Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tmRDbqiVD5whqDneR6q_HbylTmA.roa
File: tmRDbqiVD5whqDneR6q_HbylTmA.roa (raw, json)
Hash identifier: RUNPDz5P/OtVQ5hAv4JJHS+BwxTnSKMQXphRmihQE5M=
Subject key identifier: B6:64:43:6E:A8:95:0F:9C:21:A8:39:DE:47:AA:BF:1D:BC:A5:4E:60
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33A6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tmRDbqiVD5whqDneR6q_HbylTmA.roa
Signing time: Thu 28 Mar 2024 10:52:28 +0000
ROA not before: Thu 28 Mar 2024 10:52:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13222 (0x33a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 10:52:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B664436EA8950F9C21A839DE47AABF1DBCA54E60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3c:89:7a:2c:78:c0:ca:1d:ee:b6:95:8a:1b:
fc:ba:97:5e:14:f8:e0:1a:23:18:fa:96:97:cf:ab:
2c:20:4d:a9:fd:86:4a:0c:aa:a8:25:a5:26:63:e9:
6e:0e:22:20:04:33:0d:1e:7a:c6:24:d8:fe:8b:d4:
06:b1:2f:9c:a6:bb:dd:3d:d2:b8:f6:b8:61:09:a8:
21:c5:e6:37:02:f6:37:f3:83:e4:a0:a6:c2:75:7b:
86:34:85:bb:a0:08:7e:96:95:71:c0:d3:29:a4:4a:
6b:25:ce:06:74:b6:c8:de:79:9c:06:aa:03:03:a5:
dc:c1:95:dd:3d:2d:2d:dc:64:39:44:e8:c7:60:f9:
84:29:73:f0:47:9c:40:14:b3:af:49:18:07:fd:12:
d4:05:8c:4d:8a:d4:55:4c:9c:57:42:4f:1e:23:e8:
0c:bd:e9:16:27:ba:30:9b:b8:ac:a7:fd:ae:66:17:
6c:2c:03:89:e1:d8:c8:23:ed:78:47:d1:1a:ad:b3:
a9:a2:c5:46:cf:9e:6b:bc:88:ea:3b:70:7c:cf:0d:
35:45:44:f0:19:9d:29:a3:5c:f2:52:12:b7:1e:48:
4b:91:b0:fc:6a:08:e8:f5:2c:fc:c9:bf:77:76:09:
78:78:8e:a4:b4:98:09:d3:69:46:de:2d:6d:c8:ff:
6b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:64:43:6E:A8:95:0F:9C:21:A8:39:DE:47:AA:BF:1D:BC:A5:4E:60
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tmRDbqiVD5whqDneR6q_HbylTmA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
67:ec:57:16:23:39:6c:66:23:f0:c8:18:2e:52:b6:2e:84:9c:
73:33:52:79:bf:01:ee:e2:6e:fd:7a:0e:ce:1a:d3:4a:b4:60:
44:9b:c9:3c:6a:2b:5b:b6:6f:1e:06:21:37:49:54:58:18:71:
63:1e:6e:66:ea:92:4a:c2:96:ca:3e:bb:3c:be:8c:0a:1a:c9:
12:cc:25:41:3f:2e:35:18:9f:23:d3:59:41:e8:f4:4c:c6:f2:
32:da:16:c2:09:fb:13:50:ea:31:c8:3c:9b:f7:3d:d8:4c:3f:
ce:60:b0:0d:b9:e1:5b:8d:19:17:34:77:d9:32:f6:0f:14:4c:
bd:4f:bb:4d:95:b0:aa:2d:3f:56:dd:f9:78:fc:5d:25:b1:c0:
0c:0a:e4:03:8c:8f:a6:3a:88:c5:f0:76:dd:ad:0c:f9:43:df:
3d:8e:65:d0:4c:c6:e2:89:08:59:a9:08:25:a0:8d:3e:c3:d0:
ff:c1:cc:98:7f:c2:22:cc:45:25:27:09:b9:43:1b:59:f3:d8:
12:51:44:a0:9f:3a:55:45:39:84:76:ac:c2:0b:b1:87:b4:e5:
ec:d3:85:13:7e:65:ad:67:c6:3d:9d:f3:e5:c7:da:e9:62:b3:
3e:09:ee:ac:19:ad:c0:44:bb:55:24:ca:8a:3c:ec:02:46:25:
dd:32:8a:0a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICM6YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgx
MDUyMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI2NjQ0MzZFQTg5NTBG
OUMyMUE4MzlERTQ3QUFCRjFEQkNBNTRFNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIPIl6LHjAyh3utpWKG/y6l14U+OAaIxj6lpfPqywgTan9hkoM
qqglpSZj6W4OIiAEMw0eesYk2P6L1AaxL5ymu9090rj2uGEJqCHF5jcC9jfzg+Sg
psJ1e4Y0hbugCH6WlXHA0ymkSmslzgZ0tsjeeZwGqgMDpdzBld09LS3cZDlE6Mdg
+YQpc/BHnEAUs69JGAf9EtQFjE2K1FVMnFdCTx4j6Ay96RYnujCbuKyn/a5mF2ws
A4nh2Mgj7XhH0Rqts6mixUbPnmu8iOo7cHzPDTVFRPAZnSmjXPJSErceSEuRsPxq
COj1LPzJv3d2CXh4jqS0mAnTaUbeLW3I/2vPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUtmRDbqiVD5whqDneR6q/HbylTmAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RtUkRicWlWRDV3aHFE
bmVSNnFfSGJ5bFRtQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAZ+xXFiM5bGYj8MgYLlK2LoScczNSeb8B
7uJu/XoOzhrTSrRgRJvJPGorW7ZvHgYhN0lUWBhxYx5uZuqSSsKWyj67PL6MChrJ
EswlQT8uNRifI9NZQej0TMbyMtoWwgn7E1DqMcg8m/c92Ew/zmCwDbnhW40ZFzR3
2TL2DxRMvU+7TZWwqi0/Vt35ePxdJbHADArkA4yPpjqIxfB23a0M+UPfPY5l0EzG
4okIWakIJaCNPsPQ/8HMmH/CIsxFJScJuUMbWfPYElFEoJ86VUU5hHaswguxh7Tl
7NOFE35lrWfGPZ3z5cfa6WKzPgnurBmtwES7VSTKijzsAkYl3TKKCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:51 2024 by rpki-client on console-fra.rpki-client.org