Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qXnC4sZ7i-kXWC-zhq5uy-nSVyM.roa
File: qXnC4sZ7i-kXWC-zhq5uy-nSVyM.roa (raw, json)
Hash identifier: mpsg5nTpLYg5jH5RcZOfato5nKeECtRKZdw6++FpTiQ=
Subject key identifier: A9:79:C2:E2:C6:7B:8B:E9:17:58:2F:B3:86:AE:6E:CB:E9:D2:57:23
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F66
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qXnC4sZ7i-kXWC-zhq5uy-nSVyM.roa
Signing time: Sat 13 Apr 2024 02:52:52 +0000
ROA not before: Sat 13 Apr 2024 02:52:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16230 (0x3f66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 02:52:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A979C2E2C67B8BE917582FB386AE6ECBE9D25723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:16:78:4a:41:18:67:f2:b7:62:46:8c:a5:e3:
4b:e9:a2:c3:8b:6f:6e:c9:aa:b7:a2:b9:a2:df:47:
19:03:19:2c:41:27:06:a2:0a:e3:14:a7:b0:16:b6:
44:3b:80:53:b0:a7:ea:59:6e:dc:33:b8:88:e9:09:
11:51:07:38:27:84:df:42:cd:6a:fa:76:52:61:20:
13:13:9c:2f:3b:d7:35:14:d2:08:31:cf:11:4d:2f:
38:32:29:7b:68:b8:b0:28:ec:8e:ae:f5:a0:0d:fa:
6f:b8:88:8c:90:be:6c:8d:51:a8:30:67:6d:91:6e:
60:dc:f7:fa:f7:1d:82:65:65:ea:1e:f7:f3:66:b4:
ea:01:ef:52:79:7a:0a:41:3c:8d:39:b2:8c:d0:7f:
00:d3:19:71:e3:af:76:78:bf:70:d2:c7:20:3c:ee:
c2:b3:ac:75:03:25:8e:d7:bd:ca:79:c8:b4:3f:a5:
7b:b3:a1:66:9e:a7:40:0d:5c:eb:21:01:90:6c:dd:
1d:dd:aa:b1:c4:ce:d7:e7:d6:00:e9:30:1f:69:43:
af:76:32:1d:7b:23:a8:2c:85:97:c9:aa:da:60:4a:
3b:39:35:4c:5e:fe:e0:d7:85:ff:2e:e3:2f:3a:90:
98:2d:08:6b:3c:6e:27:b7:20:8c:08:c3:92:ea:09:
f2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:79:C2:E2:C6:7B:8B:E9:17:58:2F:B3:86:AE:6E:CB:E9:D2:57:23
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qXnC4sZ7i-kXWC-zhq5uy-nSVyM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:e1:93:51:bb:e3:e8:6c:42:bc:ff:67:f7:6f:61:c0:8c:90:
e6:1d:30:c5:76:e4:b4:19:a7:a7:8e:1a:91:bd:9e:cd:b5:7a:
e1:be:e6:b7:4e:63:86:7e:3b:e9:a4:7b:92:b0:81:66:78:ed:
5c:c6:7f:e4:1a:6d:f5:3b:26:36:f2:6b:f2:9f:f8:be:8d:7c:
92:38:f9:ef:79:83:ce:ec:45:d3:98:41:67:ee:a1:b2:60:33:
32:6a:c2:dd:ed:6a:6e:64:a5:2b:30:42:bc:4b:bb:2d:d6:00:
f3:55:27:61:7c:30:d5:4a:91:33:7f:99:81:da:8b:ff:04:f1:
d7:52:7c:43:5b:ba:5c:93:57:35:c7:40:8c:2b:40:ec:41:b0:
63:42:09:d9:e4:33:28:0a:47:46:e2:41:8e:95:54:5d:27:cb:
18:6b:cd:ba:b3:cd:eb:d1:c7:5b:03:af:7b:c7:5e:d9:3e:7e:
a4:7f:80:25:03:4c:90:0d:35:1b:7c:be:ed:e5:1c:37:e0:85:
45:e6:52:97:2c:f8:33:e5:6a:61:4b:99:24:c9:b7:b2:e1:aa:
60:17:c1:a6:08:88:b3:84:e1:6c:95:cf:55:7e:64:66:17:9c:
de:e5:61:f3:e7:d7:44:55:7d:08:dc:c0:e8:5e:54:01:57:11:
dc:4f:81:58
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP2YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMw
MjUyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE5NzlDMkUyQzY3QjhC
RTkxNzU4MkZCMzg2QUU2RUNCRTlEMjU3MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFFnhKQRhn8rdiRoyl40vposOLb27JqreiuaLfRxkDGSxBJwai
CuMUp7AWtkQ7gFOwp+pZbtwzuIjpCRFRBzgnhN9CzWr6dlJhIBMTnC871zUU0ggx
zxFNLzgyKXtouLAo7I6u9aAN+m+4iIyQvmyNUagwZ22RbmDc9/r3HYJlZeoe9/Nm
tOoB71J5egpBPI05sozQfwDTGXHjr3Z4v3DSxyA87sKzrHUDJY7Xvcp5yLQ/pXuz
oWaep0ANXOshAZBs3R3dqrHEztfn1gDpMB9pQ692Mh17I6gshZfJqtpgSjs5NUxe
/uDXhf8u4y86kJgtCGs8bie3IIwIw5LqCfKhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqXnC4sZ7i+kXWC+zhq5uy+nSVyMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3FYbkM0c1o3aS1rWFdD
LXpocTV1eS1uU1Z5TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEASOGTUbvj6GxCvP9n929hwIyQ5h0wxXbk
tBmnp44akb2ezbV64b7mt05jhn476aR7krCBZnjtXMZ/5Bpt9TsmNvJr8p/4vo18
kjj573mDzuxF05hBZ+6hsmAzMmrC3e1qbmSlKzBCvEu7LdYA81UnYXww1UqRM3+Z
gdqL/wTx11J8Q1u6XJNXNcdAjCtA7EGwY0IJ2eQzKApHRuJBjpVUXSfLGGvNurPN
69HHWwOve8de2T5+pH+AJQNMkA01G3y+7eUcN+CFReZSlyz4M+VqYUuZJMm3suGq
YBfBpgiIs4ThbJXPVX5kZhec3uVh8+fXRFV9CNzA6F5UAVcR3E+BWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:48 2024 by rpki-client on console-fra.rpki-client.org