Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/szhkmtTP6iDejNSep0VcevMe5Dc.roa
File: szhkmtTP6iDejNSep0VcevMe5Dc.roa (raw, json)
Hash identifier: RIBAqBiC6e/JzoNsn+M+9Q6LNzMDET9I7fq+e0kTNl4=
Subject key identifier: B3:38:64:9A:D4:CF:EA:20:DE:8C:D4:9E:A7:45:5C:7A:F3:1E:E4:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DD2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/szhkmtTP6iDejNSep0VcevMe5Dc.roa
Signing time: Thu 02 May 2024 08:23:46 +0000
ROA not before: Thu 02 May 2024 08:23:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19922 (0x4dd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 08:23:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B338649AD4CFEA20DE8CD49EA7455C7AF31EE437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:4b:34:46:70:71:81:8a:19:1f:7f:c8:2e:f2:
f8:18:d7:96:a4:f6:89:5d:06:3a:0b:d8:c6:72:21:
d9:f0:07:c1:8f:2c:f3:dc:8a:56:98:73:de:4c:ae:
fc:54:9f:3b:47:61:bf:d2:d5:a7:2c:95:5e:b3:58:
0e:4a:4f:30:53:46:50:f5:58:58:a4:fb:a0:e5:d6:
84:e1:9b:84:43:e0:2c:04:9e:e8:5c:a9:a9:5d:8f:
54:f6:c0:62:e8:e9:df:1d:e4:ae:83:53:5c:6e:bb:
66:a4:a6:e2:f4:e3:f2:9f:31:32:c1:55:dd:80:03:
27:9d:b7:f1:b9:c2:57:03:16:3a:a7:dc:ad:58:55:
fa:1e:6e:ad:cb:10:3b:8c:d4:ad:32:ed:e9:40:ed:
24:c5:29:9c:90:24:4c:e6:9e:84:c0:eb:13:cd:8a:
3d:29:19:52:53:81:41:e3:70:44:c4:5b:3f:83:d8:
a8:f3:71:3d:64:12:a8:13:89:b1:c7:78:8c:87:f4:
03:c5:1b:03:78:ff:f2:14:dd:8d:0e:5b:40:93:28:
93:31:bc:d3:e1:dd:d4:39:51:91:de:58:85:e6:88:
22:0f:71:7b:fc:45:48:47:fb:dc:eb:c4:73:1d:70:
29:d1:94:8e:1e:92:da:1a:4d:d8:ce:3e:08:63:47:
58:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:38:64:9A:D4:CF:EA:20:DE:8C:D4:9E:A7:45:5C:7A:F3:1E:E4:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/szhkmtTP6iDejNSep0VcevMe5Dc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:dd:88:f6:e4:f3:b7:6c:d3:de:b9:d9:f0:55:1f:7c:95:56:
c6:54:25:9d:56:7e:10:bc:60:c7:fb:cd:57:1e:52:62:21:ab:
8e:fd:2c:31:07:de:b3:61:81:d1:b3:02:35:b0:78:cd:92:f5:
a2:d2:64:0e:d6:d0:78:60:af:bb:d6:81:2e:bf:3b:07:96:78:
f4:c2:ea:38:77:cd:1e:55:ac:20:c3:ab:f3:b9:61:30:ed:db:
a3:5d:90:2c:b9:a8:5e:c1:c8:90:bb:46:0b:a5:18:dc:3d:f8:
cf:f4:04:b0:8f:64:e6:f5:b5:17:19:c7:38:33:89:44:01:54:
00:ff:b0:c0:19:c1:50:4b:7d:db:ed:c8:1a:7f:1a:35:34:0a:
03:8c:77:06:94:1e:68:9c:13:0c:c0:36:e4:77:cb:6c:78:5a:
9b:f8:e9:95:83:1c:a4:39:63:9b:af:48:18:03:f1:42:05:f3:
c4:f7:cd:36:62:91:33:dd:33:f0:1c:3e:e7:90:38:9c:7d:3a:
cd:44:d2:de:8e:f9:e3:23:a8:71:3f:35:58:3b:a8:4b:51:6b:
eb:c4:fe:18:cb:d5:e6:5a:a4:7e:de:38:47:5b:15:d2:99:25:
e6:18:67:7c:0e:50:5e:22:49:12:75:8d:27:51:21:5c:95:d6:
20:88:fb:14
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIw
ODIzNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIzMzg2NDlBRDRDRkVB
MjBERThDRDQ5RUE3NDU1QzdBRjMxRUU0MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtSzRGcHGBihkff8gu8vgY15ak9oldBjoL2MZyIdnwB8GPLPPc
ilaYc95MrvxUnztHYb/S1acslV6zWA5KTzBTRlD1WFik+6Dl1oThm4RD4CwEnuhc
qaldj1T2wGLo6d8d5K6DU1xuu2akpuL04/KfMTLBVd2AAyedt/G5wlcDFjqn3K1Y
Vfoebq3LEDuM1K0y7elA7STFKZyQJEzmnoTA6xPNij0pGVJTgUHjcETEWz+D2Kjz
cT1kEqgTibHHeIyH9APFGwN4//IU3Y0OW0CTKJMxvNPh3dQ5UZHeWIXmiCIPcXv8
RUhH+9zrxHMdcCnRlI4ektoaTdjOPghjR1i5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUszhkmtTP6iDejNSep0VcevMe5DcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3N6aGttdFRQNmlEZWpO
U2VwMFZjZXZNZTVEYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAMd2I9uTzt2zT3rnZ8FUffJVWxlQlnVZ+
ELxgx/vNVx5SYiGrjv0sMQfes2GB0bMCNbB4zZL1otJkDtbQeGCvu9aBLr87B5Z4
9MLqOHfNHlWsIMOr87lhMO3bo12QLLmoXsHIkLtGC6UY3D34z/QEsI9k5vW1FxnH
ODOJRAFUAP+wwBnBUEt92+3IGn8aNTQKA4x3BpQeaJwTDMA25HfLbHham/jplYMc
pDljm69IGAPxQgXzxPfNNmKRM90z8Bw+55A4nH06zUTS3o754yOocT81WDuoS1Fr
68T+GMvV5lqkft44R1sV0pkl5hhnfA5QXiJJEnWNJ1EhXJXWIIj7FA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:51 2024 by rpki-client on console-fra.rpki-client.org