Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vNO2XAkM5pVEBHhvCWYZ2dEBU8c.roa
File: vNO2XAkM5pVEBHhvCWYZ2dEBU8c.roa (raw, json)
Hash identifier: tjoyQFkNVlxrVtTvPRV/K+TZvvuOiZxhg5t2myngnCM=
Subject key identifier: BC:D3:B6:5C:09:0C:E6:95:44:04:78:6F:09:66:19:D9:D1:01:53:C7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FF2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vNO2XAkM5pVEBHhvCWYZ2dEBU8c.roa
Signing time: Sat 13 Apr 2024 20:23:23 +0000
ROA not before: Sat 13 Apr 2024 20:23:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16370 (0x3ff2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 20:23:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BCD3B65C090CE6954404786F096619D9D10153C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:00:25:e1:50:21:22:09:f6:58:ba:71:e4:a5:
34:68:ab:ad:bd:53:62:2c:1e:eb:7a:e8:54:c9:dc:
aa:b3:72:80:04:ff:64:0e:0a:94:dc:4e:5b:ce:6e:
ff:59:64:16:3f:3a:ce:c9:ac:24:7e:b7:e7:c4:b9:
02:db:be:33:8d:20:7b:51:76:2f:b5:7a:b2:cd:b7:
a7:33:04:e8:ec:2c:81:0d:31:23:6d:9e:46:db:01:
54:c5:fd:83:c4:79:c0:55:86:2f:44:b2:b9:f5:cb:
b3:a2:99:21:6a:78:90:84:6e:ba:33:f3:9d:cc:43:
fc:2e:f6:f4:2d:a7:2f:c1:92:c7:9d:f3:d3:d3:82:
e8:40:f6:74:e0:02:2e:4e:1f:c0:57:b5:4d:a1:cc:
31:db:8b:74:f5:8e:1a:5d:cd:3c:5d:fe:32:67:48:
dd:83:9e:ad:40:23:af:1b:9f:d6:f8:a7:02:dc:58:
8b:d0:69:c2:34:f2:50:16:01:51:e6:ec:1f:13:4c:
71:95:4c:ed:e0:ae:37:22:93:32:c7:32:18:5b:a6:
70:f8:ed:7d:5c:a5:37:05:52:67:94:b6:ad:f4:31:
9b:d4:f3:26:09:9d:ab:ba:a4:24:97:be:71:06:ef:
b1:2d:bc:34:0d:18:17:a6:35:92:7d:80:36:0d:3b:
9d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D3:B6:5C:09:0C:E6:95:44:04:78:6F:09:66:19:D9:D1:01:53:C7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vNO2XAkM5pVEBHhvCWYZ2dEBU8c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:1f:ad:05:6f:48:7e:e3:b9:4e:0b:ea:06:6c:99:eb:96:0e:
42:9a:16:70:ce:b0:04:f4:c3:05:89:d3:94:1d:b8:07:9a:fb:
c7:0f:28:b9:54:4c:6d:ae:41:cd:66:92:97:56:7f:7f:5a:f9:
d5:7a:27:76:ff:05:04:23:02:c0:f7:b8:f1:4f:06:c7:46:1e:
4d:44:a7:1f:72:b6:34:f2:0d:9e:10:2a:42:ff:06:97:43:fb:
eb:77:bc:79:1f:09:9d:06:4e:4d:53:29:42:a4:d6:22:ac:59:
26:e5:d8:8c:7d:aa:17:ec:46:a9:bc:e8:47:11:ca:c6:f1:1c:
f1:50:7f:08:a9:81:3c:89:97:a6:6c:9b:0d:4b:aa:e3:e4:6e:
bd:1b:b6:cd:77:b1:6b:e3:d8:bd:9c:23:a4:53:25:90:86:48:
84:ee:55:b7:a9:c3:67:ff:87:77:03:88:01:d6:ef:04:09:89:
1d:65:fd:6d:24:ce:af:28:9e:2a:00:1f:ab:23:9e:dd:20:f7:
6a:20:0f:93:56:48:7a:3b:25:c6:56:75:32:de:b0:d0:21:d8:
d8:f0:e7:20:48:6f:10:45:34:0a:aa:1b:13:0a:f8:23:a8:33:
07:e5:82:fc:4e:5f:40:23:cd:0e:a5:81:77:f1:92:b7:69:5c:
cc:ec:c7:28
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP/IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMy
MDIzMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJDRDNCNjVDMDkwQ0U2
OTU0NDA0Nzg2RjA5NjYxOUQ5RDEwMTUzQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgACXhUCEiCfZYunHkpTRoq629U2IsHut66FTJ3KqzcoAE/2QO
CpTcTlvObv9ZZBY/Os7JrCR+t+fEuQLbvjONIHtRdi+1erLNt6czBOjsLIENMSNt
nkbbAVTF/YPEecBVhi9Esrn1y7OimSFqeJCEbroz853MQ/wu9vQtpy/Bksed89PT
guhA9nTgAi5OH8BXtU2hzDHbi3T1jhpdzTxd/jJnSN2Dnq1AI68bn9b4pwLcWIvQ
acI08lAWAVHm7B8TTHGVTO3grjcikzLHMhhbpnD47X1cpTcFUmeUtq30MZvU8yYJ
nau6pCSXvnEG77EtvDQNGBemNZJ9gDYNO52bAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUvNO2XAkM5pVEBHhvCWYZ2dEBU8cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZOTzJYQWtNNXBWRUJI
aHZDV1laMmRFQlU4Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAmR+tBW9IfuO5TgvqBmyZ65YOQpoWcM6w
BPTDBYnTlB24B5r7xw8ouVRMba5BzWaSl1Z/f1r51Xondv8FBCMCwPe48U8Gx0Ye
TUSnH3K2NPINnhAqQv8Gl0P763e8eR8JnQZOTVMpQqTWIqxZJuXYjH2qF+xGqbzo
RxHKxvEc8VB/CKmBPImXpmybDUuq4+RuvRu2zXexa+PYvZwjpFMlkIZIhO5Vt6nD
Z/+HdwOIAdbvBAmJHWX9bSTOryieKgAfqyOe3SD3aiAPk1ZIejslxlZ1Mt6w0CHY
2PDnIEhvEEU0CqobEwr4I6gzB+WC/E5fQCPNDqWBd/GSt2lczOzHKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:53 2024 by rpki-client on console-fra.rpki-client.org