Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vNQBykkFitog21Row690FttTseA.roa
File: vNQBykkFitog21Row690FttTseA.roa (raw, json)
Hash identifier: ey0U+FjCr0ByOc4v32jUpVCpzgAxfJCTKBppWcDHNKg=
Subject key identifier: BC:D4:01:CA:49:05:8A:DA:20:DB:54:68:C3:AF:74:16:DB:53:B1:E0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3986
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vNQBykkFitog21Row690FttTseA.roa
Signing time: Fri 05 Apr 2024 06:52:30 +0000
ROA not before: Fri 05 Apr 2024 06:52:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14726 (0x3986)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 06:52:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BCD401CA49058ADA20DB5468C3AF7416DB53B1E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e7:8f:f3:44:2e:06:ca:79:7f:61:70:c0:a2:
c8:c8:80:bc:23:ab:12:8d:4b:43:c0:4f:2f:d5:3f:
a6:44:69:76:e4:87:84:e4:ca:b0:95:74:37:14:fc:
52:71:11:16:76:ec:de:d8:db:6b:96:fd:c3:ad:aa:
dd:90:ee:a7:1c:da:04:ea:3a:66:90:21:a6:fb:74:
ec:ae:33:fc:40:c0:b7:95:24:44:03:5b:f8:df:bc:
46:f6:b1:a4:7e:82:80:6b:a8:d2:27:86:02:fa:5c:
b9:ed:ce:99:7e:0a:26:1f:c7:c1:8c:6c:18:f6:62:
c8:56:ce:67:7b:7d:9e:47:10:5a:1d:d0:86:04:e4:
8d:fe:12:06:f8:99:9a:d2:67:18:40:b6:5f:5b:81:
df:2f:66:2c:11:30:84:4b:2d:e7:12:46:03:c8:65:
f9:f2:6e:1e:f7:e2:03:da:89:a2:3c:92:eb:6a:ec:
ba:4a:20:b8:14:2f:23:87:36:2c:ca:78:44:cb:32:
46:85:db:40:25:7e:05:7c:b0:c7:aa:d4:34:10:ad:
4e:06:bb:b6:4b:c5:cb:c1:cf:ea:55:63:2f:aa:72:
16:c2:64:bf:cc:86:43:b0:ef:04:5f:a5:24:6d:38:
a8:c7:03:38:dd:b7:d9:0a:43:fe:8a:75:87:ab:6f:
52:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D4:01:CA:49:05:8A:DA:20:DB:54:68:C3:AF:74:16:DB:53:B1:E0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vNQBykkFitog21Row690FttTseA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:5c:1d:81:83:d8:d3:e0:0d:d3:6f:b1:40:83:02:b5:ad:62:
e7:ce:a3:12:91:d7:48:88:d3:11:d4:23:ee:f5:17:be:33:27:
43:22:11:5c:9a:f2:46:2f:ef:31:d7:d0:54:87:dd:4a:61:17:
47:4b:cc:fd:3e:86:27:30:d0:72:f2:61:db:62:55:46:b3:82:
0d:50:8c:2e:52:85:70:f2:34:86:d0:19:c8:85:27:42:56:bb:
84:0d:98:2b:4b:ee:ad:a6:c1:15:b7:bf:71:71:5c:bd:9f:4d:
ec:ad:e0:53:9e:6b:99:be:95:32:5d:b9:fa:5b:67:e9:c6:ce:
a3:19:b8:81:3d:76:d1:3e:89:99:36:9c:06:4a:d3:25:9e:91:
b7:f1:f9:b6:4d:ab:42:d5:2c:07:6c:b7:39:3d:5a:35:e2:dc:
d9:08:5c:6f:a6:cb:1f:35:6d:4d:4f:ad:30:eb:d8:fa:bf:de:
1c:99:2c:87:59:ff:76:0d:2f:5a:89:de:fa:88:6b:b3:4d:89:
71:3b:25:44:18:bc:36:7a:be:e5:95:01:34:16:47:0b:a9:bf:
d2:2a:b8:55:65:cd:dd:45:8a:a1:c1:29:51:ce:98:a1:fc:26:
e5:b1:92:c4:48:57:ed:b8:31:34:03:85:fa:1c:28:fb:f2:c9:
90:48:a0:b0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOYYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
NjUyMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJDRDQwMUNBNDkwNThB
REEyMERCNTQ2OEMzQUY3NDE2REI1M0IxRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/54/zRC4Gynl/YXDAosjIgLwjqxKNS0PATy/VP6ZEaXbkh4Tk
yrCVdDcU/FJxERZ27N7Y22uW/cOtqt2Q7qcc2gTqOmaQIab7dOyuM/xAwLeVJEQD
W/jfvEb2saR+goBrqNInhgL6XLntzpl+CiYfx8GMbBj2YshWzmd7fZ5HEFod0IYE
5I3+Egb4mZrSZxhAtl9bgd8vZiwRMIRLLecSRgPIZfnybh734gPaiaI8kutq7LpK
ILgULyOHNizKeETLMkaF20AlfgV8sMeq1DQQrU4Gu7ZLxcvBz+pVYy+qchbCZL/M
hkOw7wRfpSRtOKjHAzjdt9kKQ/6KdYerb1LjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUvNQBykkFitog21Row690FttTseAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZOUUJ5a2tGaXRvZzIx
Um93NjkwRnR0VHNlQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAalwdgYPY0+AN02+xQIMCta1i586jEpHX
SIjTEdQj7vUXvjMnQyIRXJryRi/vMdfQVIfdSmEXR0vM/T6GJzDQcvJh22JVRrOC
DVCMLlKFcPI0htAZyIUnQla7hA2YK0vurabBFbe/cXFcvZ9N7K3gU55rmb6VMl25
+ltn6cbOoxm4gT120T6JmTacBkrTJZ6Rt/H5tk2rQtUsB2y3OT1aNeLc2Qhcb6bL
HzVtTU+tMOvY+r/eHJksh1n/dg0vWone+ohrs02JcTslRBi8Nnq+5ZUBNBZHC6m/
0iq4VWXN3UWKocEpUc6Yofwm5bGSxEhX7bgxNAOF+hwo+/LJkEigsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:53 2024 by rpki-client on console-fra.rpki-client.org