Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vzd9FnCd2aDgxOvAHat3ulOotgY.roa
File: vzd9FnCd2aDgxOvAHat3ulOotgY.roa (raw, json)
Hash identifier: w2eSm4uUsIxFrYsxLDwFtMjGgOCjraYA8EfyxpPUyG0=
Subject key identifier: BF:37:7D:16:70:9D:D9:A0:E0:C4:EB:C0:1D:AB:77:BA:53:A8:B6:06
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D96
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vzd9FnCd2aDgxOvAHat3ulOotgY.roa
Signing time: Wed 10 Apr 2024 16:52:43 +0000
ROA not before: Wed 10 Apr 2024 16:52:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15766 (0x3d96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 16:52:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BF377D16709DD9A0E0C4EBC01DAB77BA53A8B606
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e6:33:9b:94:2b:cd:f6:02:82:5d:70:ca:af:
a2:be:e9:cd:ba:27:44:09:e6:51:f5:fd:c9:89:20:
17:b7:51:19:6a:3f:c4:8e:94:13:fe:45:3a:98:9b:
5d:95:ef:1a:d3:75:3c:04:0a:9e:4f:2a:29:ce:ad:
83:3d:b7:64:60:e6:f9:9b:14:66:09:eb:b3:6f:4b:
a3:50:d2:4e:f4:61:74:3f:50:f7:9a:a1:1a:db:5a:
a5:bb:17:72:d2:5c:c4:fa:d2:05:16:a0:0e:f4:4c:
f4:34:50:53:d4:ec:f2:4c:21:b3:dc:b2:05:c8:c5:
c9:93:ce:d8:56:8b:03:67:94:59:d6:94:ca:21:fd:
96:bb:d7:c3:ac:d4:64:8f:71:bd:01:d1:e1:71:6f:
35:45:fd:62:b4:27:b3:e0:c0:c6:45:cf:f8:60:f7:
a7:6e:7c:43:cc:48:8a:4e:1f:dc:07:8e:78:68:65:
3f:21:66:5a:fc:dc:82:07:dc:1a:1f:65:e5:99:f7:
41:87:3c:32:99:0b:f2:0a:05:9d:da:e0:ae:aa:92:
86:ba:d2:09:13:c4:24:de:8d:78:60:57:27:d9:5e:
e2:c3:26:8a:79:fe:1c:32:5b:83:c5:ce:64:79:62:
c9:2d:1d:84:f6:32:01:00:0c:5f:bf:16:d3:d9:ff:
b6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:37:7D:16:70:9D:D9:A0:E0:C4:EB:C0:1D:AB:77:BA:53:A8:B6:06
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vzd9FnCd2aDgxOvAHat3ulOotgY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:e7:f8:5a:d5:23:32:67:28:1d:31:21:28:1f:1c:1e:26:58:
ca:64:ee:f5:99:6f:86:91:f5:e3:de:46:9c:c6:18:15:b7:50:
84:a2:3b:09:e0:6e:84:a6:78:1c:77:5a:d5:b4:b2:75:20:bd:
cc:06:45:d5:f2:7f:64:b8:34:50:f0:de:67:ab:86:ee:ab:f3:
80:a7:e2:06:8b:65:98:f4:61:94:00:bc:78:7d:c5:9f:26:04:
ec:b7:95:b1:18:3f:f3:25:03:db:4d:03:1b:96:c8:d0:ce:eb:
f0:0e:6c:c5:66:11:7f:ba:76:1b:66:3a:0d:8b:bd:ec:2f:4f:
ec:19:47:32:7e:ef:b2:e2:53:3e:0b:aa:06:ec:dd:11:df:65:
cd:2a:7b:7b:ca:9b:4e:48:97:8c:32:17:66:91:3b:c4:fc:82:
ac:9d:b3:df:ff:a1:cf:35:81:d8:86:9d:df:92:c9:40:8d:18:
a6:c2:1b:f3:40:80:15:b8:88:79:66:db:02:5d:b0:72:f6:85:
eb:d8:44:25:df:1e:48:a8:ad:8b:b6:20:a7:1b:eb:80:9c:50:
c1:3a:ca:b8:2a:20:4d:92:70:d9:2d:17:6f:40:2c:a0:4c:71:
b4:4f:0a:4c:ee:55:46:4f:f0:f5:5d:c4:d2:2d:01:95:6a:30:
2e:88:13:ac
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAx
NjUyNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJGMzc3RDE2NzA5REQ5
QTBFMEM0RUJDMDFEQUI3N0JBNTNBOEI2MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP5jOblCvN9gKCXXDKr6K+6c26J0QJ5lH1/cmJIBe3URlqP8SO
lBP+RTqYm12V7xrTdTwECp5PKinOrYM9t2Rg5vmbFGYJ67NvS6NQ0k70YXQ/UPea
oRrbWqW7F3LSXMT60gUWoA70TPQ0UFPU7PJMIbPcsgXIxcmTzthWiwNnlFnWlMoh
/Za718Os1GSPcb0B0eFxbzVF/WK0J7PgwMZFz/hg96dufEPMSIpOH9wHjnhoZT8h
Zlr83IIH3BofZeWZ90GHPDKZC/IKBZ3a4K6qkoa60gkTxCTejXhgVyfZXuLDJop5
/hwyW4PFzmR5YsktHYT2MgEADF+/FtPZ/7bDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUvzd9FnCd2aDgxOvAHat3ulOotgYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3Z6ZDlGbkNkMmFEZ3hP
dkFIYXQzdWxPb3RnWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAc+f4WtUjMmcoHTEhKB8cHiZYymTu9Zlv
hpH1495GnMYYFbdQhKI7CeBuhKZ4HHda1bSydSC9zAZF1fJ/ZLg0UPDeZ6uG7qvz
gKfiBotlmPRhlAC8eH3FnyYE7LeVsRg/8yUD200DG5bI0M7r8A5sxWYRf7p2G2Y6
DYu97C9P7BlHMn7vsuJTPguqBuzdEd9lzSp7e8qbTkiXjDIXZpE7xPyCrJ2z3/+h
zzWB2Iad35LJQI0YpsIb80CAFbiIeWbbAl2wcvaF69hEJd8eSKiti7YgpxvrgJxQ
wTrKuCogTZJw2S0Xb0AsoExxtE8KTO5VRk/w9V3E0i0BlWowLogTrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:54 2024 by rpki-client on console-fra.rpki-client.org