Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ikXXOZQtVzIB0Uzl-AZdP04eaH4.roa
File: ikXXOZQtVzIB0Uzl-AZdP04eaH4.roa (raw, json)
Hash identifier: NrbPgNaK7LXl49YpVR0l2OJ9ENbzONU5Y/ayfRb9F7o=
Subject key identifier: 8A:45:D7:39:94:2D:57:32:01:D1:4C:E5:F8:06:5D:3F:4E:1E:68:7E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 507A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ikXXOZQtVzIB0Uzl-AZdP04eaH4.roa
Signing time: Sun 05 May 2024 21:23:58 +0000
ROA not before: Sun 05 May 2024 21:23:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20602 (0x507a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 21:23:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8A45D739942D573201D14CE5F8065D3F4E1E687E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:20:6d:c2:01:60:b2:bc:f0:55:e2:38:31:d4:
47:b0:f7:a5:79:c0:3c:80:40:de:bd:fe:3c:73:9f:
90:bd:c8:9b:ff:ac:88:25:3f:b5:a5:8f:54:76:d9:
ea:d9:6a:56:87:fd:4d:93:38:55:3c:9f:93:b8:bb:
cc:29:ca:dd:c6:ce:e6:d5:2f:9f:fc:ea:58:f5:d8:
88:67:a7:73:a7:5a:dc:c7:be:f4:a5:e1:08:b1:b5:
d5:e8:ff:a7:d3:9a:20:54:45:38:ee:b1:2a:7e:1b:
67:aa:40:40:9d:d8:38:0f:95:05:bc:48:92:6a:74:
f0:fd:ab:78:55:e8:93:0a:41:d4:d3:cd:77:94:82:
1a:cc:48:63:a8:cd:61:a2:46:07:19:0a:f6:7b:a8:
a6:13:75:e6:73:3b:ac:ac:b6:ed:0e:dd:50:18:3f:
34:0e:37:4a:fd:62:28:da:5d:41:6f:2e:ca:07:b2:
5d:3f:e4:d7:79:60:ab:ef:f5:5e:a6:af:86:45:3e:
fd:08:88:5e:04:ed:f7:36:b8:75:49:a6:32:09:1d:
34:e0:ce:4a:5f:8a:2e:6d:d0:a4:4a:c0:40:ab:7c:
d8:cc:14:92:fb:fc:5d:29:f2:d7:2a:d4:ed:a0:4e:
fe:ba:fc:77:c1:50:8e:ec:96:02:89:98:f8:28:87:
20:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:45:D7:39:94:2D:57:32:01:D1:4C:E5:F8:06:5D:3F:4E:1E:68:7E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ikXXOZQtVzIB0Uzl-AZdP04eaH4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:9c:dd:fd:75:20:28:f8:31:de:9d:14:9c:28:dc:34:c4:d2:
61:3f:5f:59:1c:c8:79:42:0e:0e:3f:ef:40:18:18:8a:52:11:
3f:10:95:f2:a9:4f:4d:37:29:05:b7:ff:af:d2:88:2d:b6:c8:
a0:78:fa:4f:4e:41:5f:e7:c8:3a:73:9c:c3:b0:94:0c:9f:81:
ff:c2:c1:82:2f:7d:47:92:35:fa:4d:2b:b0:37:7e:c9:f8:06:
b5:00:32:22:0e:a5:81:96:aa:b3:c6:75:e8:2d:bb:4a:c7:48:
45:99:ce:f7:95:db:d8:b6:a5:cf:5a:10:8c:72:87:68:38:ef:
33:01:93:34:20:b9:67:98:68:37:ff:84:07:0b:5e:c8:1e:a1:
a1:f9:17:33:ad:4f:af:72:9a:ae:af:39:94:ca:cd:0f:09:28:
42:0e:ee:78:9f:61:5e:ed:b0:85:d2:ec:24:e9:81:d9:68:f2:
dd:58:24:bc:fb:46:86:64:58:1b:2a:0b:00:3a:42:29:f3:1e:
de:6d:f0:d7:4d:93:b3:0f:c6:71:21:97:94:46:e9:92:08:d1:
72:93:b2:b0:62:07:68:9a:9d:f6:12:84:31:f4:b2:bb:61:97:
2b:a3:75:76:11:61:58:cf:7a:0a:15:81:6f:aa:8e:ac:a9:49:
6a:75:a4:09
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUHowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUy
MTIzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhBNDVENzM5OTQyRDU3
MzIwMUQxNENFNUY4MDY1RDNGNEUxRTY4N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcIG3CAWCyvPBV4jgx1Eew96V5wDyAQN69/jxzn5C9yJv/rIgl
P7Wlj1R22erZalaH/U2TOFU8n5O4u8wpyt3GzubVL5/86lj12Ihnp3OnWtzHvvSl
4QixtdXo/6fTmiBURTjusSp+G2eqQECd2DgPlQW8SJJqdPD9q3hV6JMKQdTTzXeU
ghrMSGOozWGiRgcZCvZ7qKYTdeZzO6ystu0O3VAYPzQON0r9YijaXUFvLsoHsl0/
5Nd5YKvv9V6mr4ZFPv0IiF4E7fc2uHVJpjIJHTTgzkpfii5t0KRKwECrfNjMFJL7
/F0p8tcq1O2gTv66/HfBUI7slgKJmPgohyAdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUikXXOZQtVzIB0Uzl+AZdP04eaH4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lrWFhPWlF0VnpJQjBV
emwtQVpkUDA0ZWFINC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAbpzd/XUgKPgx3p0UnCjcNMTSYT9fWRzI
eUIODj/vQBgYilIRPxCV8qlPTTcpBbf/r9KILbbIoHj6T05BX+fIOnOcw7CUDJ+B
/8LBgi99R5I1+k0rsDd+yfgGtQAyIg6lgZaqs8Z16C27SsdIRZnO95Xb2Lalz1oQ
jHKHaDjvMwGTNCC5Z5hoN/+EBwteyB6hofkXM61Pr3Karq85lMrNDwkoQg7ueJ9h
Xu2whdLsJOmB2Wjy3VgkvPtGhmRYGyoLADpCKfMe3m3w102Tsw/GcSGXlEbpkgjR
cpOysGIHaJqd9hKEMfSyu2GXK6N1dhFhWM96ChWBb6qOrKlJanWkCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:42 2024 by rpki-client on console-fra.rpki-client.org