Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/p8kQ0VfARw0TYgnODVuNsxPMVnQ.roa
File: p8kQ0VfARw0TYgnODVuNsxPMVnQ.roa (raw, json)
Hash identifier: p+GYyQZnFYBV8OEiZjwPtMF/DEJuWzrL0PwcimH+k6Q=
Subject key identifier: A7:C9:10:D1:57:C0:47:0D:13:62:09:CE:0D:5B:8D:B3:13:CC:56:74
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35DE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/p8kQ0VfARw0TYgnODVuNsxPMVnQ.roa
Signing time: Sun 31 Mar 2024 09:52:10 +0000
ROA not before: Sun 31 Mar 2024 09:52:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13790 (0x35de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 09:52:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A7C910D157C0470D136209CE0D5B8DB313CC5674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:be:53:8d:8c:d0:0e:02:c8:08:ff:b5:19:3d:
c6:b8:a6:87:a1:61:0a:1a:5c:28:53:92:02:0d:d7:
99:ed:4c:40:03:5d:9b:63:e3:de:d6:1f:bc:58:47:
ed:76:40:ef:2e:8a:cf:ac:3a:07:17:d9:02:e0:b5:
8f:e8:42:9e:65:8f:74:8f:0f:ce:bd:17:98:83:0c:
b6:e2:fd:e9:5c:98:1d:01:b1:8b:70:ed:19:72:00:
f8:d3:c2:c2:58:7a:fd:d3:d9:23:07:2d:4c:e6:9c:
3b:96:2c:64:6c:d3:86:59:b7:5e:da:83:4d:81:9d:
ef:83:61:ff:c4:0a:cd:d9:79:90:d3:6e:1f:52:30:
b8:95:12:f7:8c:65:c1:b7:89:2e:1c:45:6f:05:6a:
66:37:d3:ed:0a:5b:76:52:db:ae:45:7d:cc:d1:37:
7b:88:4d:14:e0:7d:dd:0f:19:ad:19:f3:71:01:b3:
06:4f:2d:e5:66:21:cf:d4:9a:ed:83:86:d6:1c:ea:
6d:c7:31:38:6e:bd:33:8d:fe:35:ff:4d:75:58:5e:
d8:09:96:d4:ee:12:94:78:1b:78:4e:6b:25:ca:e9:
75:69:b9:b0:2b:c5:d5:ed:dc:1b:c5:67:3d:4f:f9:
05:3a:ad:be:79:d0:ca:2e:33:05:04:2c:70:b1:d5:
c5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C9:10:D1:57:C0:47:0D:13:62:09:CE:0D:5B:8D:B3:13:CC:56:74
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/p8kQ0VfARw0TYgnODVuNsxPMVnQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:88:e5:77:ba:af:bd:9a:16:ef:93:41:5b:67:65:48:62:9f:
85:12:54:ea:61:c6:af:65:94:fc:af:84:19:91:73:ae:b1:6d:
fb:49:a8:9d:1e:4e:61:7d:1a:8f:62:ac:7e:6b:71:8e:4d:c9:
16:41:f9:84:3f:93:c7:bc:9a:2c:84:4a:94:be:88:11:5c:2a:
6c:af:9f:91:4a:e7:1d:26:46:e2:aa:3f:cc:b0:c4:79:11:ad:
4e:bd:af:e2:70:1d:8d:e0:80:72:f3:e9:8b:b5:22:fd:ef:6a:
06:11:56:3b:3e:0a:07:1b:94:ce:7a:e3:3e:12:f0:f2:c8:65:
f9:ea:4e:ea:7d:b9:35:ef:f0:73:00:d5:8d:64:0b:71:63:63:
e0:f4:1e:d0:b6:2f:c9:4e:4d:3a:0b:a5:a0:d9:42:0c:61:63:
03:75:7e:b8:db:93:fe:08:dd:26:d1:61:ca:7d:31:63:04:f5:
19:12:c1:e1:18:48:a5:64:87:83:8c:2d:42:7d:9a:51:02:15:
7c:10:da:4d:05:b5:80:f1:40:d1:d2:39:c0:e0:61:04:9d:54:
53:42:d1:67:ab:80:19:13:dd:18:be:07:c5:20:a1:c2:0c:a3:
96:49:7e:ba:1c:95:e6:26:a3:6a:98:de:56:92:a2:7c:31:ba:
bd:5e:72:a1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNd4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
OTUyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE3QzkxMEQxNTdDMDQ3
MEQxMzYyMDlDRTBENUI4REIzMTNDQzU2NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDivlONjNAOAsgI/7UZPca4poehYQoaXChTkgIN15ntTEADXZtj
497WH7xYR+12QO8uis+sOgcX2QLgtY/oQp5lj3SPD869F5iDDLbi/elcmB0BsYtw
7RlyAPjTwsJYev3T2SMHLUzmnDuWLGRs04ZZt17ag02Bne+DYf/ECs3ZeZDTbh9S
MLiVEveMZcG3iS4cRW8FamY30+0KW3ZS265FfczRN3uITRTgfd0PGa0Z83EBswZP
LeVmIc/Umu2DhtYc6m3HMThuvTON/jX/TXVYXtgJltTuEpR4G3hOayXK6XVpubAr
xdXt3BvFZz1P+QU6rb550MouMwUELHCx1cWjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUp8kQ0VfARw0TYgnODVuNsxPMVnQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3A4a1EwVmZBUncwVFln
bk9EVnVOc3hQTVZuUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKojld7qvvZoW75NBW2dlSGKfhRJU6mHG
r2WU/K+EGZFzrrFt+0monR5OYX0aj2Ksfmtxjk3JFkH5hD+Tx7yaLIRKlL6IEVwq
bK+fkUrnHSZG4qo/zLDEeRGtTr2v4nAdjeCAcvPpi7Ui/e9qBhFWOz4KBxuUznrj
PhLw8shl+epO6n25Ne/wcwDVjWQLcWNj4PQe0LYvyU5NOguloNlCDGFjA3V+uNuT
/gjdJtFhyn0xYwT1GRLB4RhIpWSHg4wtQn2aUQIVfBDaTQW1gPFA0dI5wOBhBJ1U
U0LRZ6uAGRPdGL4HxSChwgyjlkl+uhyV5iajapjeVpKifDG6vV5yoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:11 2024 by rpki-client on console-ams.rpki-client.org