Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/l1bfA5SGRipbQcnUeJk_ERTDGn4.roa
File: l1bfA5SGRipbQcnUeJk_ERTDGn4.roa (raw, json)
Hash identifier: 5DrVZdsdpAu1UlmVNr30SYVSL/4TYWrRTrSlQKxFZr8=
Subject key identifier: 97:56:DF:03:94:86:46:2A:5B:41:C9:D4:78:99:3F:11:14:C3:1A:7E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 48EE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/l1bfA5SGRipbQcnUeJk_ERTDGn4.roa
Signing time: Thu 25 Apr 2024 19:53:19 +0000
ROA not before: Thu 25 Apr 2024 19:53:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18670 (0x48ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 19:53:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9756DF039486462A5B41C9D478993F1114C31A7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d3:3c:37:7d:3b:ec:50:9e:4a:f1:1b:f3:f0:
0c:ff:cf:00:07:ba:69:fe:b1:ba:58:35:b7:70:b2:
d9:52:26:09:91:60:f5:14:54:1a:ad:ff:de:89:c7:
f0:88:80:ce:02:17:40:1e:ee:5d:e5:cf:6e:7d:fa:
e1:cb:42:ec:0b:aa:1b:8c:d7:54:ae:4e:1e:e1:7f:
ed:14:e1:5a:df:2a:15:ff:41:e9:7a:51:62:f8:9e:
03:f7:93:1f:af:bf:56:49:47:1c:e3:ad:1e:08:8c:
ea:25:57:08:79:30:12:bb:8f:d6:eb:40:d3:d8:98:
3d:7f:9d:74:4f:72:f3:0a:79:c6:67:30:87:51:b1:
15:13:cb:8a:e4:08:05:2a:30:f2:38:45:bf:43:2f:
6a:ed:19:8b:67:96:de:27:c9:c2:2f:3a:23:ae:dc:
61:74:6c:45:95:12:a7:54:5d:26:aa:67:ac:9a:a1:
4c:a8:95:bb:2a:52:07:56:57:d3:1e:34:ac:ec:1a:
9f:96:43:a9:db:b4:f9:f1:01:8e:5a:b9:45:91:ef:
67:8f:91:ca:b0:ff:b8:cf:f0:4e:12:ad:b5:8a:e4:
77:15:44:b7:54:5d:63:61:c6:47:9b:e2:ca:a9:7a:
43:09:80:ba:8d:f6:4d:4b:b9:c7:13:f7:72:27:ac:
45:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:56:DF:03:94:86:46:2A:5B:41:C9:D4:78:99:3F:11:14:C3:1A:7E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/l1bfA5SGRipbQcnUeJk_ERTDGn4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:bd:55:48:10:c9:bb:ce:a7:65:17:17:19:1e:d0:f1:3c:85:
ff:da:c5:d2:3f:57:39:1d:85:b5:da:d1:83:ba:7c:65:54:b2:
3e:d6:2c:31:2d:80:df:c1:45:7a:a6:8d:33:9b:53:96:07:a1:
b5:af:5f:e3:fa:b6:8e:8f:bb:31:0c:1c:0d:9a:99:07:7a:95:
f9:25:26:bf:53:bb:9e:56:09:4f:61:24:eb:e1:42:8d:99:43:
21:e9:da:4d:23:90:f2:57:5f:d9:98:41:90:54:35:df:43:38:
d3:f2:12:b8:e6:9e:71:d4:2a:1b:d7:6b:b3:0e:b5:7b:bd:d8:
ca:06:cb:d1:e7:1e:d7:a0:15:61:f9:f7:22:dc:ee:7b:10:a6:
fa:00:16:63:31:e3:36:97:b1:8b:c8:74:fc:c5:ec:a9:11:e5:
88:ea:14:76:37:14:e8:dc:39:cb:17:22:3c:4e:0b:0c:82:bf:
78:1e:e8:c9:ef:dd:aa:de:c3:2c:86:68:4d:9e:56:45:f3:72:
c8:4f:c4:64:09:9a:b0:0b:db:21:ba:44:b3:2a:ee:36:1d:56:
9b:18:da:a1:c3:ad:24:4c:6f:8c:e2:67:7b:c1:c4:21:a5:c4:
53:43:92:a5:0f:1f:4f:f5:59:06:c8:f5:c4:69:cc:fc:64:37:
30:28:f9:e5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSO4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUx
OTUzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3NTZERjAzOTQ4NjQ2
MkE1QjQxQzlENDc4OTkzRjExMTRDMzFBN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDe0zw3fTvsUJ5K8Rvz8Az/zwAHumn+sbpYNbdwstlSJgmRYPUU
VBqt/96Jx/CIgM4CF0Ae7l3lz259+uHLQuwLqhuM11SuTh7hf+0U4VrfKhX/Qel6
UWL4ngP3kx+vv1ZJRxzjrR4IjOolVwh5MBK7j9brQNPYmD1/nXRPcvMKecZnMIdR
sRUTy4rkCAUqMPI4Rb9DL2rtGYtnlt4nycIvOiOu3GF0bEWVEqdUXSaqZ6yaoUyo
lbsqUgdWV9MeNKzsGp+WQ6nbtPnxAY5auUWR72ePkcqw/7jP8E4SrbWK5HcVRLdU
XWNhxkeb4sqpekMJgLqN9k1LuccT93InrEVZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUl1bfA5SGRipbQcnUeJk/ERTDGn4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2wxYmZBNVNHUmlwYlFj
blVlSmtfRVJUREduNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAqr1VSBDJu86nZRcXGR7Q8TyF/9rF0j9X
OR2FtdrRg7p8ZVSyPtYsMS2A38FFeqaNM5tTlgehta9f4/q2jo+7MQwcDZqZB3qV
+SUmv1O7nlYJT2Ek6+FCjZlDIenaTSOQ8ldf2ZhBkFQ130M40/ISuOaecdQqG9dr
sw61e73YygbL0ece16AVYfn3ItzuexCm+gAWYzHjNpexi8h0/MXsqRHliOoUdjcU
6Nw5yxciPE4LDIK/eB7oye/dqt7DLIZoTZ5WRfNyyE/EZAmasAvbIbpEsyruNh1W
mxjaocOtJExvjOJne8HEIaXEU0OSpQ8fT/VZBsj1xGnM/GQ3MCj55Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org