Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nufCjQhmOhQN5ewpHDW-ICGc1y4.roa
File: nufCjQhmOhQN5ewpHDW-ICGc1y4.roa (raw, json)
Hash identifier: aqA67/72MGvxwJyojGRoEaMY9h3rNpHCzWej6b41iaE=
Subject key identifier: 9E:E7:C2:8D:08:66:3A:14:0D:E5:EC:29:1C:35:BE:20:21:9C:D7:2E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3366
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nufCjQhmOhQN5ewpHDW-ICGc1y4.roa
Signing time: Thu 28 Mar 2024 02:52:07 +0000
ROA not before: Thu 28 Mar 2024 02:52:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13158 (0x3366)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 02:52:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9EE7C28D08663A140DE5EC291C35BE20219CD72E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:04:4a:99:65:20:ef:06:6a:1c:c0:32:f8:60:
31:cc:84:e9:30:81:a8:67:72:0b:7e:02:6f:9b:8d:
93:34:1a:2d:79:fe:e7:13:ea:9f:41:a7:96:8a:67:
98:6e:37:3e:a2:5e:46:3d:9d:e6:c0:24:70:22:84:
50:d7:c0:1e:0d:98:ed:d5:77:6c:b7:91:80:1d:a7:
4b:c9:52:e0:13:98:5a:06:2c:9d:cd:0e:10:90:a2:
99:70:8e:0a:72:f9:11:13:8c:c0:17:c4:ff:6a:ef:
fa:d5:8e:40:03:86:c4:b3:9c:fa:95:76:58:8d:97:
7d:ad:b9:94:96:d0:50:ef:8b:ce:12:17:dc:67:e4:
6e:48:75:5b:16:56:f6:45:55:b9:33:82:4b:67:0e:
c0:49:4a:cc:1c:5a:79:53:94:96:79:47:8d:a0:58:
9b:68:71:95:15:9a:03:7e:e1:89:08:f5:2c:c6:b9:
e4:fd:f7:29:2d:68:bb:6c:e4:83:ed:9d:f7:af:70:
25:58:05:4b:25:15:a7:36:a5:d3:92:40:8e:a9:ab:
15:b2:85:3a:be:12:87:34:de:4c:e6:24:b7:f1:7f:
43:60:d5:6e:d2:05:28:15:f5:fd:61:46:98:c7:bc:
8c:c6:0b:47:81:a1:d3:9d:d4:3c:3e:39:ac:ed:d5:
40:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E7:C2:8D:08:66:3A:14:0D:E5:EC:29:1C:35:BE:20:21:9C:D7:2E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nufCjQhmOhQN5ewpHDW-ICGc1y4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:e2:72:2b:00:10:b1:b9:fa:d5:4f:de:87:d0:22:f2:4a:f5:
2a:b8:a1:52:e3:fa:9a:67:25:8c:77:63:76:e0:02:74:90:4e:
a2:5f:60:70:22:60:a5:ea:3c:67:67:78:18:01:35:ce:f0:69:
af:46:bc:6b:12:93:5e:c2:b2:2c:9e:a2:64:e1:71:81:5f:59:
57:81:59:3f:67:53:c1:b4:6f:a2:e2:68:27:9f:23:a6:f1:00:
14:8f:4c:f5:db:4b:16:c9:0f:48:b4:b8:46:ae:8c:2a:51:e8:
82:72:59:70:e6:66:7c:17:75:b2:6d:b1:34:a7:44:d0:e5:0c:
aa:9e:49:5c:2f:64:b8:cb:01:18:2a:8d:cc:b6:5d:4f:86:bd:
d3:ae:d1:98:5b:53:2f:47:54:ad:a5:a1:ff:60:71:d1:43:1e:
8b:da:aa:e4:d7:79:a3:42:83:a0:7b:de:70:70:ac:8a:e0:c0:
e9:b2:f5:73:1f:ff:11:bc:6d:b0:45:d7:bf:af:96:9c:d2:30:
8a:2d:48:fc:2c:e2:4e:08:5a:1f:8f:4b:48:9b:dc:6d:34:31:
50:67:a2:fb:86:17:b2:fa:52:15:b9:79:0a:1d:c1:f2:8b:a7:
74:fe:95:d1:0c:fe:ca:25:c6:1c:a0:e0:19:c2:58:0d:1c:12:
cd:22:a8:ae
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICM2YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgw
MjUyMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFRTdDMjhEMDg2NjNB
MTQwREU1RUMyOTFDMzVCRTIwMjE5Q0Q3MkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8BEqZZSDvBmocwDL4YDHMhOkwgahncgt+Am+bjZM0Gi15/ucT
6p9Bp5aKZ5huNz6iXkY9nebAJHAihFDXwB4NmO3Vd2y3kYAdp0vJUuATmFoGLJ3N
DhCQoplwjgpy+RETjMAXxP9q7/rVjkADhsSznPqVdliNl32tuZSW0FDvi84SF9xn
5G5IdVsWVvZFVbkzgktnDsBJSswcWnlTlJZ5R42gWJtocZUVmgN+4YkI9SzGueT9
9yktaLts5IPtnfevcCVYBUslFac2pdOSQI6pqxWyhTq+Eoc03kzmJLfxf0Ng1W7S
BSgV9f1hRpjHvIzGC0eBodOd1Dw+Oazt1UC7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUnufCjQhmOhQN5ewpHDW+ICGc1y4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L251ZkNqUWhtT2hRTjVl
d3BIRFctSUNHYzF5NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEALOJyKwAQsbn61U/eh9Ai8kr1KrihUuP6
mmcljHdjduACdJBOol9gcCJgpeo8Z2d4GAE1zvBpr0a8axKTXsKyLJ6iZOFxgV9Z
V4FZP2dTwbRvouJoJ58jpvEAFI9M9dtLFskPSLS4Rq6MKlHognJZcOZmfBd1sm2x
NKdE0OUMqp5JXC9kuMsBGCqNzLZdT4a9067RmFtTL0dUraWh/2Bx0UMei9qq5Nd5
o0KDoHvecHCsiuDA6bL1cx//EbxtsEXXv6+WnNIwii1I/CziTghaH49LSJvcbTQx
UGei+4YXsvpSFbl5Ch3B8oundP6V0Qz+yiXGHKDgGcJYDRwSzSKorg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:09 2024 by rpki-client on console-ams.rpki-client.org