Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wLSRfgNcJgiYU4sVR9RXRa7Hju0.roa
File: wLSRfgNcJgiYU4sVR9RXRa7Hju0.roa (raw, json)
Hash identifier: oxxIDH4zVVjSsPPJnx/qA5kyhPDZ1APDvSuxvRg5m2U=
Subject key identifier: C0:B4:91:7E:03:5C:26:08:98:53:8B:15:47:D4:57:45:AE:C7:8E:ED
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FBA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wLSRfgNcJgiYU4sVR9RXRa7Hju0.roa
Signing time: Sat 13 Apr 2024 13:22:49 +0000
ROA not before: Sat 13 Apr 2024 13:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16314 (0x3fba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 13:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C0B4917E035C260898538B1547D45745AEC78EED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fc:0e:c4:9f:cd:c2:d0:41:bf:8e:72:28:03:
5c:26:2a:a3:98:f3:3f:f1:3f:8c:4b:37:20:52:b6:
a8:71:06:19:15:5c:92:62:e0:13:ea:81:7d:b1:c8:
06:a3:f6:b7:50:33:c2:f0:eb:5e:39:b3:3b:06:a0:
e7:04:69:3e:e7:04:95:ec:82:71:89:09:d2:d7:26:
6f:0e:d2:86:36:e8:3f:cd:46:42:de:4e:91:26:7b:
63:9f:1c:91:25:6e:bb:fa:12:fc:d7:44:bb:0f:de:
18:ae:f6:c4:44:32:36:ad:da:fe:2c:92:b7:b2:dd:
ee:55:58:cc:be:8e:19:db:ed:2e:49:7b:f3:a5:91:
bf:97:11:44:e7:ff:61:c6:9d:98:64:23:99:3f:ed:
75:05:36:2f:83:a4:97:af:57:6d:c9:72:43:c1:9b:
3a:ee:82:31:dc:05:79:71:f1:b8:79:82:ed:93:c5:
6a:4b:04:5e:19:40:c4:d5:a8:84:da:08:83:4b:df:
b9:ac:37:95:44:7e:42:03:f6:9a:9e:d7:20:ed:ff:
a4:ef:73:f5:fe:06:56:d7:5f:bc:5b:57:ea:0d:42:
0e:56:36:de:b5:f7:f3:ae:c0:bc:3e:a7:3f:b8:c9:
e0:58:5b:c1:37:22:90:c1:50:c3:27:91:3f:1d:8a:
ac:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B4:91:7E:03:5C:26:08:98:53:8B:15:47:D4:57:45:AE:C7:8E:ED
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wLSRfgNcJgiYU4sVR9RXRa7Hju0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:ec:2c:0d:fd:62:c7:02:ef:11:7f:4c:d4:35:0b:d1:1f:db:
bd:fb:d0:35:e7:ba:5a:ef:dc:68:4a:49:d5:b7:17:fb:02:5e:
4c:c6:2a:cd:45:76:be:4a:68:12:69:0b:d7:e9:c6:c8:3f:a1:
7f:bd:6f:09:4e:ee:90:e2:3b:27:61:7a:9e:b2:25:63:02:10:
30:03:01:57:44:30:de:c4:d1:5a:4e:20:d8:e6:1a:5c:db:7f:
ec:fa:3c:93:ec:ee:f8:63:bd:a8:8d:28:48:2b:a6:6d:5f:ce:
eb:09:bd:44:26:72:04:8c:de:83:da:21:1b:0a:75:bb:eb:b0:
39:2a:27:04:09:ae:95:50:82:95:71:2d:26:36:79:a4:05:75:
f7:41:8d:5f:84:fe:4b:f2:2c:77:db:e9:c2:47:8e:b2:09:2e:
f8:43:cd:00:60:0b:86:f6:a6:da:59:60:67:26:81:45:35:2e:
3c:d8:6b:fa:79:c8:db:b1:63:ce:28:72:d2:78:e6:2e:ac:27:
80:fb:46:18:71:06:0d:fe:b4:d0:8c:e7:a5:d4:7e:b5:6f:7d:
3f:e7:c3:03:7f:77:21:fc:73:49:a8:de:f9:04:79:f7:97:80:
2d:35:79:40:ea:71:c4:b7:ba:7e:d5:9a:d9:72:2b:5a:3e:26:
56:55:eb:05
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP7owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
MzIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMwQjQ5MTdFMDM1QzI2
MDg5ODUzOEIxNTQ3RDQ1NzQ1QUVDNzhFRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK/A7En83C0EG/jnIoA1wmKqOY8z/xP4xLNyBStqhxBhkVXJJi
4BPqgX2xyAaj9rdQM8Lw6145szsGoOcEaT7nBJXsgnGJCdLXJm8O0oY26D/NRkLe
TpEme2OfHJElbrv6EvzXRLsP3hiu9sREMjat2v4skrey3e5VWMy+jhnb7S5Je/Ol
kb+XEUTn/2HGnZhkI5k/7XUFNi+DpJevV23JckPBmzrugjHcBXlx8bh5gu2TxWpL
BF4ZQMTVqITaCINL37msN5VEfkID9pqe1yDt/6Tvc/X+BlbXX7xbV+oNQg5WNt61
9/OuwLw+pz+4yeBYW8E3IpDBUMMnkT8diqwlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUwLSRfgNcJgiYU4sVR9RXRa7Hju0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3dMU1JmZ05jSmdpWVU0
c1ZSOVJYUmE3SGp1MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAh+wsDf1ixwLvEX9M1DUL0R/bvfvQNee6
Wu/caEpJ1bcX+wJeTMYqzUV2vkpoEmkL1+nGyD+hf71vCU7ukOI7J2F6nrIlYwIQ
MAMBV0Qw3sTRWk4g2OYaXNt/7Po8k+zu+GO9qI0oSCumbV/O6wm9RCZyBIzeg9oh
Gwp1u+uwOSonBAmulVCClXEtJjZ5pAV190GNX4T+S/Isd9vpwkeOsgku+EPNAGAL
hvam2llgZyaBRTUuPNhr+nnI27Fjzihy0njmLqwngPtGGHEGDf600IznpdR+tW99
P+fDA393IfxzSaje+QR595eALTV5QOpxxLe6ftWa2XIrWj4mVlXrBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:54 2024 by rpki-client on console-fra.rpki-client.org