Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/i0--ETknPUdfCCVlg2vGMZyXlkM.roa
File: i0--ETknPUdfCCVlg2vGMZyXlkM.roa (raw, json)
Hash identifier: DGKShpdmalstPTdC8dZM8auNx++SrjKrnNJQTAAH95c=
Subject key identifier: 8B:4F:BE:11:39:27:3D:47:5F:08:25:65:83:6B:C6:31:9C:97:96:43
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47DE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/i0--ETknPUdfCCVlg2vGMZyXlkM.roa
Signing time: Wed 24 Apr 2024 09:53:16 +0000
ROA not before: Wed 24 Apr 2024 09:53:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18398 (0x47de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 09:53:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8B4FBE1139273D475F082565836BC6319C979643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bb:40:c7:b3:81:a8:9b:25:35:0b:1e:44:b0:
81:50:92:5d:f9:2a:65:89:fb:10:87:79:de:c4:bb:
1c:5c:9f:e9:70:83:f9:43:57:44:ae:c7:93:3c:ec:
c0:85:45:6c:5a:9a:f1:e4:2d:af:3e:55:03:55:92:
ed:09:99:d4:ee:68:1e:b2:c3:75:52:7a:21:14:be:
bc:98:c5:7c:41:dd:da:7c:ce:8b:72:e5:63:63:d0:
66:04:1a:5b:26:7b:97:60:2f:2b:91:8e:6a:fe:16:
c5:aa:e6:43:31:f9:d3:fb:b6:0f:bf:4b:26:6e:34:
9d:d7:d1:79:04:62:9a:b7:15:08:8a:91:8f:0e:d8:
db:73:95:1c:1c:11:1b:6a:c2:79:f3:72:1e:57:b7:
6c:32:dd:cf:cd:7a:b0:38:97:3a:56:55:ae:3a:09:
0b:0f:03:aa:5b:60:c6:71:08:3d:9d:54:0c:be:cd:
3f:96:3b:89:50:35:aa:9d:ab:5d:83:27:2b:d7:c7:
26:28:9c:d0:cf:bc:46:f2:01:93:d8:0b:86:af:92:
8d:0c:00:09:f1:05:fc:10:5d:31:eb:93:dd:a4:38:
c2:be:ad:2c:72:51:89:ac:c2:5f:92:5d:eb:ab:f6:
2b:cc:32:ff:03:f5:dd:b8:ec:f3:e6:1d:f0:e2:0f:
fb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:4F:BE:11:39:27:3D:47:5F:08:25:65:83:6B:C6:31:9C:97:96:43
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/i0--ETknPUdfCCVlg2vGMZyXlkM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:e3:b3:59:40:2f:c1:86:ba:10:98:24:1f:ec:8e:4c:0f:13:
82:71:60:c4:d6:d5:08:4a:e3:64:1c:ee:15:df:a0:9d:9b:bc:
86:cc:72:0b:46:74:29:64:7d:a7:f9:2e:85:b2:62:01:db:e2:
f7:ce:9e:cc:39:08:f4:11:7b:3f:3a:9b:d1:65:bd:4d:43:55:
38:b3:64:de:45:26:65:99:8a:9b:fb:f2:16:d0:ac:b7:e8:ef:
6b:ae:92:46:8b:3e:d1:29:3b:bb:ea:06:13:c8:99:71:f6:dd:
89:d8:77:d8:5d:3e:a3:44:11:ab:d3:1d:83:a2:e9:04:d3:18:
7e:0a:4a:50:95:18:c5:e2:e5:c0:3b:68:53:b9:e8:89:84:90:
6f:92:92:42:b9:4c:a1:1d:a0:55:85:75:e5:e5:2c:58:aa:f9:
9d:08:f3:3d:65:f1:55:14:d5:ad:0e:50:f8:42:dd:c0:61:04:
82:ce:c0:37:f6:e4:7c:f5:76:13:ce:03:01:e6:ff:b6:90:d0:
0f:f3:cc:e4:fc:06:e2:2a:1a:f7:1a:1d:9d:b2:87:75:04:f7:
7f:74:c3:ab:b8:1b:35:3b:ed:c6:42:32:42:d2:7a:18:bc:15:
bf:e8:ed:49:5b:ca:1c:a1:39:42:1f:b5:2f:28:b1:98:ba:c1:
43:f8:14:fd
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR94wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
OTUzMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhCNEZCRTExMzkyNzNE
NDc1RjA4MjU2NTgzNkJDNjMxOUM5Nzk2NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPu0DHs4GomyU1Cx5EsIFQkl35KmWJ+xCHed7Euxxcn+lwg/lD
V0Sux5M87MCFRWxamvHkLa8+VQNVku0JmdTuaB6yw3VSeiEUvryYxXxB3dp8zoty
5WNj0GYEGlsme5dgLyuRjmr+FsWq5kMx+dP7tg+/SyZuNJ3X0XkEYpq3FQiKkY8O
2NtzlRwcERtqwnnzch5Xt2wy3c/NerA4lzpWVa46CQsPA6pbYMZxCD2dVAy+zT+W
O4lQNaqdq12DJyvXxyYonNDPvEbyAZPYC4avko0MAAnxBfwQXTHrk92kOMK+rSxy
UYmswl+SXeur9ivMMv8D9d247PPmHfDiD/uZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUi0++ETknPUdfCCVlg2vGMZyXlkMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2kwLS1FVGtuUFVkZkND
VmxnMnZHTVp5WGxrTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAO+OzWUAvwYa6EJgkH+yOTA8TgnFgxNbV
CErjZBzuFd+gnZu8hsxyC0Z0KWR9p/kuhbJiAdvi986ezDkI9BF7Pzqb0WW9TUNV
OLNk3kUmZZmKm/vyFtCst+jva66SRos+0Sk7u+oGE8iZcfbdidh32F0+o0QRq9Md
g6LpBNMYfgpKUJUYxeLlwDtoU7noiYSQb5KSQrlMoR2gVYV15eUsWKr5nQjzPWXx
VRTVrQ5Q+ELdwGEEgs7AN/bkfPV2E84DAeb/tpDQD/PM5PwG4ioa9xodnbKHdQT3
f3TDq7gbNTvtxkIyQtJ6GLwVv+jtSVvKHKE5Qh+1LyixmLrBQ/gU/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:41 2024 by rpki-client on console-fra.rpki-client.org