Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nDVO2DDkgcPOEOXTtCnUZ3rzaHk.roa
File: nDVO2DDkgcPOEOXTtCnUZ3rzaHk.roa (raw, json)
Hash identifier: 4NeAu61UKkWxAg11epRj3JTrj+2PP8edJRE5yLkHnAo=
Subject key identifier: 9C:35:4E:D8:30:E4:81:C3:CE:10:E5:D3:B4:29:D4:67:7A:F3:68:79
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 538E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nDVO2DDkgcPOEOXTtCnUZ3rzaHk.roa
Signing time: Thu 09 May 2024 23:54:04 +0000
ROA not before: Thu 09 May 2024 23:54:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21390 (0x538e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 23:54:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9C354ED830E481C3CE10E5D3B429D4677AF36879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a3:ee:fb:94:ff:d3:4f:51:f0:84:13:cf:d0:
ff:f9:30:1d:9f:6b:fa:a3:74:9a:a7:f4:97:0d:fa:
51:be:03:51:c6:77:59:c6:46:13:e0:28:cc:0f:0e:
d9:c4:d0:f2:c2:0e:e0:22:2f:c3:80:37:a0:3e:b0:
b2:ad:46:82:99:20:fe:3e:93:77:f8:20:0d:e9:ea:
64:59:e0:5c:60:5b:a8:e6:4f:9d:c4:14:f7:a3:ef:
aa:9d:1d:29:f5:19:45:87:df:51:ab:34:e0:64:97:
f2:25:87:b0:cf:67:47:d2:be:0a:f1:05:f6:f1:a6:
8d:4a:6a:97:1b:f3:35:8c:f6:24:34:74:70:2e:6b:
b1:9b:91:d1:66:41:58:35:68:e0:26:22:8a:de:81:
10:e8:eb:5f:19:a0:42:8e:35:f3:0a:cb:aa:37:33:
2a:13:5f:e7:cc:19:47:17:65:94:ae:9d:3f:e8:c6:
1b:9b:7e:d4:03:64:db:01:fc:60:bf:2c:16:4f:83:
a5:ca:23:67:6f:b4:bb:b6:29:3b:2d:c2:87:a5:eb:
4f:fe:94:a8:2e:10:78:4a:5a:cb:e4:44:ee:e6:32:
a3:2e:a6:15:53:99:ae:51:ad:fa:89:47:85:90:4e:
b7:b3:f5:2d:c9:3c:0b:a5:b6:1f:64:dd:b2:14:b2:
54:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:35:4E:D8:30:E4:81:C3:CE:10:E5:D3:B4:29:D4:67:7A:F3:68:79
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nDVO2DDkgcPOEOXTtCnUZ3rzaHk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:36:66:51:05:3e:58:18:59:a6:0b:1b:c4:2a:f3:f4:8a:c4:
15:73:06:7c:38:e1:3f:b3:04:78:17:5f:55:75:18:63:6a:6d:
7e:62:89:31:ae:00:2c:1e:b0:62:61:6f:e9:e2:9d:55:80:1f:
fc:53:5e:3f:7c:27:39:ca:50:27:7b:39:b3:23:b7:3a:c5:2e:
83:51:19:b7:86:af:3a:c8:14:1a:60:19:00:33:ca:6a:0d:56:
3b:2e:e7:7f:90:95:92:86:b9:6b:7d:c7:3e:53:09:97:f9:49:
b6:64:28:38:34:4f:af:87:bf:30:78:2e:bf:d7:17:5f:3f:45:
cd:ae:a2:6d:58:57:61:fb:d0:cc:4d:ca:f4:56:c1:01:c0:cf:
75:f7:b5:56:83:2a:16:c3:dd:6e:92:9a:d7:96:93:32:af:37:
e3:cd:e4:ba:3c:a9:0e:75:d0:3c:6f:30:0a:97:9a:39:82:e4:
26:90:20:ae:2d:97:94:70:65:3d:bc:eb:73:be:a0:eb:b2:f2:
5c:9b:c9:06:59:2d:b5:ea:b4:22:43:57:f3:a5:3a:74:69:54:
e8:d4:3a:ec:5f:31:50:aa:b6:2d:4b:36:7d:6f:46:b0:7d:d1:
1d:8c:e4:fb:c4:f4:f7:a0:57:fc:75:b6:e9:2b:77:2a:be:d4:
28:30:4f:1f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU44wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDky
MzU0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlDMzU0RUQ4MzBFNDgx
QzNDRTEwRTVEM0I0MjlENDY3N0FGMzY4NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCko+77lP/TT1HwhBPP0P/5MB2fa/qjdJqn9JcN+lG+A1HGd1nG
RhPgKMwPDtnE0PLCDuAiL8OAN6A+sLKtRoKZIP4+k3f4IA3p6mRZ4FxgW6jmT53E
FPej76qdHSn1GUWH31GrNOBkl/Ilh7DPZ0fSvgrxBfbxpo1Kapcb8zWM9iQ0dHAu
a7GbkdFmQVg1aOAmIoregRDo618ZoEKONfMKy6o3MyoTX+fMGUcXZZSunT/oxhub
ftQDZNsB/GC/LBZPg6XKI2dvtLu2KTstwoel60/+lKguEHhKWsvkRO7mMqMuphVT
ma5RrfqJR4WQTrez9S3JPAulth9k3bIUslSxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUnDVO2DDkgcPOEOXTtCnUZ3rzaHkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25EVk8yRERrZ2NQT0VP
WFR0Q25VWjNyemFIay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAVjZmUQU+WBhZpgsbxCrz9IrEFXMGfDjh
P7MEeBdfVXUYY2ptfmKJMa4ALB6wYmFv6eKdVYAf/FNeP3wnOcpQJ3s5syO3OsUu
g1EZt4avOsgUGmAZADPKag1WOy7nf5CVkoa5a33HPlMJl/lJtmQoODRPr4e/MHgu
v9cXXz9Fza6ibVhXYfvQzE3K9FbBAcDPdfe1VoMqFsPdbpKa15aTMq83483kujyp
DnXQPG8wCpeaOYLkJpAgri2XlHBlPbzrc76g67LyXJvJBlktteq0IkNX86U6dGlU
6NQ67F8xUKq2LUs2fW9GsH3RHYzk+8T096BX/HW26St3Kr7UKDBPHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:09 2024 by rpki-client on console-ams.rpki-client.org