Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rIdzjKgl3OLLJtViPJr0cON6XmU.roa
File: rIdzjKgl3OLLJtViPJr0cON6XmU.roa (raw, json)
Hash identifier: zp1lCcRTVUSmprYHY5EvEEio15jkKzjIhYNlPrGyGPU=
Subject key identifier: AC:87:73:8C:A8:25:DC:E2:CB:26:D5:62:3C:9A:F4:70:E3:7A:5E:65
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 52E6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rIdzjKgl3OLLJtViPJr0cON6XmU.roa
Signing time: Thu 09 May 2024 02:53:56 +0000
ROA not before: Thu 09 May 2024 02:53:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21222 (0x52e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 02:53:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AC87738CA825DCE2CB26D5623C9AF470E37A5E65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bc:a3:94:61:6d:77:42:cc:13:db:e4:5c:5b:
79:5d:c0:50:4d:88:82:c4:a6:40:95:2b:ef:71:06:
cd:b3:46:9a:42:47:5f:9b:22:42:61:13:c1:d1:f1:
bd:0c:99:af:b1:08:24:8c:9f:fd:c2:11:c7:f4:c2:
d3:b9:c3:2f:91:de:8c:3a:ef:62:d1:77:e9:b5:29:
fc:0c:f9:a2:b5:63:ff:14:41:3a:ac:89:96:0f:ff:
93:a0:31:4c:96:7f:f5:a3:b1:41:d8:65:9b:5a:85:
4e:61:6f:ca:7f:2e:b7:d6:26:b0:75:f5:dd:50:4a:
7c:90:69:ba:d9:ae:2f:79:83:48:ed:48:49:28:ce:
82:54:d8:eb:af:f9:c0:2c:21:aa:bd:81:2f:39:47:
56:bc:32:9d:f2:a6:00:7a:00:c3:f1:fc:65:e6:86:
43:80:ef:ee:b4:fc:a1:73:4f:da:43:e8:aa:c6:02:
22:57:38:60:77:e6:17:bb:74:d9:ff:53:04:e9:98:
4a:72:a7:8b:4d:3f:ab:82:8f:2e:0d:ce:34:74:63:
a5:4c:e5:00:45:68:c4:bb:a9:b8:be:f5:97:40:49:
8e:37:d4:5d:86:c1:a5:ba:1f:5e:69:97:c6:0d:de:
35:a8:35:a6:31:06:99:ea:f1:5b:12:e2:bf:89:01:
f5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:87:73:8C:A8:25:DC:E2:CB:26:D5:62:3C:9A:F4:70:E3:7A:5E:65
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rIdzjKgl3OLLJtViPJr0cON6XmU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
14:e4:0b:ef:57:5e:89:52:89:f2:fd:37:b2:c0:2d:cf:16:23:
b6:55:00:7d:0f:4a:52:67:b7:ed:47:09:d1:12:48:29:58:b1:
39:70:3c:a2:52:9f:b9:af:6f:96:12:c0:10:48:00:7a:9d:25:
9a:af:1e:42:ba:1a:aa:15:70:e7:59:bf:2f:7e:05:76:3a:88:
c7:f8:b8:8c:ca:97:c1:cf:ad:4e:4c:48:f4:d8:92:6a:8f:74:
a4:49:bb:9c:5a:90:80:e3:5a:6e:ee:56:a0:ff:97:fa:f3:4c:
64:40:04:7c:15:10:e0:3a:d7:3e:95:3a:a6:e7:7c:48:09:17:
21:b5:b3:e0:30:3d:3d:da:f8:98:08:22:a3:73:96:1e:0d:2a:
f2:cb:0e:8c:e3:fc:0c:15:3b:45:ab:d5:29:55:e6:dd:6d:57:
0c:d7:40:82:be:37:b8:72:09:fe:d7:7f:56:ad:e6:f8:11:09:
c5:36:26:08:52:e4:dc:9e:ca:7d:4b:cf:fa:60:12:9a:63:d9:
09:34:f5:80:2b:40:07:95:19:38:65:a6:47:14:43:ef:45:46:
ce:ba:90:30:44:69:b5:a5:36:4e:d1:cb:94:14:ab:a6:c5:df:
5a:cd:26:14:42:04:f5:e6:a4:f2:ec:bd:1e:e2:e6:9e:da:96:
25:41:7a:4a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUuYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkw
MjUzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFDODc3MzhDQTgyNURD
RTJDQjI2RDU2MjNDOUFGNDcwRTM3QTVFNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/vKOUYW13QswT2+RcW3ldwFBNiILEpkCVK+9xBs2zRppCR1+b
IkJhE8HR8b0Mma+xCCSMn/3CEcf0wtO5wy+R3ow672LRd+m1KfwM+aK1Y/8UQTqs
iZYP/5OgMUyWf/WjsUHYZZtahU5hb8p/LrfWJrB19d1QSnyQabrZri95g0jtSEko
zoJU2Ouv+cAsIaq9gS85R1a8Mp3ypgB6AMPx/GXmhkOA7+60/KFzT9pD6KrGAiJX
OGB35he7dNn/UwTpmEpyp4tNP6uCjy4NzjR0Y6VM5QBFaMS7qbi+9ZdASY431F2G
waW6H15pl8YN3jWoNaYxBpnq8VsS4r+JAfVpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrIdzjKgl3OLLJtViPJr0cON6XmUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JJZHpqS2dsM09MTEp0
VmlQSnIwY09ONlhtVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAFOQL71deiVKJ8v03ssAtzxYjtlUAfQ9K
Ume37UcJ0RJIKVixOXA8olKfua9vlhLAEEgAep0lmq8eQroaqhVw51m/L34FdjqI
x/i4jMqXwc+tTkxI9NiSao90pEm7nFqQgONabu5WoP+X+vNMZEAEfBUQ4DrXPpU6
pud8SAkXIbWz4DA9Pdr4mAgio3OWHg0q8ssOjOP8DBU7RavVKVXm3W1XDNdAgr43
uHIJ/td/Vq3m+BEJxTYmCFLk3J7KfUvP+mASmmPZCTT1gCtAB5UZOGWmRxRD70VG
zrqQMERptaU2TtHLlBSrpsXfWs0mFEIE9eak8uy9HuLmntqWJUF6Sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:13 2024 by rpki-client on console-ams.rpki-client.org