Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/uS3MsJ7_Xiw2ZGKFhTkK7sgCAd0.roa
File: uS3MsJ7_Xiw2ZGKFhTkK7sgCAd0.roa (raw, json)
Hash identifier: PqBXkwLe96Kjci7mP2OJyN9DABdmGoUCQNQDeqC/df0=
Subject key identifier: B9:2D:CC:B0:9E:FF:5E:2C:36:64:62:85:85:39:0A:EE:C8:02:01:DD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F32
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uS3MsJ7_Xiw2ZGKFhTkK7sgCAd0.roa
Signing time: Fri 12 Apr 2024 20:22:51 +0000
ROA not before: Fri 12 Apr 2024 20:22:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16178 (0x3f32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 20:22:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B92DCCB09EFF5E2C3664628585390AEEC80201DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b7:9f:5d:01:1e:f4:08:ad:2c:ac:ec:b7:f2:
00:aa:b2:22:0f:d7:da:18:70:b7:7f:9f:bf:b4:8a:
b8:44:51:0a:e8:ab:f0:ac:b7:75:bd:fd:67:ed:cd:
e4:69:4e:d8:61:42:d4:bb:b2:7f:ec:08:f4:76:55:
56:08:6f:30:e3:e3:35:e7:58:f5:f4:62:97:5e:ef:
52:05:c2:c8:05:64:b2:1f:6d:71:c7:96:f7:44:07:
79:a0:d8:e2:dc:5e:38:fa:0b:1b:fd:4e:e1:96:2c:
20:a8:11:81:a4:5b:69:3a:e0:c2:cc:7f:2f:91:14:
d8:6f:1f:29:33:95:3c:19:00:d9:a1:bb:0b:11:84:
9a:30:c4:b8:c6:e1:e4:eb:ff:df:67:12:b8:af:6a:
b4:f4:81:ab:d8:21:28:36:5e:1b:82:54:ae:a6:41:
fd:9c:58:8c:b1:52:67:7d:25:af:16:a8:16:c3:6f:
54:95:57:bc:c4:27:7c:18:a4:73:fd:d4:6c:52:d5:
cf:3c:fb:a4:3a:90:5f:4c:78:cd:44:82:dd:c6:6f:
af:53:ec:cc:d7:f5:28:61:0e:59:22:f2:2f:ff:03:
b3:79:88:44:0d:45:fb:e2:37:0b:49:99:27:97:b7:
96:4d:c1:a5:cd:b8:14:c5:fd:a6:b5:f5:15:b7:5f:
91:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2D:CC:B0:9E:FF:5E:2C:36:64:62:85:85:39:0A:EE:C8:02:01:DD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uS3MsJ7_Xiw2ZGKFhTkK7sgCAd0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:1d:61:ac:bb:88:68:48:1f:a7:ae:d4:21:39:99:5b:f0:e0:
a8:6a:40:90:e5:d6:ad:c2:20:da:57:c1:57:6d:d5:52:c9:18:
7f:39:d2:69:98:7c:e5:f6:fe:65:c4:8f:31:3e:0c:a8:53:96:
48:03:f2:85:11:b5:9b:6f:da:9d:7c:60:0f:a6:2d:be:cc:63:
04:cc:4c:d4:65:f8:2e:d9:3a:b9:5b:43:5d:57:76:12:11:6a:
44:95:dd:ab:3f:46:82:df:bd:18:9e:4a:6b:72:3e:f3:91:61:
1d:5a:c0:17:11:25:d3:3b:4d:1e:4b:40:19:43:55:38:f1:56:
30:f0:aa:f9:98:a0:06:3b:17:93:ab:45:76:49:1f:15:e3:36:
47:09:8d:9e:0a:a6:b9:8a:45:f1:c0:ac:2e:8b:f2:32:8a:1a:
75:d1:09:78:b3:4c:03:8d:74:b1:f2:b6:a7:13:0e:88:de:6f:
2c:e5:89:1a:74:f2:eb:cb:ab:06:c1:83:10:83:0a:b9:dc:2b:
ed:61:fe:a6:4d:00:e8:4a:9b:3b:96:bf:3a:69:8d:e6:88:0c:
92:6c:f7:ff:42:41:d7:4f:6d:21:ee:3b:4e:67:92:75:42:05:
bb:b5:ae:cf:a9:b2:91:87:8d:57:45:a0:57:de:d1:1a:8c:20:
71:06:a8:20
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPzIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIy
MDIyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI5MkRDQ0IwOUVGRjVF
MkMzNjY0NjI4NTg1MzkwQUVFQzgwMjAxREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCst59dAR70CK0srOy38gCqsiIP19oYcLd/n7+0irhEUQroq/Cs
t3W9/WftzeRpTthhQtS7sn/sCPR2VVYIbzDj4zXnWPX0Ypde71IFwsgFZLIfbXHH
lvdEB3mg2OLcXjj6Cxv9TuGWLCCoEYGkW2k64MLMfy+RFNhvHykzlTwZANmhuwsR
hJowxLjG4eTr/99nErivarT0gavYISg2XhuCVK6mQf2cWIyxUmd9Ja8WqBbDb1SV
V7zEJ3wYpHP91GxS1c88+6Q6kF9MeM1Egt3Gb69T7MzX9ShhDlki8i//A7N5iEQN
RfviNwtJmSeXt5ZNwaXNuBTF/aa19RW3X5ENAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUuS3MsJ7/Xiw2ZGKFhTkK7sgCAd0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3VTM01zSjdfWGl3MlpH
S0ZoVGtLN3NnQ0FkMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEATx1hrLuIaEgfp67UITmZW/DgqGpAkOXW
rcIg2lfBV23VUskYfznSaZh85fb+ZcSPMT4MqFOWSAPyhRG1m2/anXxgD6Ytvsxj
BMxM1GX4Ltk6uVtDXVd2EhFqRJXdqz9Ggt+9GJ5Ka3I+85FhHVrAFxEl0ztNHktA
GUNVOPFWMPCq+ZigBjsXk6tFdkkfFeM2RwmNngqmuYpF8cCsLovyMooaddEJeLNM
A410sfK2pxMOiN5vLOWJGnTy68urBsGDEIMKudwr7WH+pk0A6EqbO5a/OmmN5ogM
kmz3/0JB109tIe47TmeSdUIFu7Wuz6mykYeNV0WgV97RGowgcQaoIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:16 2024 by rpki-client on console-ams.rpki-client.org