Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rVObfIxoR3gdVR5jGwLBTYByulQ.roa
File: rVObfIxoR3gdVR5jGwLBTYByulQ.roa (raw, json)
Hash identifier: rwnYdyfEMufp+s7vwqyobDoEwFZlswj70CL11XT9i4M=
Subject key identifier: AD:53:9B:7C:8C:68:47:78:1D:55:1E:63:1B:02:C1:4D:80:72:BA:54
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3336
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rVObfIxoR3gdVR5jGwLBTYByulQ.roa
Signing time: Wed 27 Mar 2024 20:52:01 +0000
ROA not before: Wed 27 Mar 2024 20:52:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13110 (0x3336)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 20:52:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AD539B7C8C6847781D551E631B02C14D8072BA54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d2:1e:4b:98:0f:f8:18:aa:e9:a5:b3:20:c7:
75:b0:0a:8c:a7:64:51:86:51:de:da:9f:54:7f:f5:
49:68:50:5b:50:c3:7a:3e:34:1b:a9:71:48:6c:e4:
70:9e:c7:07:b2:09:e2:ba:8b:5d:c7:91:74:7b:be:
da:38:ac:0b:5b:e3:c3:87:b1:1e:b9:d9:1c:8b:01:
94:78:11:b9:7f:af:cf:9b:91:88:4b:bb:7c:b0:01:
a1:a1:dc:5d:92:49:3c:3a:9c:df:5a:94:d0:ce:cd:
44:a1:45:b0:2a:25:37:da:4b:8e:fa:5d:20:1b:71:
30:bf:c1:9a:d4:2c:ec:e5:d8:69:2f:5c:2f:54:2f:
bb:3a:6e:51:da:c0:83:ad:0d:21:56:1a:32:a4:c5:
9b:81:31:b4:f5:92:4c:96:81:9e:27:a2:39:36:68:
1e:39:85:7c:93:86:6d:bb:42:a6:71:12:b9:b2:a9:
07:34:19:8d:83:07:3c:8f:5a:76:67:d2:55:c5:63:
6c:70:1e:ee:d3:4c:7f:95:cf:c2:cf:16:f8:cc:18:
a7:13:2a:55:e3:ff:9a:8c:5b:b3:5b:a9:a3:b9:72:
24:8e:c6:00:50:50:13:43:78:18:e0:c0:b1:12:74:
da:42:51:63:e1:49:fe:be:58:4b:d7:80:ec:b3:cf:
25:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:53:9B:7C:8C:68:47:78:1D:55:1E:63:1B:02:C1:4D:80:72:BA:54
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rVObfIxoR3gdVR5jGwLBTYByulQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:6e:86:b8:46:f0:e2:5c:ee:77:b2:0f:d0:ca:6d:d5:31:15:
48:91:de:e7:5d:4f:1c:8c:39:f2:67:68:5c:f8:8f:d2:68:98:
94:52:a8:1c:2c:e8:e3:71:24:5b:49:91:0f:7d:42:97:e1:a4:
9e:c4:e8:d9:de:9e:f0:09:45:ea:0d:e1:6b:a3:6d:9d:af:e2:
0e:9f:58:eb:03:6b:46:b8:4d:88:55:1e:df:81:e3:98:39:a9:
5e:7c:19:ce:07:2c:0b:00:d6:8b:95:df:fa:9c:07:9f:67:ab:
49:21:8f:6f:dd:28:d1:3e:45:84:7d:a5:28:cd:36:b7:e0:42:
05:1d:b7:79:23:82:a3:81:e3:51:27:5f:80:33:cc:46:77:ba:
46:af:6d:bb:f5:61:cf:e9:09:83:61:3b:7d:e2:8e:54:72:9d:
eb:3b:b6:90:2f:ab:60:81:9d:30:76:cd:0a:0e:3f:62:39:69:
76:2c:f6:80:6e:0c:00:3c:fb:fb:bb:1b:4b:cd:dc:50:12:e1:
9f:f6:83:88:6c:8e:35:4a:33:0a:2b:16:40:29:00:84:13:02:
74:a6:7f:1b:cf:5e:55:80:ef:c1:69:11:e4:95:b6:b0:ec:97:
3b:3d:ea:5a:7d:d9:fd:a7:86:43:b0:ef:1d:6c:16:f1:30:73:
c0:72:ac:0c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICMzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcy
MDUyMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFENTM5QjdDOEM2ODQ3
NzgxRDU1MUU2MzFCMDJDMTREODA3MkJBNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDi0h5LmA/4GKrppbMgx3WwCoynZFGGUd7an1R/9UloUFtQw3o+
NBupcUhs5HCexweyCeK6i13HkXR7vto4rAtb48OHsR652RyLAZR4Ebl/r8+bkYhL
u3ywAaGh3F2SSTw6nN9alNDOzUShRbAqJTfaS476XSAbcTC/wZrULOzl2GkvXC9U
L7s6blHawIOtDSFWGjKkxZuBMbT1kkyWgZ4nojk2aB45hXyThm27QqZxErmyqQc0
GY2DBzyPWnZn0lXFY2xwHu7TTH+Vz8LPFvjMGKcTKlXj/5qMW7NbqaO5ciSOxgBQ
UBNDeBjgwLESdNpCUWPhSf6+WEvXgOyzzyW7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrVObfIxoR3gdVR5jGwLBTYByulQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JWT2JmSXhvUjNnZFZS
NWpHd0xCVFlCeXVsUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAqW6GuEbw4lzud7IP0Mpt1TEVSJHe511P
HIw58mdoXPiP0miYlFKoHCzo43EkW0mRD31Cl+GknsTo2d6e8AlF6g3ha6Ntna/i
Dp9Y6wNrRrhNiFUe34HjmDmpXnwZzgcsCwDWi5Xf+pwHn2erSSGPb90o0T5FhH2l
KM02t+BCBR23eSOCo4HjUSdfgDPMRne6Rq9tu/Vhz+kJg2E7feKOVHKd6zu2kC+r
YIGdMHbNCg4/Yjlpdiz2gG4MADz7+7sbS83cUBLhn/aDiGyONUozCisWQCkAhBMC
dKZ/G89eVYDvwWkR5JW2sOyXOz3qWn3Z/aeGQ7DvHWwW8TBzwHKsDA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:49 2024 by rpki-client on console-fra.rpki-client.org