Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fZgTksp81tgI063Haq6ltcevUOM.roa
File: fZgTksp81tgI063Haq6ltcevUOM.roa (raw, json)
Hash identifier: 8ISVT202XKOoCxf2E/yOL26DBgezEc9vuvQAufFm4+A=
Subject key identifier: 7D:98:13:92:CA:7C:D6:D8:08:D3:AD:C7:6A:AE:A5:B5:C7:AF:50:E3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 364E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fZgTksp81tgI063Haq6ltcevUOM.roa
Signing time: Sun 31 Mar 2024 23:52:10 +0000
ROA not before: Sun 31 Mar 2024 23:52:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13902 (0x364e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 23:52:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7D981392CA7CD6D808D3ADC76AAEA5B5C7AF50E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:db:3a:7e:83:27:21:58:ec:08:a3:60:a9:e7:
e7:14:4b:71:40:aa:0e:aa:68:40:b7:3e:85:95:91:
49:fa:4a:30:fd:be:f2:ff:56:80:d3:8e:a0:6b:b6:
52:1a:17:94:e7:20:30:62:21:7b:6f:64:81:0b:80:
00:0b:3c:ca:f6:bc:0e:10:e4:fe:8e:44:53:74:49:
7a:cd:7d:4d:4d:3f:72:e2:9e:06:62:f5:30:06:a3:
b3:fb:60:a8:5a:94:7a:ad:31:bf:69:bd:fe:78:c7:
ff:7b:0a:8e:98:47:2d:c9:f2:27:db:26:a2:8b:04:
2a:fd:38:63:fe:f6:da:bd:98:ec:8f:59:3c:7a:95:
f2:ba:5e:bd:ca:41:0d:9f:8b:0f:d1:f2:87:5d:48:
6e:a2:8d:38:c9:29:0f:d6:4e:2c:d2:e5:88:ed:f8:
67:7c:62:fe:d3:5f:21:78:02:ec:64:92:97:95:94:
9d:57:e6:81:9f:d0:08:d0:6e:18:33:0b:f3:bd:e6:
78:5f:14:0e:c8:55:28:7b:42:45:36:99:24:96:54:
c9:f0:e9:04:1d:32:41:81:d9:c7:23:8b:47:53:5d:
36:ac:85:10:a9:85:04:ad:c4:9e:c4:a2:ea:e3:d7:
58:ca:67:ee:42:a2:d7:c3:c5:85:7f:1a:92:6e:dc:
30:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:98:13:92:CA:7C:D6:D8:08:D3:AD:C7:6A:AE:A5:B5:C7:AF:50:E3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fZgTksp81tgI063Haq6ltcevUOM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:01:5f:fc:34:c5:4a:63:f6:2f:44:60:a9:fc:2b:0e:ff:d4:
ef:6e:f1:fd:fa:f7:53:de:77:d1:83:69:4b:6c:63:f3:32:a1:
c5:72:de:78:03:c9:1c:c2:c1:84:a0:f8:1f:00:b7:13:47:e8:
01:fa:99:fa:de:b5:4e:07:17:f7:a8:8a:79:fc:77:95:51:76:
87:dc:8c:39:93:5d:8c:ea:7f:8b:71:e2:1b:7e:5c:b0:02:b6:
b2:96:11:27:28:8d:07:80:5f:6d:eb:01:e5:d5:3f:da:01:32:
5a:c1:0b:b5:8a:95:ee:40:f6:46:7e:d8:cc:83:9d:64:8e:85:
be:93:a0:bd:c3:4a:60:3c:c5:d9:84:86:b3:7e:cd:b4:5d:a8:
e7:9b:55:31:4f:d0:1d:3b:27:8f:05:88:47:a0:e8:f6:50:03:
b9:37:eb:aa:69:18:11:f6:59:8d:7e:a6:0f:5a:ef:74:51:ea:
80:6b:b4:1f:ec:d6:26:7f:0b:15:ab:cf:28:8a:63:98:93:d0:
a0:ce:95:e1:ea:29:32:49:ef:af:89:46:99:24:19:d5:53:af:
a0:21:90:f3:fa:e6:8d:95:b6:bf:a2:c6:57:88:1d:ba:4f:eb:
4d:70:e7:e0:0e:cb:74:f6:cb:cc:49:00:ff:a2:88:ab:a2:6e:
2c:05:e8:31
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNk4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEy
MzUyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdEOTgxMzkyQ0E3Q0Q2
RDgwOEQzQURDNzZBQUVBNUI1QzdBRjUwRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC72zp+gychWOwIo2Cp5+cUS3FAqg6qaEC3PoWVkUn6SjD9vvL/
VoDTjqBrtlIaF5TnIDBiIXtvZIELgAALPMr2vA4Q5P6ORFN0SXrNfU1NP3LingZi
9TAGo7P7YKhalHqtMb9pvf54x/97Co6YRy3J8ifbJqKLBCr9OGP+9tq9mOyPWTx6
lfK6Xr3KQQ2fiw/R8oddSG6ijTjJKQ/WTizS5Yjt+Gd8Yv7TXyF4AuxkkpeVlJ1X
5oGf0AjQbhgzC/O95nhfFA7IVSh7QkU2mSSWVMnw6QQdMkGB2ccji0dTXTashRCp
hQStxJ7Eourj11jKZ+5CotfDxYV/GpJu3DD5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUfZgTksp81tgI063Haq6ltcevUOMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ZaZ1Rrc3A4MXRnSTA2
M0hhcTZsdGNldlVPTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAjgFf/DTFSmP2L0RgqfwrDv/U727x/fr3
U9530YNpS2xj8zKhxXLeeAPJHMLBhKD4HwC3E0foAfqZ+t61TgcX96iKefx3lVF2
h9yMOZNdjOp/i3HiG35csAK2spYRJyiNB4BfbesB5dU/2gEyWsELtYqV7kD2Rn7Y
zIOdZI6FvpOgvcNKYDzF2YSGs37NtF2o55tVMU/QHTsnjwWIR6Do9lADuTfrqmkY
EfZZjX6mD1rvdFHqgGu0H+zWJn8LFavPKIpjmJPQoM6V4eopMknvr4lGmSQZ1VOv
oCGQ8/rmjZW2v6LGV4gduk/rTXDn4A7LdPbLzEkA/6KIq6JuLAXoMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:38 2024 by rpki-client on console-fra.rpki-client.org