Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/i7ScTTZNcliIRoVYceek1rb-_nk.roa
File: i7ScTTZNcliIRoVYceek1rb-_nk.roa (raw, json)
Hash identifier: 1Nkva2/bBovOhJtNh5PLPi38atLpXVdU/5SpJJRFv/M=
Subject key identifier: 8B:B4:9C:4D:36:4D:72:58:88:46:85:58:71:E7:A4:D6:B6:FE:FE:79
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41A6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/i7ScTTZNcliIRoVYceek1rb-_nk.roa
Signing time: Tue 16 Apr 2024 02:52:55 +0000
ROA not before: Tue 16 Apr 2024 02:52:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16806 (0x41a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 02:52:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8BB49C4D364D72588846855871E7A4D6B6FEFE79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:44:58:bd:ca:4e:55:b0:be:6d:cd:7a:a1:55:
10:f5:e0:da:12:1c:a9:9e:7c:a0:c7:e6:7c:7c:8d:
22:37:e0:b0:7b:29:8c:3a:c3:e4:e9:f7:44:f8:34:
33:10:c5:7f:b6:34:9f:3d:49:4e:46:2a:61:2c:7e:
54:f9:32:95:5f:88:92:a3:88:80:2d:da:4f:6c:d2:
ff:03:b8:80:ab:c1:cb:f7:71:30:86:fe:d3:c6:38:
8d:af:ed:c0:ea:62:2e:75:74:13:e3:a4:e6:2c:c3:
07:e8:c3:f7:fd:e1:48:f6:dc:c4:c6:e3:c3:57:0d:
40:28:8d:e6:0b:8d:19:fa:ac:df:61:df:ac:87:ba:
0d:8e:18:48:1a:94:ac:52:c5:af:7b:b5:0b:03:40:
07:e5:b5:88:0d:de:63:c1:9c:6f:a0:70:4a:46:7d:
4c:aa:ff:64:7d:3f:02:4c:3a:16:67:65:d7:d0:ad:
cb:e0:79:20:12:d1:34:45:72:ed:d7:7c:f8:d7:2d:
ae:7a:65:09:d9:e8:6b:4f:6d:df:1c:bf:ce:35:38:
2d:1c:ad:14:16:b6:bf:2e:03:80:b1:10:53:12:63:
d6:2a:cd:07:ea:8e:63:2d:d8:e9:d9:34:9b:2d:8d:
a1:0c:d9:37:a6:1f:c6:ec:20:5d:5a:44:c5:5c:d7:
17:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B4:9C:4D:36:4D:72:58:88:46:85:58:71:E7:A4:D6:B6:FE:FE:79
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/i7ScTTZNcliIRoVYceek1rb-_nk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:ba:33:47:27:14:c2:8f:f7:c2:a9:88:6a:6b:b9:18:36:7d:
f0:d8:9d:ed:52:ef:6e:cb:7f:4e:fe:e7:71:1f:6e:8a:61:b8:
8a:d0:88:44:8f:c5:37:42:4c:42:db:cc:3f:7e:7b:24:20:5a:
df:99:f8:91:9b:64:db:10:0a:2a:2e:a3:d9:03:b2:2e:7d:4f:
ca:86:51:20:a2:d9:7f:33:af:1c:14:03:dc:85:7d:58:49:81:
ae:3d:1c:c5:84:0b:74:07:dd:6d:27:9c:d3:2d:56:59:75:00:
3b:36:fe:f9:10:40:fc:b6:1a:df:f5:09:9c:9b:7b:0b:4e:df:
9b:9d:35:b9:97:9e:fc:42:b1:f1:89:57:35:e8:46:53:3c:78:
b5:6f:52:dd:d1:74:32:95:7b:a0:41:ae:fa:ae:7a:54:11:72:
6b:99:39:0a:61:e9:5d:27:f8:15:a3:22:a5:65:ea:fd:cb:8d:
f7:99:c9:40:e5:b5:f6:fd:9f:bd:b3:e0:af:2f:23:e4:a5:09:
65:ca:e8:4e:c7:46:40:95:ad:92:7e:47:a9:b8:18:02:04:c0:
e4:57:c2:d5:0b:00:b5:d5:d7:ff:26:63:f0:1b:64:c3:42:0e:
71:1e:c6:1c:6b:8e:ca:4e:e5:6e:e0:7f:47:48:7a:14:b2:29:
1c:f2:9a:ba
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQaYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
MjUyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhCQjQ5QzREMzY0RDcy
NTg4ODQ2ODU1ODcxRTdBNEQ2QjZGRUZFNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLRFi9yk5VsL5tzXqhVRD14NoSHKmefKDH5nx8jSI34LB7KYw6
w+Tp90T4NDMQxX+2NJ89SU5GKmEsflT5MpVfiJKjiIAt2k9s0v8DuICrwcv3cTCG
/tPGOI2v7cDqYi51dBPjpOYswwfow/f94Uj23MTG48NXDUAojeYLjRn6rN9h36yH
ug2OGEgalKxSxa97tQsDQAfltYgN3mPBnG+gcEpGfUyq/2R9PwJMOhZnZdfQrcvg
eSAS0TRFcu3XfPjXLa56ZQnZ6GtPbd8cv841OC0crRQWtr8uA4CxEFMSY9YqzQfq
jmMt2OnZNJstjaEM2TemH8bsIF1aRMVc1xfDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUi7ScTTZNcliIRoVYceek1rb+/nkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2k3U2NUVFpOY2xpSVJv
VlljZWVrMXJiLV9uay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAjbozRycUwo/3wqmIamu5GDZ98Nid7VLv
bst/Tv7ncR9uimG4itCIRI/FN0JMQtvMP357JCBa35n4kZtk2xAKKi6j2QOyLn1P
yoZRIKLZfzOvHBQD3IV9WEmBrj0cxYQLdAfdbSec0y1WWXUAOzb++RBA/LYa3/UJ
nJt7C07fm501uZee/EKx8YlXNehGUzx4tW9S3dF0MpV7oEGu+q56VBFya5k5CmHp
XSf4FaMipWXq/cuN95nJQOW19v2fvbPgry8j5KUJZcroTsdGQJWtkn5HqbgYAgTA
5FfC1QsAtdXX/yZj8Btkw0IOcR7GHGuOyk7lbuB/R0h6FLIpHPKaug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:41 2024 by rpki-client on console-fra.rpki-client.org