Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ojjuRmCBZ749FuNa_ktngH-SE1s.roa
File: ojjuRmCBZ749FuNa_ktngH-SE1s.roa (raw, json)
Hash identifier: oqxT2aM/Ap4tZtgbWY663Xg/t5Ifc8cmvGSUbdNQVnQ=
Subject key identifier: A2:38:EE:46:60:81:67:BE:3D:16:E3:5A:FE:4B:67:80:7F:92:13:5B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3BAA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ojjuRmCBZ749FuNa_ktngH-SE1s.roa
Signing time: Mon 08 Apr 2024 03:22:38 +0000
ROA not before: Mon 08 Apr 2024 03:22:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15274 (0x3baa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 03:22:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A238EE46608167BE3D16E35AFE4B67807F92135B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c1:06:b8:92:16:7f:58:d0:e2:19:b0:97:ca:
d1:c4:32:be:9c:de:f8:e9:77:65:6e:98:47:a0:39:
75:32:44:74:3f:7b:e7:58:28:f6:8b:9c:00:ad:5e:
ae:f0:65:86:66:5f:5e:9a:4c:25:42:98:59:5a:4a:
97:de:c6:d1:23:9f:d4:98:99:78:82:74:f5:df:d9:
04:14:08:51:dc:2d:3f:bf:6f:cc:1f:cb:05:54:b0:
c3:7d:d8:2a:94:14:e4:60:81:e8:92:60:15:92:d2:
64:31:37:21:2a:95:a6:03:cc:c1:d3:59:64:55:a6:
fb:13:30:64:cd:76:ed:b1:c6:4f:14:45:37:46:c5:
f8:9f:aa:42:7a:ed:ed:d8:56:85:91:28:4d:41:8a:
45:66:87:15:b1:74:37:b1:e6:d3:14:11:3d:6d:81:
49:98:ff:82:f8:79:b6:b5:a6:bf:7e:64:f4:93:9d:
d4:3a:12:c4:61:ad:23:4a:9f:29:c9:27:59:04:fa:
73:8c:b3:b3:4f:85:db:4a:e8:42:7b:d2:ee:e1:dd:
46:df:6f:62:5f:29:02:06:ce:5c:47:e3:24:bf:75:
96:03:00:68:38:de:b2:d3:86:93:bf:b1:f4:fc:8a:
df:78:87:d6:61:62:a7:1b:1f:3a:d4:e1:99:05:42:
6d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:38:EE:46:60:81:67:BE:3D:16:E3:5A:FE:4B:67:80:7F:92:13:5B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ojjuRmCBZ749FuNa_ktngH-SE1s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:0f:40:01:3c:17:f3:a2:aa:f2:b9:21:7a:ac:f0:aa:52:68:
81:2a:55:07:d5:4d:83:03:df:60:50:ed:1c:50:ca:0b:0f:62:
33:e9:71:42:70:2a:54:8d:da:54:8c:e2:1e:1f:49:fc:a7:90:
5f:e7:13:b5:bf:98:19:ae:23:ec:15:9e:d5:99:be:1a:fa:18:
2a:d6:59:df:9b:c8:61:7b:a4:c5:1c:1a:d8:6b:d3:a6:2f:e3:
c9:75:30:b0:0d:73:43:bb:c3:84:16:2e:5c:63:f0:af:fb:60:
70:48:a1:fb:d1:6d:e7:b7:5b:93:02:44:9d:99:6d:c0:e7:08:
c7:86:4d:ac:bb:b0:2d:a1:2c:9d:f0:bf:ec:aa:91:6b:5b:65:
99:d4:d0:04:46:fa:c2:db:0f:e2:b6:32:a5:d0:08:c7:00:3a:
c5:bb:b9:e3:bd:19:35:23:08:f7:8f:bf:4b:2d:08:dd:40:31:
28:cd:1d:85:81:8e:58:be:9a:ab:4c:fe:80:54:17:ae:e2:6c:
1c:97:4d:78:47:ee:c9:55:78:bc:d7:3b:be:78:28:a9:47:bb:
e3:99:2d:ad:05:ca:2b:d5:e2:8b:63:01:5d:cd:4f:21:84:00:
37:21:13:b6:a6:31:d6:22:85:ae:a0:46:8f:6e:06:4a:10:56:
0d:cd:17:2e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICO6owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgw
MzIyMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEyMzhFRTQ2NjA4MTY3
QkUzRDE2RTM1QUZFNEI2NzgwN0Y5MjEzNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3wQa4khZ/WNDiGbCXytHEMr6c3vjpd2VumEegOXUyRHQ/e+dY
KPaLnACtXq7wZYZmX16aTCVCmFlaSpfextEjn9SYmXiCdPXf2QQUCFHcLT+/b8wf
ywVUsMN92CqUFORggeiSYBWS0mQxNyEqlaYDzMHTWWRVpvsTMGTNdu2xxk8URTdG
xfifqkJ67e3YVoWRKE1BikVmhxWxdDex5tMUET1tgUmY/4L4eba1pr9+ZPSTndQ6
EsRhrSNKnynJJ1kE+nOMs7NPhdtK6EJ70u7h3Ubfb2JfKQIGzlxH4yS/dZYDAGg4
3rLThpO/sfT8it94h9ZhYqcbHzrU4ZkFQm3tAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUojjuRmCBZ749FuNa/ktngH+SE1swHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29qanVSbUNCWjc0OUZ1
TmFfa3RuZ0gtU0Uxcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAAg9AATwX86Kq8rkheqzwqlJogSpVB9VN
gwPfYFDtHFDKCw9iM+lxQnAqVI3aVIziHh9J/KeQX+cTtb+YGa4j7BWe1Zm+GvoY
KtZZ35vIYXukxRwa2GvTpi/jyXUwsA1zQ7vDhBYuXGPwr/tgcEih+9Ft57dbkwJE
nZltwOcIx4ZNrLuwLaEsnfC/7KqRa1tlmdTQBEb6wtsP4rYypdAIxwA6xbu5470Z
NSMI94+/Sy0I3UAxKM0dhYGOWL6aq0z+gFQXruJsHJdNeEfuyVV4vNc7vngoqUe7
45ktrQXKK9Xii2MBXc1PIYQANyETtqYx1iKFrqBGj24GShBWDc0XLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:47 2024 by rpki-client on console-fra.rpki-client.org