Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ijoDIO2kaiWgeqLRHC2HIM466ks.roa
File: ijoDIO2kaiWgeqLRHC2HIM466ks.roa (raw, json)
Hash identifier: gihOytLl9E4Se09CkMA/2svNt56Xgmogs2mpFqYi/M4=
Subject key identifier: 8A:3A:03:20:ED:A4:6A:25:A0:7A:A2:D1:1C:2D:87:20:CE:3A:EA:4B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36FE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ijoDIO2kaiWgeqLRHC2HIM466ks.roa
Signing time: Mon 01 Apr 2024 21:52:14 +0000
ROA not before: Mon 01 Apr 2024 21:52:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14078 (0x36fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 21:52:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8A3A0320EDA46A25A07AA2D11C2D8720CE3AEA4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b8:26:a7:47:b2:93:d0:6f:f7:21:0e:5d:f0:
62:7a:94:86:40:2b:c4:c7:d5:10:35:ca:c1:c3:f2:
e9:63:4d:2c:5a:47:19:e1:cb:a1:39:c6:a4:fc:c2:
97:f5:25:8a:2c:0b:1b:f9:c4:24:47:a4:d1:20:af:
75:1e:d3:77:50:22:ff:aa:50:d1:a6:a3:66:7c:3f:
4e:71:25:96:e0:ee:8e:b6:7b:15:d2:bd:09:04:98:
ad:e3:04:50:18:d0:67:50:db:cc:ef:c2:b3:91:c0:
fb:30:09:04:90:1d:e0:40:00:02:c9:d1:61:bf:17:
dd:a9:c3:b2:05:0f:30:85:35:0b:1f:4d:52:74:7f:
49:a2:7f:48:45:73:c2:e7:ff:f5:ed:7b:c2:a7:4d:
a2:65:5a:67:07:cb:62:5b:15:43:46:86:50:31:ba:
70:76:37:66:30:4e:52:90:69:74:3a:15:82:c2:6c:
44:d4:ba:47:0e:82:cf:7b:5d:55:17:a0:40:a1:e2:
d5:69:b8:3e:27:3f:36:ad:a7:a0:31:ad:4b:aa:94:
eb:c0:65:cf:b4:6f:a4:11:34:4c:10:ff:72:a2:45:
41:9e:12:d2:73:b1:6d:f8:24:b1:1a:b9:99:1c:36:
b8:9c:4b:82:b3:cc:12:b2:3d:a3:e6:f7:ce:04:65:
f8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:3A:03:20:ED:A4:6A:25:A0:7A:A2:D1:1C:2D:87:20:CE:3A:EA:4B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ijoDIO2kaiWgeqLRHC2HIM466ks.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:e9:5f:df:c9:8d:3f:ee:b4:f0:6c:0a:bd:88:50:f5:c2:88:
88:7b:c8:2f:56:54:45:85:ff:3e:f9:50:65:c4:b6:6a:4a:03:
eb:50:2b:ac:9c:6d:47:1d:70:f2:a6:26:49:c8:65:56:fc:81:
14:3d:55:02:7a:5f:a7:86:5e:29:50:a3:6e:3a:d6:06:73:aa:
d0:2f:81:44:ec:7c:a7:78:dd:2e:60:8b:31:77:08:a3:bc:6b:
e5:2b:e8:59:68:12:6d:d1:8f:b1:4c:95:8e:55:5c:77:e9:8e:
49:2a:6b:51:4d:2c:7a:04:7f:a2:c2:2f:89:e1:05:80:db:07:
a8:e7:2e:b3:a2:d2:26:58:20:c9:92:6b:3f:3b:fc:8a:06:a8:
ef:4f:e0:38:5e:68:b0:f4:74:4e:82:cb:b1:93:c6:91:32:64:
fd:ac:b6:5c:9a:9c:1b:1e:f9:cd:67:4f:f4:5d:b9:72:a0:ed:
b2:2f:a4:46:ac:74:ba:29:c7:25:e2:87:57:97:06:bb:f8:66:
c6:96:9c:af:e6:a9:37:76:0f:17:27:42:c5:e9:48:08:39:d1:
2d:ae:27:43:96:18:d4:47:20:32:13:8b:e3:e4:15:4b:fa:6b:
73:2d:cf:7e:24:bc:60:c5:d7:de:fb:ed:6c:b6:12:63:70:7f:
b8:77:56:8e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNv4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEy
MTUyMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhBM0EwMzIwRURBNDZB
MjVBMDdBQTJEMTFDMkQ4NzIwQ0UzQUVBNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2uCanR7KT0G/3IQ5d8GJ6lIZAK8TH1RA1ysHD8uljTSxaRxnh
y6E5xqT8wpf1JYosCxv5xCRHpNEgr3Ue03dQIv+qUNGmo2Z8P05xJZbg7o62exXS
vQkEmK3jBFAY0GdQ28zvwrORwPswCQSQHeBAAALJ0WG/F92pw7IFDzCFNQsfTVJ0
f0mif0hFc8Ln//Xte8KnTaJlWmcHy2JbFUNGhlAxunB2N2YwTlKQaXQ6FYLCbETU
ukcOgs97XVUXoECh4tVpuD4nPzatp6AxrUuqlOvAZc+0b6QRNEwQ/3KiRUGeEtJz
sW34JLEauZkcNricS4KzzBKyPaPm984EZfhxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUijoDIO2kaiWgeqLRHC2HIM466kswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lqb0RJTzJrYWlXZ2Vx
TFJIQzJISU00NjZrcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAc+lf38mNP+608GwKvYhQ9cKIiHvIL1ZU
RYX/PvlQZcS2akoD61ArrJxtRx1w8qYmSchlVvyBFD1VAnpfp4ZeKVCjbjrWBnOq
0C+BROx8p3jdLmCLMXcIo7xr5SvoWWgSbdGPsUyVjlVcd+mOSSprUU0segR/osIv
ieEFgNsHqOcus6LSJlggyZJrPzv8igao70/gOF5osPR0ToLLsZPGkTJk/ay2XJqc
Gx75zWdP9F25cqDtsi+kRqx0uinHJeKHV5cGu/hmxpacr+apN3YPFydCxelICDnR
La4nQ5YY1EcgMhOL4+QVS/prcy3PfiS8YMXX3vvtbLYSY3B/uHdWjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:42 2024 by rpki-client on console-fra.rpki-client.org