Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rgECt0ExQWbO0oqz4t9KheDKTYQ.roa
File: rgECt0ExQWbO0oqz4t9KheDKTYQ.roa (raw, json)
Hash identifier: J0+Q6Zbnz/W0Sc+ge+/qJTZCyx2wv4Arh2KilVYSyJA=
Subject key identifier: AE:01:02:B7:41:31:41:66:CE:D2:8A:B3:E2:DF:4A:85:E0:CA:4D:84
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4346
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rgECt0ExQWbO0oqz4t9KheDKTYQ.roa
Signing time: Thu 18 Apr 2024 06:53:07 +0000
ROA not before: Thu 18 Apr 2024 06:53:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17222 (0x4346)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 06:53:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AE0102B741314166CED28AB3E2DF4A85E0CA4D84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:51:4c:41:f9:ac:04:73:ef:13:1c:1a:75:66:
c6:4d:44:56:dc:d7:3e:9b:b4:a8:4e:2f:b5:23:69:
6b:45:29:a4:75:00:d4:f7:04:36:47:49:f4:09:63:
11:e3:14:38:df:80:61:d2:79:8f:cd:e0:7d:8f:de:
e0:39:cd:da:00:8b:47:62:e2:08:94:62:19:ff:f1:
01:4c:09:6d:ee:a8:55:76:52:14:ad:00:ad:ae:a5:
fa:94:53:ef:d8:67:78:73:64:c5:07:ee:56:81:31:
0a:b6:4d:9d:4c:0d:e2:62:45:8d:32:59:18:33:99:
11:e2:41:61:dd:70:20:18:33:fd:bd:10:4f:70:4e:
59:63:70:58:cf:ba:8f:ad:ec:b6:df:8d:e7:23:02:
ba:c1:f7:c6:31:2d:70:87:b4:00:0d:4d:f1:65:4d:
28:8c:da:70:44:2b:63:9f:a4:bd:db:50:a4:ed:f5:
b4:63:cc:b6:ba:98:d0:c1:22:01:94:fd:16:04:cb:
4c:d6:c5:35:b3:92:e0:9e:ce:40:6f:25:f7:42:64:
da:9a:f1:11:14:0a:88:a6:4c:5f:16:38:08:61:7b:
73:06:73:74:b1:06:fb:58:ef:71:95:da:e6:c9:fc:
b4:f9:ed:2c:58:d1:05:2d:24:5d:b4:bc:cd:3e:0b:
0b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:01:02:B7:41:31:41:66:CE:D2:8A:B3:E2:DF:4A:85:E0:CA:4D:84
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rgECt0ExQWbO0oqz4t9KheDKTYQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:82:fb:2c:86:0c:30:c4:6f:f9:93:38:68:87:57:dc:f6:f2:
40:80:03:d9:2d:90:f7:78:8a:4b:5b:f9:b5:4e:6d:7b:42:cc:
9a:a6:00:ec:9c:0c:a8:6f:f7:d0:01:0a:7e:3f:e8:13:59:0c:
a6:fc:38:3e:b6:8e:2f:b1:ee:5e:dd:af:87:f1:57:9a:e6:b5:
b7:01:2d:22:73:63:d0:6e:56:f6:b5:01:e4:1c:4a:70:d8:c1:
73:74:ab:09:01:c1:1b:94:d0:dc:9e:e8:6d:77:de:26:60:45:
3a:47:6e:1d:64:b5:da:82:60:9e:a3:88:f8:b8:39:41:4a:8c:
2e:02:90:b4:4a:d4:90:ab:cf:e9:88:35:91:9f:a0:84:a7:1d:
32:4c:0a:0b:80:97:ce:e5:40:9c:28:21:0b:74:b1:f8:ed:ed:
81:f4:43:1a:96:9f:90:54:12:a9:81:50:82:e5:f9:fe:e4:a0:
10:96:d5:8a:55:60:a7:5a:bc:8e:ba:d9:79:86:66:6b:3f:a5:
66:98:6a:8e:87:c5:4b:b0:b6:be:43:e6:bc:bc:d3:52:df:4d:
1d:c6:62:77:98:5e:55:f1:4a:03:f8:36:6b:8e:c5:0d:0e:d9:
b6:10:ec:27:d8:d9:b4:47:3d:3d:0a:0f:4a:e0:5a:b9:7d:06:
50:aa:95:87
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgw
NjUzMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFFMDEwMkI3NDEzMTQx
NjZDRUQyOEFCM0UyREY0QTg1RTBDQTREODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJUUxB+awEc+8THBp1ZsZNRFbc1z6btKhOL7UjaWtFKaR1ANT3
BDZHSfQJYxHjFDjfgGHSeY/N4H2P3uA5zdoAi0di4giUYhn/8QFMCW3uqFV2UhSt
AK2upfqUU+/YZ3hzZMUH7laBMQq2TZ1MDeJiRY0yWRgzmRHiQWHdcCAYM/29EE9w
TlljcFjPuo+t7LbfjecjArrB98YxLXCHtAANTfFlTSiM2nBEK2OfpL3bUKTt9bRj
zLa6mNDBIgGU/RYEy0zWxTWzkuCezkBvJfdCZNqa8REUCoimTF8WOAhhe3MGc3Sx
BvtY73GV2ubJ/LT57SxY0QUtJF20vM0+CwsNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrgECt0ExQWbO0oqz4t9KheDKTYQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JnRUN0MEV4UVdiTzBv
cXo0dDlLaGVES1RZUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAboL7LIYMMMRv+ZM4aIdX3PbyQIAD2S2Q
93iKS1v5tU5te0LMmqYA7JwMqG/30AEKfj/oE1kMpvw4PraOL7HuXt2vh/FXmua1
twEtInNj0G5W9rUB5BxKcNjBc3SrCQHBG5TQ3J7obXfeJmBFOkduHWS12oJgnqOI
+Lg5QUqMLgKQtErUkKvP6Yg1kZ+ghKcdMkwKC4CXzuVAnCghC3Sx+O3tgfRDGpaf
kFQSqYFQguX5/uSgEJbVilVgp1q8jrrZeYZmaz+lZphqjofFS7C2vkPmvLzTUt9N
HcZid5heVfFKA/g2a47FDQ7ZthDsJ9jZtEc9PQoPSuBauX0GUKqVhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:50 2024 by rpki-client on console-fra.rpki-client.org