Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lXzUApc8j2QZvZj-LevuHz3V1BY.roa
File: lXzUApc8j2QZvZj-LevuHz3V1BY.roa (raw, json)
Hash identifier: ziPHH3619wmauo6H4NOMEZJIs4Wc7d3C/0gXfhBFJWs=
Subject key identifier: 95:7C:D4:02:97:3C:8F:64:19:BD:98:FE:2D:EB:EE:1F:3D:D5:D4:16
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D36
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lXzUApc8j2QZvZj-LevuHz3V1BY.roa
Signing time: Wed 01 May 2024 12:53:38 +0000
ROA not before: Wed 01 May 2024 12:53:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19766 (0x4d36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 12:53:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=957CD402973C8F6419BD98FE2DEBEE1F3DD5D416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:52:b5:4c:af:b9:af:51:3b:92:05:84:d1:dc:
7b:da:b4:4b:c7:83:17:7a:ae:11:ef:e4:63:34:fa:
a6:47:9f:0e:89:ff:80:7d:e8:80:73:0a:29:35:92:
c6:6b:b7:09:02:73:09:38:5f:1f:93:8b:5d:69:dc:
51:10:de:aa:4e:52:ff:60:c8:bc:22:7c:5b:6e:09:
cd:12:ed:a4:24:bb:ee:01:8b:3a:c7:f2:52:8f:eb:
cd:a8:34:a3:59:8d:21:37:d7:7f:3e:d5:8e:21:af:
87:4c:64:45:41:c7:e3:dc:39:73:8e:c0:d4:af:1b:
96:0a:d2:64:a6:14:c5:cd:01:81:30:30:06:c4:5a:
f0:09:8c:0c:65:bd:1d:1c:40:14:d8:55:dc:0d:1a:
4a:a7:74:28:ed:b6:5b:5f:89:ed:33:34:b1:98:77:
3b:a4:85:f1:23:62:bb:6b:a3:2f:d8:19:63:3a:5a:
64:d4:96:57:ab:d3:68:60:59:28:2b:94:11:8c:9e:
ec:33:da:2a:e6:bd:f7:8a:ac:f0:f0:0e:b7:3a:fe:
da:f9:76:f8:27:64:9e:16:1f:1b:d8:74:71:94:b8:
44:c8:55:16:92:29:03:55:c4:f5:11:fd:70:ff:63:
11:20:03:af:e0:c7:1d:ac:16:e5:6a:b8:b0:3a:96:
b5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:7C:D4:02:97:3C:8F:64:19:BD:98:FE:2D:EB:EE:1F:3D:D5:D4:16
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lXzUApc8j2QZvZj-LevuHz3V1BY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:55:78:b7:d2:91:3e:f7:c9:23:64:9e:9c:5a:12:e4:47:b9:
91:98:84:d9:2c:db:f2:a2:81:aa:da:a0:76:6a:b0:7c:c9:3a:
72:76:1c:b3:34:5f:8a:34:5b:17:2f:b0:f4:63:31:04:e0:2c:
3a:8a:23:22:47:6b:c6:3f:05:59:a9:e6:bb:b4:9b:77:64:79:
4d:83:c7:31:a3:68:45:fa:28:2e:bf:26:02:85:80:e2:4d:ed:
52:eb:a8:f8:a6:f7:93:89:69:79:e6:e1:55:2c:eb:5d:74:cc:
24:33:03:c0:52:a7:14:a2:a7:0a:69:c4:13:57:93:7a:eb:a1:
3e:ea:e2:b4:aa:8f:a1:c4:43:fd:07:3e:4b:5d:46:42:84:cf:
c6:47:25:c3:80:35:05:1c:dd:8a:a4:22:14:bf:fb:a1:df:57:
98:9c:0a:f0:db:a5:6f:24:1c:86:d3:f6:ed:bd:e3:02:e9:b6:
5a:b3:bd:47:5b:06:26:ee:fb:0d:b0:25:16:90:ec:6b:8e:46:
b2:94:ca:4a:29:25:28:d0:c8:38:5e:69:d1:dc:28:78:36:08:
03:9b:18:46:6e:06:bd:6c:59:dc:36:c1:a2:d3:d5:b7:e2:e4:
f7:0d:66:b9:fd:9c:3f:a9:18:79:7f:13:67:30:47:01:09:89:
1f:73:af:e4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTTYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEx
MjUzMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk1N0NENDAyOTczQzhG
NjQxOUJEOThGRTJERUJFRTFGM0RENUQ0MTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPUrVMr7mvUTuSBYTR3HvatEvHgxd6rhHv5GM0+qZHnw6J/4B9
6IBzCik1ksZrtwkCcwk4Xx+Ti11p3FEQ3qpOUv9gyLwifFtuCc0S7aQku+4BizrH
8lKP682oNKNZjSE3138+1Y4hr4dMZEVBx+PcOXOOwNSvG5YK0mSmFMXNAYEwMAbE
WvAJjAxlvR0cQBTYVdwNGkqndCjttltfie0zNLGYdzukhfEjYrtroy/YGWM6WmTU
ller02hgWSgrlBGMnuwz2irmvfeKrPDwDrc6/tr5dvgnZJ4WHxvYdHGUuETIVRaS
KQNVxPUR/XD/YxEgA6/gxx2sFuVquLA6lrXlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUlXzUApc8j2QZvZj+LevuHz3V1BYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xYelVBcGM4ajJRWnZa
ai1MZXZ1SHozVjFCWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAXlV4t9KRPvfJI2SenFoS5Ee5kZiE2Szb
8qKBqtqgdmqwfMk6cnYcszRfijRbFy+w9GMxBOAsOoojIkdrxj8FWanmu7Sbd2R5
TYPHMaNoRfooLr8mAoWA4k3tUuuo+Kb3k4lpeebhVSzrXXTMJDMDwFKnFKKnCmnE
E1eTeuuhPuritKqPocRD/Qc+S11GQoTPxkclw4A1BRzdiqQiFL/7od9XmJwK8Nul
byQchtP27b3jAum2WrO9R1sGJu77DbAlFpDsa45GspTKSiklKNDIOF5p0dwoeDYI
A5sYRm4GvWxZ3DbBotPVt+Lk9w1muf2cP6kYeX8TZzBHAQmJH3Ov5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:06 2024 by rpki-client on console-ams.rpki-client.org