENDIyQzdCMTNCQkE4OEI4QkFDRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOxNJ0qR7koX+6k3YWIZMgrVVCGDZTnnOSkK0tvIr+34PRBPy4
WHa5+tHx+eJbJmLyfjXn4SoOT+LKCyDSnV8mGiL0Gk8/VQaBz88Hh+zBOWRehXcQ
pDrPWqTqy7QegEEkkJzcNVS870iKh/CH/PyQgaEZU4CchEFL644WRmdtjYkjLVGx
MLVGjR0p9FEQCc58miIWrv/UkG2n6f+ixk93O5Qe6JZJJHgpm1TX4e+vZPDra24H
eGfmEZfB3O1GXceV/v/KlOschl+XaB06otW9ZRNsDrFLf1gl7QMMEFarEDUKibLN
QrmtERIlhX5ovxGxTHFajgsHug+VmNbY25mTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUfByTJAp941tybUIsexO7qIuLrO4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ZCeVRKQXA5NDF0eWJV
SXNleE83cUl1THJPNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAettYILv0EIa4t08N6WHRrcaDyf6p+VsB
AlU0sxxOkj4xZCLJtLJ1TlvBEs0hRolT5h8E8v9s/9MBdiUAilKwIIuj6tAznMxc
tz0x08eu1pZiy8hfhfiLATG5+eTJDBgF43rSOjqyr66oOZZr2r04dufmfv9UPah0
Elo1LpvPtf5+pmagJ1jxoaPWpLVglOWDU92Sm++hN6GoepoLht5S38is50QdYtv9
BjSrSmii1KJwFlmJDmWUnR2/p15C1Mx5EDW//h5MdRw9VuVPD5vd8PEus8nvPG4V
rQ47OwW95n+VPcJymdShuoRNMENNCQ1rK3OA/PeDHj21Mnt8l4RC3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:38 2024 by rpki-client on console-fra.rpki-client.org