Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/npJqUk01NpA-YleiLxg4JwEskrE.roa
File: npJqUk01NpA-YleiLxg4JwEskrE.roa (raw, json)
Hash identifier: AIPB6EY5EYvRkZNeDhG9+WVg6R8AkVhJtbqG7q/AzzQ=
Subject key identifier: 9E:92:6A:52:4D:35:36:90:3E:62:57:A2:2F:18:38:27:01:2C:92:B1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5732
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/npJqUk01NpA-YleiLxg4JwEskrE.roa
Signing time: Tue 14 May 2024 20:24:10 +0000
ROA not before: Tue 14 May 2024 20:24:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22322 (0x5732)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 20:24:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9E926A524D3536903E6257A22F183827012C92B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:67:bf:a9:c9:8c:6b:69:df:7c:5c:fc:9f:6a:
2e:10:f3:26:5c:08:01:1a:3d:0d:f0:7c:d8:96:1e:
b7:f2:b8:a4:20:06:67:f7:db:db:62:23:09:13:ea:
cd:a1:b8:36:fa:27:49:77:b0:3c:13:4e:5c:10:c2:
f1:2e:19:db:f9:05:34:44:1a:59:88:82:cb:ad:e1:
67:88:4b:87:95:76:5a:3d:a9:f2:48:21:c5:1e:52:
52:6f:e5:94:f4:b4:62:25:f0:7e:cf:54:ce:33:ef:
9c:fd:fe:97:01:84:71:e8:92:04:5a:11:98:cc:04:
9a:b2:f3:d5:7b:75:da:c9:94:4e:30:31:f2:66:52:
1a:f7:33:d3:25:f3:8b:87:48:b7:04:75:11:9f:bd:
0e:33:0e:c0:b6:4b:6a:5b:66:7f:63:34:61:8e:ab:
ca:56:ff:ed:78:3e:22:63:1e:46:7a:8a:46:b6:31:
5c:98:7b:fb:11:1e:25:0a:53:17:10:e9:59:7b:2f:
89:2d:02:d7:8e:39:57:4f:01:9e:ad:a7:04:33:95:
01:a6:7b:13:b9:9c:33:d4:84:d0:28:20:4e:46:ac:
5d:0a:44:a8:b1:05:97:df:3e:d4:10:ac:0b:8e:a8:
92:c0:9f:89:66:ac:6c:8e:03:3b:a9:c3:52:d6:4c:
5d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:92:6A:52:4D:35:36:90:3E:62:57:A2:2F:18:38:27:01:2C:92:B1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/npJqUk01NpA-YleiLxg4JwEskrE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b8:11:d2:0b:e9:ff:74:c6:88:ed:9e:93:c3:01:c0:40:e4:06:
0d:66:d3:91:e7:0f:75:1e:a1:b4:5f:20:81:a5:78:d3:72:50:
39:a9:a2:8f:ff:72:04:a8:ac:12:0b:88:a9:2a:5f:b9:07:1e:
c5:ed:ae:46:56:14:e8:a1:ed:f7:6c:5f:67:9b:19:e9:41:a5:
64:38:10:16:12:d6:76:fe:9e:d7:49:62:9c:f2:bb:3e:43:a2:
28:d5:ba:59:80:e9:b0:12:96:e2:e7:1d:72:99:e8:b0:8a:4b:
f9:ba:ef:96:34:3e:d4:0d:25:cf:a9:85:38:cf:9d:2d:b6:b4:
29:52:bb:b6:01:56:ae:35:4c:e4:b2:53:7b:f0:d0:50:0e:1b:
60:a8:98:4c:52:e6:78:8b:1f:82:0f:54:fc:f8:0c:cc:ec:06:
01:78:9a:c1:54:40:ca:1d:ff:02:22:6a:3a:7f:d4:b0:10:b7:
82:d0:7c:c8:ca:50:cc:f8:80:47:d0:52:a3:ef:f1:ea:bb:e4:
28:94:31:74:6b:bb:a2:62:db:2e:d1:95:48:3d:0a:45:10:45:
e7:58:8b:ee:68:fe:3c:a9:0a:8d:a9:20:b4:47:99:e7:d5:74:
54:20:c8:f0:cb:57:c7:03:3f:f6:7f:d6:e4:59:46:d2:e8:c0:
7b:a5:64:49
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVzIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQy
MDI0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFOTI2QTUyNEQzNTM2
OTAzRTYyNTdBMjJGMTgzODI3MDEyQzkyQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRZ7+pyYxrad98XPyfai4Q8yZcCAEaPQ3wfNiWHrfyuKQgBmf3
29tiIwkT6s2huDb6J0l3sDwTTlwQwvEuGdv5BTREGlmIgsut4WeIS4eVdlo9qfJI
IcUeUlJv5ZT0tGIl8H7PVM4z75z9/pcBhHHokgRaEZjMBJqy89V7ddrJlE4wMfJm
Uhr3M9Ml84uHSLcEdRGfvQ4zDsC2S2pbZn9jNGGOq8pW/+14PiJjHkZ6ika2MVyY
e/sRHiUKUxcQ6Vl7L4ktAteOOVdPAZ6tpwQzlQGmexO5nDPUhNAoIE5GrF0KRKix
BZffPtQQrAuOqJLAn4lmrGyOAzupw1LWTF37AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUnpJqUk01NpA+YleiLxg4JwEskrEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25wSnFVazAxTnBBLVls
ZWlMeGc0SndFc2tyRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAuBHSC+n/dMaI7Z6TwwHAQOQGDWbTkecP
dR6htF8ggaV403JQOamij/9yBKisEguIqSpfuQcexe2uRlYU6KHt92xfZ5sZ6UGl
ZDgQFhLWdv6e10linPK7PkOiKNW6WYDpsBKW4ucdcpnosIpL+brvljQ+1A0lz6mF
OM+dLba0KVK7tgFWrjVM5LJTe/DQUA4bYKiYTFLmeIsfgg9U/PgMzOwGAXiawVRA
yh3/AiJqOn/UsBC3gtB8yMpQzPiAR9BSo+/x6rvkKJQxdGu7omLbLtGVSD0KRRBF
51iL7mj+PKkKjakgtEeZ59V0VCDI8MtXxwM/9n/W5FlG0ujAe6VkSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:46 2024 by rpki-client on console-fra.rpki-client.org