Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nczrLxLwYe4yZaG_NKKjCS00GgM.roa
File: nczrLxLwYe4yZaG_NKKjCS00GgM.roa (raw, json)
Hash identifier: m9tPTbfTdRirCZ0iTZ26WSK3wRilJPQLEoJ7wQ8+j1Y=
Subject key identifier: 9D:CC:EB:2F:12:F0:61:EE:32:65:A1:BF:34:A2:A3:09:2D:34:1A:03
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5212
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nczrLxLwYe4yZaG_NKKjCS00GgM.roa
Signing time: Wed 08 May 2024 00:24:00 +0000
ROA not before: Wed 08 May 2024 00:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21010 (0x5212)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 00:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9DCCEB2F12F061EE3265A1BF34A2A3092D341A03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dd:8d:88:33:3a:52:2b:9d:75:42:33:e1:3c:
57:7d:93:19:2f:5b:02:77:2e:61:5e:fa:63:ef:56:
65:a3:cb:a3:92:36:62:93:ef:a9:9a:9e:bf:5d:35:
89:92:df:28:00:f3:ef:fd:96:fb:be:e7:d5:e1:38:
19:64:56:b7:98:17:fe:9a:ce:44:4c:08:6f:2c:6e:
d0:ac:2b:b0:7d:26:7f:63:4f:1e:0a:31:a9:a4:c5:
01:43:bc:2b:ad:3a:87:12:4f:f7:f0:29:e9:2e:a5:
55:0e:bc:b7:a1:6b:c1:b3:cf:9e:11:5a:74:7f:10:
84:47:76:14:f5:1a:90:ee:ff:3e:52:c6:0b:d9:69:
fa:ee:73:e3:df:7c:0e:e5:37:13:39:71:af:de:48:
2c:78:97:d8:f7:8a:5f:47:b3:c5:2f:30:20:dd:92:
61:15:c4:2b:98:a5:34:22:d0:b8:48:4c:10:97:26:
4f:52:8a:91:24:b2:25:dc:32:47:64:2f:96:28:74:
cf:15:b8:98:5d:63:8a:5d:a8:72:4e:27:fe:7d:4d:
2c:df:16:11:ff:2a:96:8f:64:07:6f:2b:83:8a:40:
f2:af:12:85:e0:0e:3b:26:1d:d1:5e:4a:71:87:90:
78:33:22:4d:f1:1a:83:d2:32:85:5c:63:06:9c:48:
e2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CC:EB:2F:12:F0:61:EE:32:65:A1:BF:34:A2:A3:09:2D:34:1A:03
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nczrLxLwYe4yZaG_NKKjCS00GgM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:16:b9:99:f3:f2:0a:0c:06:45:83:5f:ac:b6:be:1c:e5:db:
27:11:11:fd:c2:6d:07:91:ea:bb:18:c0:30:e2:d4:fa:c4:85:
33:ea:bb:00:96:01:8b:0d:5b:49:c5:87:02:ee:1b:33:b6:97:
c1:f9:04:2a:3d:15:40:4b:17:39:22:1f:74:a5:77:38:5a:af:
a7:47:8f:7f:1e:d0:30:ca:87:1e:73:1f:e2:82:8f:6f:85:cb:
5e:7d:f5:2c:48:fb:c3:3c:5b:ad:be:61:5c:b8:89:96:18:e9:
6e:0a:47:55:85:69:04:ac:ae:95:94:be:c0:7e:51:3d:c8:6b:
dc:dd:88:8c:fe:1a:a2:9e:b7:82:6d:b2:89:ff:7a:88:47:59:
7e:3e:19:c9:3e:63:58:27:39:87:bd:7e:8f:d6:c4:bb:82:64:
2f:86:38:34:f3:37:6a:a0:01:5b:f4:2f:20:ce:85:30:35:72:
bc:1f:dc:fa:8a:f7:1e:10:42:d7:8f:ca:5c:1d:28:e9:6f:7a:
13:70:c6:94:95:03:5f:cb:de:fb:58:80:8d:d0:58:2c:92:b3:
0c:18:b7:0b:e2:69:00:4e:0f:89:2e:8f:06:3e:42:03:09:88:
03:b6:d2:0f:d9:0f:f8:44:ab:5b:fa:e9:0e:df:00:18:d2:39:
8a:36:fb:bf
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUhIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw
MDI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlEQ0NFQjJGMTJGMDYx
RUUzMjY1QTFCRjM0QTJBMzA5MkQzNDFBMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC83Y2IMzpSK511QjPhPFd9kxkvWwJ3LmFe+mPvVmWjy6OSNmKT
76manr9dNYmS3ygA8+/9lvu+59XhOBlkVreYF/6azkRMCG8sbtCsK7B9Jn9jTx4K
MamkxQFDvCutOocST/fwKekupVUOvLeha8Gzz54RWnR/EIRHdhT1GpDu/z5SxgvZ
afruc+PffA7lNxM5ca/eSCx4l9j3il9Hs8UvMCDdkmEVxCuYpTQi0LhITBCXJk9S
ipEksiXcMkdkL5YodM8VuJhdY4pdqHJOJ/59TSzfFhH/KpaPZAdvK4OKQPKvEoXg
DjsmHdFeSnGHkHgzIk3xGoPSMoVcYwacSOLRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUnczrLxLwYe4yZaG/NKKjCS00GgMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25jenJMeEx3WWU0eVph
R19OS0tqQ1MwMEdnTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEArBa5mfPyCgwGRYNfrLa+HOXbJxER/cJt
B5HquxjAMOLU+sSFM+q7AJYBiw1bScWHAu4bM7aXwfkEKj0VQEsXOSIfdKV3OFqv
p0ePfx7QMMqHHnMf4oKPb4XLXn31LEj7wzxbrb5hXLiJlhjpbgpHVYVpBKyulZS+
wH5RPchr3N2IjP4aop63gm2yif96iEdZfj4ZyT5jWCc5h71+j9bEu4JkL4Y4NPM3
aqABW/QvIM6FMDVyvB/c+or3HhBC14/KXB0o6W96E3DGlJUDX8ve+1iAjdBYLJKz
DBi3C+JpAE4PiS6PBj5CAwmIA7bSD9kP+ESrW/rpDt8AGNI5ijb7vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:09 2024 by rpki-client on console-ams.rpki-client.org