Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/t4DNLrQu-YNcW484F5N0xP5qYds.roa
File: t4DNLrQu-YNcW484F5N0xP5qYds.roa (raw, json)
Hash identifier: vjPPR46+qiHMu9YBS1kAKisvU+fkkwZuzqxB2avDxec=
Subject key identifier: B7:80:CD:2E:B4:2E:F9:83:5C:5B:8F:38:17:93:74:C4:FE:6A:61:DB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F62
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/t4DNLrQu-YNcW484F5N0xP5qYds.roa
Signing time: Sat 04 May 2024 10:23:48 +0000
ROA not before: Sat 04 May 2024 10:23:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20322 (0x4f62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 10:23:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B780CD2EB42EF9835C5B8F38179374C4FE6A61DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:12:02:f0:02:4b:57:47:1c:c6:ed:de:4c:e6:
33:ea:b6:9c:13:15:7d:65:ee:a0:c4:71:3e:f7:a2:
a0:b1:8e:bc:1f:ca:a8:a9:56:57:35:97:50:a1:dc:
d2:0e:6d:45:2a:73:d3:28:12:58:ad:f5:97:10:c6:
02:45:3b:f5:52:f7:e1:4e:4c:39:37:87:c6:86:e6:
10:d6:d3:eb:99:75:39:a9:6d:4e:dd:85:80:be:38:
99:0f:1d:2a:1c:9d:28:f9:e4:c4:4d:5c:e2:92:8d:
16:51:92:b5:50:21:3d:a5:b8:d3:11:2f:60:f1:b1:
40:6b:f6:c5:c5:2d:b5:2d:d0:93:b3:df:70:c8:e8:
24:53:17:ce:99:69:ad:10:e0:b4:85:ad:a8:5b:74:
5a:c0:91:5d:5c:9e:c5:e2:99:52:6d:c5:2a:1a:7e:
94:23:b6:74:26:45:76:3c:05:dc:62:aa:9f:f6:cf:
57:71:f2:8b:8c:2a:96:33:d5:e7:07:4d:c0:5c:e1:
6b:f2:84:b6:56:c1:6f:3a:24:05:54:d4:43:4c:e7:
00:15:91:7a:64:b2:ab:29:ad:a8:f2:8b:55:34:00:
e2:50:f7:95:d5:a5:23:c4:1d:15:c3:37:fd:8b:9a:
98:72:64:e8:f8:ce:cd:4b:0e:04:12:71:60:a8:f8:
aa:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:80:CD:2E:B4:2E:F9:83:5C:5B:8F:38:17:93:74:C4:FE:6A:61:DB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/t4DNLrQu-YNcW484F5N0xP5qYds.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:a2:8d:2b:65:fd:47:a1:54:d4:4c:1d:c1:41:19:1c:28:5b:
c5:88:4b:b1:75:02:38:97:73:e6:c2:f2:b5:42:bd:56:63:7c:
f0:c3:a9:3a:70:6d:ed:c9:6b:0d:a6:c7:55:29:ba:43:07:4b:
2a:6d:da:6c:a6:63:d3:9a:30:3b:8a:a1:2b:cd:16:64:b0:16:
2d:23:ed:65:a6:c3:a5:d9:b4:ba:22:68:93:5e:6d:bb:49:c2:
88:cf:09:f7:9a:f9:c9:e6:43:23:95:3b:93:e2:16:a6:86:96:
9d:8b:ff:f7:5e:42:19:3c:b2:a7:ef:1c:6f:1b:6e:26:6e:35:
d1:dc:93:02:a0:8a:3e:20:30:ad:ae:c6:64:00:8e:a8:ad:30:
e9:18:4c:2d:1d:bc:e6:d8:cf:7a:28:4d:a0:a7:4b:25:ef:23:
8d:18:be:26:f0:68:ea:95:9b:22:1b:2b:9c:03:db:74:cb:c3:
f3:e3:a4:d4:a4:14:d0:69:29:58:51:99:e7:00:e5:c3:35:a3:
6e:83:01:58:ee:d9:5c:82:78:e9:bf:d8:17:6d:9b:c1:a8:7d:
4e:6a:80:11:8d:5b:f3:dc:b6:e5:2d:ce:cc:98:b6:e4:44:f6:
ce:49:c7:58:88:86:56:d5:d6:04:d9:a3:d7:79:d0:f1:28:c6:
45:e9:6e:29
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICT2IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQx
MDIzNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI3ODBDRDJFQjQyRUY5
ODM1QzVCOEYzODE3OTM3NEM0RkU2QTYxREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPEgLwAktXRxzG7d5M5jPqtpwTFX1l7qDEcT73oqCxjrwfyqip
Vlc1l1Ch3NIObUUqc9MoElit9ZcQxgJFO/VS9+FOTDk3h8aG5hDW0+uZdTmpbU7d
hYC+OJkPHSocnSj55MRNXOKSjRZRkrVQIT2luNMRL2DxsUBr9sXFLbUt0JOz33DI
6CRTF86Zaa0Q4LSFrahbdFrAkV1cnsXimVJtxSoafpQjtnQmRXY8Bdxiqp/2z1dx
8ouMKpYz1ecHTcBc4WvyhLZWwW86JAVU1ENM5wAVkXpksqsprajyi1U0AOJQ95XV
pSPEHRXDN/2LmphyZOj4zs1LDgQScWCo+Ko9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUt4DNLrQu+YNcW484F5N0xP5qYdswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3Q0RE5MclF1LVlOY1c0
ODRGNU4weFA1cVlkcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAA6KNK2X9R6FU1EwdwUEZHChbxYhLsXUC
OJdz5sLytUK9VmN88MOpOnBt7clrDabHVSm6QwdLKm3abKZj05owO4qhK80WZLAW
LSPtZabDpdm0uiJok15tu0nCiM8J95r5yeZDI5U7k+IWpoaWnYv/915CGTyyp+8c
bxtuJm410dyTAqCKPiAwra7GZACOqK0w6RhMLR285tjPeihNoKdLJe8jjRi+JvBo
6pWbIhsrnAPbdMvD8+Ok1KQU0GkpWFGZ5wDlwzWjboMBWO7ZXIJ46b/YF22bwah9
TmqAEY1b89y25S3OzJi25ET2zknHWIiGVtXWBNmj13nQ8SjGReluKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:15 2024 by rpki-client on console-ams.rpki-client.org