Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tmn2Y4TA6zb-loKDPE0DkLjIclE.roa
File: tmn2Y4TA6zb-loKDPE0DkLjIclE.roa (raw, json)
Hash identifier: 0proE2SkSz34XgcUI2b/SKncIlMaJfCn/73X+hvDNMs=
Subject key identifier: B6:69:F6:63:84:C0:EB:36:FE:96:82:83:3C:4D:03:90:B8:C8:72:51
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FE6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tmn2Y4TA6zb-loKDPE0DkLjIclE.roa
Signing time: Sat 13 Apr 2024 18:52:53 +0000
ROA not before: Sat 13 Apr 2024 18:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16358 (0x3fe6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 18:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B669F66384C0EB36FE9682833C4D0390B8C87251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:23:b0:9f:de:b7:98:66:9f:ac:f2:99:7a:06:
32:55:17:4f:73:25:c3:50:fd:0a:78:eb:57:85:12:
83:8d:24:11:a3:39:c4:08:a4:45:89:79:e3:6f:8e:
fc:b2:4a:c6:ba:66:d0:a1:e3:0f:cb:2a:c9:98:f3:
75:2d:ec:bb:9c:78:cf:3d:43:1f:ef:42:0e:89:46:
82:82:22:81:5c:9e:a9:c3:c4:1a:85:a7:2e:2f:80:
40:fe:be:67:4f:39:a5:39:8a:58:b6:28:7e:7d:a3:
fd:33:f5:9c:ac:5e:ab:b4:b4:22:b9:0a:2d:d9:9e:
91:85:bc:8f:47:e2:8b:2d:e6:37:05:4d:6d:e5:e7:
35:a5:93:47:a9:49:74:64:84:eb:8f:9c:15:db:29:
c1:a1:41:44:a7:d7:23:b8:4d:a9:f5:b3:ba:3a:11:
7f:63:35:6d:c8:96:52:d7:ec:6a:01:45:2f:2e:6c:
33:db:af:d9:b8:ae:97:74:bd:77:0b:9c:6a:44:75:
09:47:08:e0:18:52:cb:c0:99:b4:c8:95:ed:95:07:
e4:7d:c1:4e:ab:cd:e1:63:e1:f4:b8:0e:90:4b:8d:
9d:a5:ce:35:11:d8:a1:2f:6d:f5:64:ab:d7:a7:cb:
54:de:d8:6e:c7:51:0c:0e:cd:a8:73:96:e9:3f:a0:
bf:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:69:F6:63:84:C0:EB:36:FE:96:82:83:3C:4D:03:90:B8:C8:72:51
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tmn2Y4TA6zb-loKDPE0DkLjIclE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:f7:26:f3:ab:b4:73:82:2c:6a:d6:d3:20:2c:29:e6:d9:9c:
8d:0e:c0:c9:ba:ee:41:21:ab:6d:98:72:e3:f2:27:39:84:e5:
82:66:e9:6c:ae:15:cc:3b:6c:43:f8:5a:83:3e:5f:f0:04:38:
9a:26:dc:07:75:19:6f:06:b0:17:f6:3e:27:c4:62:2e:b7:5e:
11:6a:5c:6a:a0:73:78:f5:3d:14:d0:91:7b:72:72:2f:a3:6d:
ae:50:c3:3f:da:f1:a2:6f:2f:33:20:be:55:e2:a4:0d:c1:e8:
e7:fb:b9:e2:06:db:b7:aa:1a:b6:22:a7:51:d7:cb:2e:8a:4a:
09:85:a5:7b:fd:14:11:bc:98:6f:e1:87:12:35:18:88:58:99:
03:96:89:6d:56:75:3c:b9:a3:c3:6b:c3:a3:38:71:47:e0:0b:
f5:69:3d:53:e7:27:27:49:10:e0:24:50:df:06:5c:74:7e:1c:
71:76:c8:01:9c:db:60:5a:29:c4:58:ba:e0:40:76:3f:ce:03:
c7:cd:34:53:a0:13:bc:19:b1:0d:44:60:41:4b:36:3b:52:e6:
48:5d:0a:d7:97:b7:9c:a5:3d:3e:41:19:59:75:9b:ac:43:8d:
2e:95:d8:f7:3b:ec:3b:f8:8b:14:56:ed:ea:5f:94:ee:b7:e0:
c6:c8:22:8e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP+YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
ODUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI2NjlGNjYzODRDMEVC
MzZGRTk2ODI4MzNDNEQwMzkwQjhDODcyNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnI7Cf3reYZp+s8pl6BjJVF09zJcNQ/Qp461eFEoONJBGjOcQI
pEWJeeNvjvyySsa6ZtCh4w/LKsmY83Ut7LuceM89Qx/vQg6JRoKCIoFcnqnDxBqF
py4vgED+vmdPOaU5ili2KH59o/0z9ZysXqu0tCK5Ci3ZnpGFvI9H4ost5jcFTW3l
5zWlk0epSXRkhOuPnBXbKcGhQUSn1yO4Tan1s7o6EX9jNW3IllLX7GoBRS8ubDPb
r9m4rpd0vXcLnGpEdQlHCOAYUsvAmbTIle2VB+R9wU6rzeFj4fS4DpBLjZ2lzjUR
2KEvbfVkq9eny1Te2G7HUQwOzahzluk/oL/hAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUtmn2Y4TA6zb+loKDPE0DkLjIclEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RtbjJZNFRBNnpiLWxv
S0RQRTBEa0xqSWNsRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAWPcm86u0c4IsatbTICwp5tmcjQ7Aybru
QSGrbZhy4/InOYTlgmbpbK4VzDtsQ/hagz5f8AQ4mibcB3UZbwawF/Y+J8RiLrde
EWpcaqBzePU9FNCRe3JyL6NtrlDDP9rxom8vMyC+VeKkDcHo5/u54gbbt6oatiKn
UdfLLopKCYWle/0UEbyYb+GHEjUYiFiZA5aJbVZ1PLmjw2vDozhxR+AL9Wk9U+cn
J0kQ4CRQ3wZcdH4ccXbIAZzbYFopxFi64EB2P84Dx800U6ATvBmxDURgQUs2O1Lm
SF0K15e3nKU9PkEZWXWbrEONLpXY9zvsO/iLFFbt6l+U7rfgxsgijg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:52 2024 by rpki-client on console-fra.rpki-client.org