Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/l0nEIt63YmXCQmD87LEBhMmrYMM.roa
File: l0nEIt63YmXCQmD87LEBhMmrYMM.roa (raw, json)
Hash identifier: iTlLzX2mdMFMVS1u8iDk/xogWm46cuNbWIzgs1eStYk=
Subject key identifier: 97:49:C4:22:DE:B7:62:65:C2:42:60:FC:EC:B1:01:84:C9:AB:60:C3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 54F2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/l0nEIt63YmXCQmD87LEBhMmrYMM.roa
Signing time: Sat 11 May 2024 20:24:03 +0000
ROA not before: Sat 11 May 2024 20:24:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21746 (0x54f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 20:24:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9749C422DEB76265C24260FCECB10184C9AB60C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:aa:5b:16:89:67:3d:d3:32:b9:4c:cb:ed:8c:
cc:fa:47:d9:e5:92:d0:6b:6a:c5:39:60:59:9d:65:
95:72:f9:49:c8:7c:9e:81:52:b4:4a:5b:07:af:54:
7c:bf:c7:f1:7f:03:03:c9:34:b7:8d:96:df:0e:ba:
6f:d9:c5:71:22:35:66:f2:61:70:ad:b6:3a:69:83:
46:c5:0b:7a:b2:04:ab:ad:bf:72:9d:49:50:43:1c:
25:2f:b6:01:81:4f:af:33:1f:fa:18:92:95:19:74:
61:be:ab:52:31:d8:48:56:75:84:cc:12:5c:e8:96:
69:87:02:83:34:2a:fb:5f:0c:24:0d:51:00:e4:e0:
14:a8:37:bd:93:84:c7:72:05:b4:0b:37:76:df:24:
46:81:0c:b5:7d:e5:79:30:e9:77:08:55:8b:c8:de:
ef:c3:12:1e:de:a6:53:79:51:91:df:e7:26:3d:20:
29:ae:22:09:c4:bd:ea:70:d0:b8:9a:f7:05:ec:c7:
77:2f:33:7a:14:5d:da:3e:29:27:47:98:d9:ce:d5:
e9:07:d1:ba:92:c0:11:2d:22:7b:33:c4:66:c9:c8:
6c:55:54:69:9b:23:f5:7d:8c:06:04:ce:c4:b3:a8:
94:6d:eb:39:25:1e:5f:ca:bd:fa:d0:4d:94:ac:d1:
85:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:49:C4:22:DE:B7:62:65:C2:42:60:FC:EC:B1:01:84:C9:AB:60:C3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/l0nEIt63YmXCQmD87LEBhMmrYMM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:7a:10:72:2c:a5:3f:56:27:4d:da:11:3b:1c:52:f8:07:31:
65:c4:fd:1f:39:2e:3e:fd:52:25:31:0d:11:bf:74:c5:21:aa:
ba:a1:e0:d6:c9:b3:65:ae:b7:28:ad:31:cf:47:c1:dd:cf:69:
99:d4:1f:2c:76:71:69:8e:c3:00:03:e5:17:6e:8d:2b:fe:04:
08:21:1f:89:2f:51:71:61:a2:7c:5f:8a:8d:98:e6:66:0f:47:
de:d5:ea:b0:6b:46:6b:4a:e3:38:dc:e4:6b:2d:aa:67:72:ab:
7e:79:9c:cc:42:ea:f6:1f:cd:65:74:10:a9:ba:00:36:69:94:
c5:0e:94:31:17:15:d2:15:c1:6d:72:fe:8c:e7:f8:a9:b0:fa:
55:83:24:5e:43:1a:c9:3b:19:c3:24:35:6c:85:ac:f0:2d:a4:
cc:0e:39:db:61:5a:4b:d5:8f:f9:de:4d:c0:e5:11:39:07:44:
41:c2:56:32:7a:20:d6:4d:13:94:19:4a:25:41:63:43:39:fd:
0e:87:1c:a0:7a:46:d5:d1:86:ef:10:af:f1:88:75:d7:c2:36:
7c:a4:6d:bd:c8:ed:38:3c:38:d2:6d:28:0a:8e:9a:45:44:91:
7e:84:2e:d8:bc:25:33:d0:57:f5:8f:1c:7a:5e:6e:d4:83:fd:
64:d7:12:67
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVPIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEy
MDI0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3NDlDNDIyREVCNzYy
NjVDMjQyNjBGQ0VDQjEwMTg0QzlBQjYwQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAqlsWiWc90zK5TMvtjMz6R9nlktBrasU5YFmdZZVy+UnIfJ6B
UrRKWwevVHy/x/F/AwPJNLeNlt8Oum/ZxXEiNWbyYXCttjppg0bFC3qyBKutv3Kd
SVBDHCUvtgGBT68zH/oYkpUZdGG+q1Ix2EhWdYTMElzolmmHAoM0KvtfDCQNUQDk
4BSoN72ThMdyBbQLN3bfJEaBDLV95Xkw6XcIVYvI3u/DEh7eplN5UZHf5yY9ICmu
IgnEvepw0Lia9wXsx3cvM3oUXdo+KSdHmNnO1ekH0bqSwBEtInszxGbJyGxVVGmb
I/V9jAYEzsSzqJRt6zklHl/KvfrQTZSs0YWzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUl0nEIt63YmXCQmD87LEBhMmrYMMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2wwbkVJdDYzWW1YQ1Ft
RDg3TEVCaE1tcllNTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAZXoQciylP1YnTdoROxxS+AcxZcT9Hzku
Pv1SJTENEb90xSGquqHg1smzZa63KK0xz0fB3c9pmdQfLHZxaY7DAAPlF26NK/4E
CCEfiS9RcWGifF+KjZjmZg9H3tXqsGtGa0rjONzkay2qZ3KrfnmczELq9h/NZXQQ
qboANmmUxQ6UMRcV0hXBbXL+jOf4qbD6VYMkXkMayTsZwyQ1bIWs8C2kzA4522Fa
S9WP+d5NwOUROQdEQcJWMnog1k0TlBlKJUFjQzn9DoccoHpG1dGG7xCv8Yh118I2
fKRtvcjtODw40m0oCo6aRUSRfoQu2LwlM9BX9Y8cel5u1IP9ZNcSZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org