Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/oIE7iR6BP48wX35xjmPdxMjtrPc.roa
File: oIE7iR6BP48wX35xjmPdxMjtrPc.roa (raw, json)
Hash identifier: bO3tQOI8QGdtX3sv0FewGOjgaSeqmHsQTTAVqCdP81w=
Subject key identifier: A0:81:3B:89:1E:81:3F:8F:30:5F:7E:71:8E:63:DD:C4:C8:ED:AC:F7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FE2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oIE7iR6BP48wX35xjmPdxMjtrPc.roa
Signing time: Sat 13 Apr 2024 18:22:49 +0000
ROA not before: Sat 13 Apr 2024 18:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16354 (0x3fe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 18:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A0813B891E813F8F305F7E718E63DDC4C8EDACF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:36:b6:cf:01:48:0e:81:20:04:f2:2c:c5:5c:
a4:be:e3:3f:54:8e:66:3c:3d:6e:80:d7:0a:60:9c:
35:4c:91:c9:6d:c9:06:fd:ad:ee:fa:a3:50:75:b2:
c2:13:90:1a:40:cf:1c:f9:b8:9f:80:53:97:3c:15:
b5:0a:8b:08:ee:42:43:01:fa:2c:01:76:52:b7:7b:
c4:98:a2:65:29:a6:9f:42:b4:e3:5f:23:9f:c7:60:
54:66:55:b0:e2:3a:bf:5e:76:b9:5f:2b:f1:6d:48:
95:1d:c2:8d:91:d6:69:3e:3f:7d:ec:04:2e:02:3c:
86:a7:62:17:b6:d1:78:52:db:b3:f5:27:85:33:6f:
64:c6:de:21:89:57:91:ba:17:40:49:53:2c:b4:75:
f0:ff:7a:82:b8:55:b4:dc:6c:ba:39:c7:ad:91:dc:
c2:f8:7e:80:51:7d:a0:70:74:8d:5a:d9:6c:3f:53:
5c:83:df:d9:bd:eb:a8:ff:1e:b2:d8:32:1a:b2:5a:
84:cd:e5:a4:de:45:99:b2:a5:b8:e0:12:ef:8c:99:
4f:45:e3:48:82:16:76:82:9d:b7:c7:c8:5a:62:46:
8b:1d:89:e6:a7:41:13:d2:cd:59:a5:aa:61:75:89:
19:67:a5:3a:a5:f0:41:00:13:0e:21:7f:01:46:72:
fc:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:81:3B:89:1E:81:3F:8F:30:5F:7E:71:8E:63:DD:C4:C8:ED:AC:F7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oIE7iR6BP48wX35xjmPdxMjtrPc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:73:99:c7:87:c3:1d:e3:b2:31:18:30:7a:f5:7b:23:1f:29:
e0:d1:5e:51:56:f1:b6:5e:b3:25:0d:67:19:96:be:01:d9:3d:
f5:06:c8:e1:b6:a4:52:92:53:3c:28:49:58:e1:07:a3:7f:c4:
11:9e:03:c1:4b:2c:ef:84:51:de:3b:2d:a9:29:28:f7:25:ef:
28:3d:80:cd:22:0f:6a:b2:46:de:48:62:2f:fe:d2:5d:f5:5e:
52:c3:50:8c:79:bf:26:9c:8d:48:a4:2b:cd:42:f5:4f:c1:91:
8c:e4:bf:1e:d4:11:9f:c6:37:56:7a:86:db:93:11:e4:8d:cc:
d9:ac:d6:8e:06:1e:d3:61:33:2e:1c:3f:08:a5:8b:69:3d:cb:
05:2c:8c:ee:df:ce:b4:5c:dd:2b:81:22:51:a3:48:0e:46:58:
8f:0f:4c:68:91:f2:72:f5:b0:68:04:44:49:f2:e1:ee:5c:54:
ea:fa:ca:02:10:79:8c:c8:12:78:bc:1c:a2:61:5d:99:75:5b:
35:53:53:23:af:bd:70:93:9d:8f:e3:5b:d2:2d:fe:82:fa:27:
d0:68:56:4e:b4:80:c8:7c:c7:f7:85:07:8b:39:f1:57:1a:68:
1c:2e:91:44:34:72:76:23:6f:3c:d7:02:c2:a7:31:d2:99:bd:
49:ce:40:ac
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
ODIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEwODEzQjg5MUU4MTNG
OEYzMDVGN0U3MThFNjNEREM0QzhFREFDRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXNrbPAUgOgSAE8izFXKS+4z9UjmY8PW6A1wpgnDVMkcltyQb9
re76o1B1ssITkBpAzxz5uJ+AU5c8FbUKiwjuQkMB+iwBdlK3e8SYomUppp9CtONf
I5/HYFRmVbDiOr9edrlfK/FtSJUdwo2R1mk+P33sBC4CPIanYhe20XhS27P1J4Uz
b2TG3iGJV5G6F0BJUyy0dfD/eoK4VbTcbLo5x62R3ML4foBRfaBwdI1a2Ww/U1yD
39m966j/HrLYMhqyWoTN5aTeRZmypbjgEu+MmU9F40iCFnaCnbfHyFpiRosdiean
QRPSzVmlqmF1iRlnpTql8EEAEw4hfwFGcvytAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUoIE7iR6BP48wX35xjmPdxMjtrPcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29JRTdpUjZCUDQ4d1gz
NXhqbVBkeE1qdHJQYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAcHOZx4fDHeOyMRgwevV7Ix8p4NFeUVbx
tl6zJQ1nGZa+Adk99QbI4bakUpJTPChJWOEHo3/EEZ4DwUss74RR3jstqSko9yXv
KD2AzSIParJG3khiL/7SXfVeUsNQjHm/JpyNSKQrzUL1T8GRjOS/HtQRn8Y3VnqG
25MR5I3M2azWjgYe02EzLhw/CKWLaT3LBSyM7t/OtFzdK4EiUaNIDkZYjw9MaJHy
cvWwaARESfLh7lxU6vrKAhB5jMgSeLwcomFdmXVbNVNTI6+9cJOdj+Nb0i3+gvon
0GhWTrSAyHzH94UHiznxVxpoHC6RRDRydiNvPNcCwqcx0pm9Sc5ArA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:46 2024 by rpki-client on console-fra.rpki-client.org