Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/gZC0GnYkQvBaVNHQ6tn6J4_ZJaU.roa
File: gZC0GnYkQvBaVNHQ6tn6J4_ZJaU.roa (raw, json)
Hash identifier: mFXJW2Z17fTfYI/EeQwYrU2uTDIm4cY9IXHs4VgEHC0=
Subject key identifier: 81:90:B4:1A:76:24:42:F0:5A:54:D1:D0:EA:D9:FA:27:8F:D9:25:A5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 342A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gZC0GnYkQvBaVNHQ6tn6J4_ZJaU.roa
Signing time: Fri 29 Mar 2024 03:22:03 +0000
ROA not before: Fri 29 Mar 2024 03:22:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13354 (0x342a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 03:22:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8190B41A762442F05A54D1D0EAD9FA278FD925A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f7:1e:ee:e4:12:eb:90:83:72:01:f3:c1:72:
04:7e:31:23:a0:49:37:43:0b:c5:c3:7c:56:86:a9:
47:af:de:7f:e0:d7:e8:04:80:3d:cd:b2:10:1c:21:
18:b6:62:c4:42:ff:17:9c:10:70:c1:84:ee:e3:0b:
84:2d:2e:3d:90:7e:71:8f:9d:72:cf:c9:26:aa:7f:
93:8f:89:a6:6e:b4:e0:65:3d:eb:63:70:b8:ab:2b:
cd:8a:c2:ca:29:54:7d:ca:f4:54:9d:8b:6c:7f:1e:
ed:d8:77:0e:86:eb:6d:5c:74:79:42:9e:25:fd:d5:
ce:ff:b9:5d:06:3b:1a:95:64:e2:6c:ef:5c:3e:22:
9c:d0:2c:8e:23:a1:f0:3e:48:ee:eb:7e:6b:c2:88:
89:6c:b0:88:67:0a:72:fa:a4:d4:73:0d:42:f4:c9:
e7:b2:83:64:ec:d9:6c:6c:ce:d5:14:24:eb:49:5a:
55:25:ab:6a:5c:59:22:bf:e1:3d:0d:c8:8d:92:c6:
26:8a:0c:42:4c:23:c3:49:6c:02:e0:34:82:1d:57:
0a:0b:fa:53:fc:28:1a:3f:aa:c4:03:60:9f:9c:22:
3c:8d:c5:d4:ac:c2:c1:f4:c9:cd:25:1e:0a:f9:5c:
98:96:c8:00:4b:5c:08:6d:6d:e2:93:0b:c4:0d:00:
47:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:90:B4:1A:76:24:42:F0:5A:54:D1:D0:EA:D9:FA:27:8F:D9:25:A5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gZC0GnYkQvBaVNHQ6tn6J4_ZJaU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:43:98:23:28:01:d2:9a:6c:66:df:63:81:ae:cc:ee:7a:05:
a0:6b:e4:33:17:f0:78:10:f1:79:a7:27:55:ef:d4:1d:cf:41:
4d:ad:cb:34:5d:23:5f:95:6e:a2:24:6f:f5:37:fc:70:ee:ff:
e8:09:79:f5:cf:2b:b1:fd:5c:f7:25:6f:04:52:ce:85:bc:de:
3b:49:88:a7:5e:0b:26:50:fa:bc:8a:77:75:5c:ee:bd:92:47:
8a:0d:f4:85:ae:6b:96:09:6c:4a:ab:12:77:fe:60:66:49:e2:
05:00:4f:30:33:5e:7d:0a:87:77:e0:1b:59:07:01:25:2c:63:
02:97:f0:2a:92:93:67:94:a1:ff:58:81:1e:6a:60:58:fd:aa:
08:8d:5b:b1:6f:7d:2a:89:40:77:bb:4f:0f:be:9f:bf:8c:57:
a5:98:85:e8:bb:e8:eb:56:0a:0f:93:a5:51:f4:37:0b:0c:fa:
e8:c8:10:5a:72:3f:c6:55:cc:40:3d:ad:68:59:e8:ec:6b:72:
94:d5:ce:8d:6d:95:88:ea:5d:c5:ac:f0:f8:82:60:30:c2:6e:
20:2c:a8:73:d1:79:52:23:6c:33:d8:84:dd:ff:04:b5:37:08:
22:d7:69:d8:50:ac:cf:f1:a4:fd:db:e2:85:72:d8:91:b4:9f:
42:9c:90:bb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNCowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
MzIyMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgxOTBCNDFBNzYyNDQy
RjA1QTU0RDFEMEVBRDlGQTI3OEZEOTI1QTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu9x7u5BLrkINyAfPBcgR+MSOgSTdDC8XDfFaGqUev3n/g1+gE
gD3NshAcIRi2YsRC/xecEHDBhO7jC4QtLj2QfnGPnXLPySaqf5OPiaZutOBlPetj
cLirK82KwsopVH3K9FSdi2x/Hu3Ydw6G621cdHlCniX91c7/uV0GOxqVZOJs71w+
IpzQLI4jofA+SO7rfmvCiIlssIhnCnL6pNRzDUL0yeeyg2Ts2WxsztUUJOtJWlUl
q2pcWSK/4T0NyI2SxiaKDEJMI8NJbALgNIIdVwoL+lP8KBo/qsQDYJ+cIjyNxdSs
wsH0yc0lHgr5XJiWyABLXAhtbeKTC8QNAEctAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUgZC0GnYkQvBaVNHQ6tn6J4/ZJaUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2daQzBHbllrUXZCYVZO
SFE2dG42SjRfWkphVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQUOYIygB0ppsZt9jga7M7noFoGvkMxfw
eBDxeacnVe/UHc9BTa3LNF0jX5VuoiRv9Tf8cO7/6Al59c8rsf1c9yVvBFLOhbze
O0mIp14LJlD6vIp3dVzuvZJHig30ha5rlglsSqsSd/5gZkniBQBPMDNefQqHd+Ab
WQcBJSxjApfwKpKTZ5Sh/1iBHmpgWP2qCI1bsW99KolAd7tPD76fv4xXpZiF6Lvo
61YKD5OlUfQ3Cwz66MgQWnI/xlXMQD2taFno7GtylNXOjW2ViOpdxazw+IJgMMJu
ICyoc9F5UiNsM9iE3f8EtTcIItdp2FCsz/Gk/dvihXLYkbSfQpyQuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:01 2024 by rpki-client on console-ams.rpki-client.org