Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rig3cTx_RLdGSxaLGGr0G-iLVCw.roa
File: rig3cTx_RLdGSxaLGGr0G-iLVCw.roa (raw, json)
Hash identifier: p4mIDv/QeJgbRTztaTfTnN5dp30QwESwVnZYQ5U8u5g=
Subject key identifier: AE:28:37:71:3C:7F:44:B7:46:4B:16:8B:18:6A:F4:1B:E8:8B:54:2C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FD6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rig3cTx_RLdGSxaLGGr0G-iLVCw.roa
Signing time: Sun 05 May 2024 00:54:00 +0000
ROA not before: Sun 05 May 2024 00:54:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20438 (0x4fd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 00:54:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AE2837713C7F44B7464B168B186AF41BE88B542C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:cb:ce:b7:83:d5:21:57:16:d0:a3:af:13:fd:
3a:1c:33:18:46:e1:65:9a:09:cc:dc:2b:2d:25:b5:
a2:dd:be:58:da:7b:f9:d5:a2:e1:c1:4e:36:f1:3d:
1e:65:af:b4:17:1c:9a:6e:45:64:a2:04:d1:5e:ed:
31:6a:32:e5:e2:58:5d:e4:e5:da:b0:7a:9e:c0:59:
cb:b6:13:2c:7c:3c:8e:2a:1e:35:db:4d:eb:5d:6c:
89:ec:1d:a3:59:91:82:bc:4d:4e:68:3d:5f:d7:bc:
03:72:ec:17:6a:de:0a:c5:22:47:35:c7:da:44:9a:
dd:e5:60:49:da:03:57:e5:c7:5c:17:30:35:09:48:
f7:f7:3c:8b:79:78:a8:e5:3d:37:d0:94:18:25:cf:
89:ac:c1:ad:27:e5:1b:38:35:a1:6b:e7:7c:cd:61:
9b:34:43:61:04:e3:07:9e:3f:03:c8:82:63:8b:40:
91:89:36:ec:5d:79:cd:64:ac:08:80:c9:a9:c1:66:
a6:1c:f9:3b:49:f1:0c:41:a9:f1:21:fb:67:bb:d4:
f3:06:ad:23:cd:04:93:63:ae:82:1f:6e:c5:1e:e2:
f3:86:10:e4:dc:1d:6b:00:3a:53:24:d8:8e:e2:da:
77:1a:d9:c2:e3:92:5b:ca:c8:9a:09:09:53:a5:8a:
5e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:28:37:71:3C:7F:44:B7:46:4B:16:8B:18:6A:F4:1B:E8:8B:54:2C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rig3cTx_RLdGSxaLGGr0G-iLVCw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:c9:44:70:3f:7b:ae:f1:7e:e3:96:a8:c5:8d:d9:a3:b0:e3:
54:b2:d3:58:2d:c5:77:dc:c7:ed:53:e0:6c:28:37:3a:50:ee:
76:3c:18:50:41:dc:43:db:c2:1f:d3:f8:02:67:99:dc:82:cc:
32:0a:45:7e:52:61:0e:9e:63:71:d8:a6:e2:77:f0:1d:fc:38:
86:61:ca:2b:6f:31:b0:99:f7:6c:1d:08:5d:3c:ef:a5:86:4d:
50:36:63:7f:81:7e:57:ab:27:4f:e5:48:bd:19:56:5f:88:0d:
bf:de:4d:a5:75:bc:d5:01:08:2e:82:bc:0c:97:b3:50:ab:3c:
ce:c4:24:81:4c:94:1f:f4:8e:d1:b6:a0:87:92:08:d4:41:2f:
f2:ff:08:4a:29:27:5d:ea:c6:40:ea:37:56:b2:b3:e8:90:1f:
de:10:cb:a3:ce:0e:48:6a:5c:91:04:e0:b4:c5:8b:ca:ea:55:
3b:af:0c:3b:03:e1:d9:41:ac:9e:d0:f2:16:7e:09:d0:37:81:
12:02:2e:00:cb:e4:5d:f7:36:ec:e0:cc:54:8c:4a:b3:5b:d2:
cd:6a:22:bf:9c:0b:45:b7:83:f0:69:4d:21:5f:17:3e:b2:f6:
82:db:e0:f7:f0:e9:28:01:1a:2b:e3:f0:62:3e:d5:4b:e6:e4:
f8:4e:c5:8c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICT9YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUw
MDU0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFFMjgzNzcxM0M3RjQ0
Qjc0NjRCMTY4QjE4NkFGNDFCRTg4QjU0MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjy863g9UhVxbQo68T/TocMxhG4WWaCczcKy0ltaLdvljae/nV
ouHBTjbxPR5lr7QXHJpuRWSiBNFe7TFqMuXiWF3k5dqwep7AWcu2Eyx8PI4qHjXb
TetdbInsHaNZkYK8TU5oPV/XvANy7Bdq3grFIkc1x9pEmt3lYEnaA1flx1wXMDUJ
SPf3PIt5eKjlPTfQlBglz4mswa0n5Rs4NaFr53zNYZs0Q2EE4weePwPIgmOLQJGJ
Nuxdec1krAiAyanBZqYc+TtJ8QxBqfEh+2e71PMGrSPNBJNjroIfbsUe4vOGEOTc
HWsAOlMk2I7i2nca2cLjklvKyJoJCVOlil7ZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrig3cTx/RLdGSxaLGGr0G+iLVCwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JpZzNjVHhfUkxkR1N4
YUxHR3IwRy1pTFZDdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAd8lEcD97rvF+45aoxY3Zo7DjVLLTWC3F
d9zH7VPgbCg3OlDudjwYUEHcQ9vCH9P4AmeZ3ILMMgpFflJhDp5jcdim4nfwHfw4
hmHKK28xsJn3bB0IXTzvpYZNUDZjf4F+V6snT+VIvRlWX4gNv95NpXW81QEILoK8
DJezUKs8zsQkgUyUH/SO0bagh5II1EEv8v8ISiknXerGQOo3VrKz6JAf3hDLo84O
SGpckQTgtMWLyupVO68MOwPh2UGsntDyFn4J0DeBEgIuAMvkXfc27ODMVIxKs1vS
zWoiv5wLRbeD8GlNIV8XPrL2gtvg9/DpKAEaK+PwYj7VS+bk+E7FjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:50 2024 by rpki-client on console-fra.rpki-client.org