Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tx4v9P-RPTksXNjIA8UUyt079bk.roa
File: tx4v9P-RPTksXNjIA8UUyt079bk.roa (raw, json)
Hash identifier: FISzLK8Ol49CdHIc25EKMev8EvdgOjrSZit+AM3W6wg=
Subject key identifier: B7:1E:2F:F4:FF:91:3D:39:2C:5C:D8:C8:03:C5:14:CA:DD:3B:F5:B9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 424A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tx4v9P-RPTksXNjIA8UUyt079bk.roa
Signing time: Tue 16 Apr 2024 23:22:56 +0000
ROA not before: Tue 16 Apr 2024 23:22:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16970 (0x424a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 23:22:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B71E2FF4FF913D392C5CD8C803C514CADD3BF5B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:45:70:f7:8e:01:d8:fc:79:bb:94:3e:b8:6c:
47:3b:6a:7c:ee:4b:73:e2:be:c5:f7:74:81:33:87:
4c:f8:60:dd:21:f2:c4:26:d7:49:58:c5:f7:d0:02:
f9:42:66:4d:21:14:6f:7f:93:cf:a3:1f:3f:eb:37:
90:af:77:a9:e6:e2:96:00:f4:cc:23:11:6e:52:4c:
16:bb:f1:3b:9f:9c:c9:b4:ad:62:56:d2:99:a2:9b:
26:57:7a:e5:26:86:3e:19:a3:26:db:ec:16:00:7f:
ff:cc:c5:c0:7b:53:19:47:e3:fd:57:0a:fc:89:d3:
b3:ea:50:68:1d:95:77:c7:51:88:ff:27:9a:49:79:
4c:a5:bb:d4:93:b1:68:cf:d6:4e:15:e9:8a:d0:22:
42:a8:36:43:85:8a:60:27:3d:c0:18:b7:6d:81:fe:
88:b4:b5:a5:91:68:83:9b:84:6c:d3:fa:9f:4b:26:
6f:72:cb:e5:a7:ab:c8:ec:e1:83:29:ac:e4:0d:14:
e1:19:e1:62:1c:a0:0a:1f:e1:b7:f5:5d:ea:19:2c:
41:04:5b:4c:a9:98:65:5a:4e:3a:ab:a5:1a:c0:a9:
a5:b8:27:d6:fc:65:61:9c:9e:6b:f9:ec:81:d3:58:
99:a5:8e:45:98:ee:fe:01:6b:32:77:71:d8:b9:50:
9c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1E:2F:F4:FF:91:3D:39:2C:5C:D8:C8:03:C5:14:CA:DD:3B:F5:B9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tx4v9P-RPTksXNjIA8UUyt079bk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b4:ca:d0:1e:02:ba:33:49:ca:84:7b:5c:91:6c:1e:03:e8:13:
e2:a7:04:ec:b4:59:94:55:98:a8:38:30:68:bf:27:c5:94:29:
62:f3:42:2b:b8:8e:3c:3a:72:84:da:56:13:4d:1c:b4:7c:07:
a0:f8:78:07:8c:0a:51:1f:e5:09:10:22:8d:89:83:38:17:aa:
d6:a6:0e:9f:13:65:a4:ff:57:f9:44:a9:d9:ae:c5:a5:7d:26:
9d:f2:ec:c2:66:0f:88:a1:a8:86:4a:c2:73:c1:2b:23:6f:e0:
55:ff:30:14:49:13:5e:a5:ad:fa:68:13:80:c3:53:98:d2:ba:
7b:04:59:cf:50:08:b5:65:87:a5:c0:78:84:db:64:73:70:5f:
0b:10:e3:57:e3:bf:c3:7c:a2:28:90:e0:2d:4b:e9:b6:34:81:
09:13:85:2a:ab:c6:b3:8d:fe:5d:38:4c:e0:b1:38:80:8b:90:
5d:dc:f5:c0:2c:f4:f1:25:d4:1b:a4:b0:01:1f:0e:c3:e0:ee:
96:fc:5d:ca:c9:47:87:48:e9:e1:42:c3:4a:1f:fd:99:8c:5a:
b9:99:21:7a:69:ac:57:16:84:3a:59:9b:2d:d5:2a:a8:e2:6f:
05:b1:bc:91:d6:be:f2:a4:30:1f:47:a9:04:47:f6:1d:58:4b:
48:85:c4:cd
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQkowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYy
MzIyNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI3MUUyRkY0RkY5MTNE
MzkyQzVDRDhDODAzQzUxNENBREQzQkY1QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoRXD3jgHY/Hm7lD64bEc7anzuS3PivsX3dIEzh0z4YN0h8sQm
10lYxffQAvlCZk0hFG9/k8+jHz/rN5Cvd6nm4pYA9MwjEW5STBa78TufnMm0rWJW
0pmimyZXeuUmhj4Zoybb7BYAf//MxcB7UxlH4/1XCvyJ07PqUGgdlXfHUYj/J5pJ
eUylu9STsWjP1k4V6YrQIkKoNkOFimAnPcAYt22B/oi0taWRaIObhGzT+p9LJm9y
y+Wnq8js4YMprOQNFOEZ4WIcoAof4bf1XeoZLEEEW0ypmGVaTjqrpRrAqaW4J9b8
ZWGcnmv57IHTWJmljkWY7v4BazJ3cdi5UJy5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUtx4v9P+RPTksXNjIA8UUyt079bkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3R4NHY5UC1SUFRrc1hO
aklBOFVVeXQwNzliay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAtMrQHgK6M0nKhHtckWweA+gT4qcE7LRZ
lFWYqDgwaL8nxZQpYvNCK7iOPDpyhNpWE00ctHwHoPh4B4wKUR/lCRAijYmDOBeq
1qYOnxNlpP9X+USp2a7FpX0mnfLswmYPiKGohkrCc8ErI2/gVf8wFEkTXqWt+mgT
gMNTmNK6ewRZz1AItWWHpcB4hNtkc3BfCxDjV+O/w3yiKJDgLUvptjSBCROFKqvG
s43+XThM4LE4gIuQXdz1wCz08SXUG6SwAR8Ow+DulvxdyslHh0jp4ULDSh/9mYxa
uZkhemmsVxaEOlmbLdUqqOJvBbG8kda+8qQwH0epBEf2HVhLSIXEzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:52 2024 by rpki-client on console-fra.rpki-client.org