Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wOIgw18dAyvcvHgilP3yFfSrBgE.roa
File: wOIgw18dAyvcvHgilP3yFfSrBgE.roa (raw, json)
Hash identifier: zPcWbCBXV4D7y2BDwM0qW/3yvhrNnf9xk/A4zvCIi+w=
Subject key identifier: C0:E2:20:C3:5F:1D:03:2B:DC:BC:78:22:94:FD:F2:15:F4:AB:06:01
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55D2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wOIgw18dAyvcvHgilP3yFfSrBgE.roa
Signing time: Mon 13 May 2024 00:24:04 +0000
ROA not before: Mon 13 May 2024 00:24:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21970 (0x55d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 00:24:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C0E220C35F1D032BDCBC782294FDF215F4AB0601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e4:4c:7a:f1:7a:2e:91:c2:95:b8:3f:b5:aa:
25:3e:b1:70:f9:84:ed:f0:ba:6b:a1:f3:a5:ca:2e:
97:42:c1:89:dd:fd:4d:3f:e6:70:bc:21:53:36:ce:
ce:c2:16:69:21:d2:50:4c:f3:25:68:a0:e9:a3:f9:
55:4a:1a:74:64:34:79:eb:50:7c:21:3d:ec:8c:a5:
ff:4c:02:ef:9e:35:2a:05:a3:2f:ad:1c:96:ac:6c:
09:d6:c5:dd:8c:a0:51:44:db:3b:75:a5:b6:f6:e9:
42:56:7b:c0:d0:ba:b3:b2:32:e1:ab:b6:32:7d:ce:
8a:7b:24:74:24:f8:0e:40:69:b5:d3:3f:16:65:80:
23:20:db:9b:60:fa:f3:c3:82:2d:f3:a4:00:71:38:
5f:2e:ee:05:12:86:ff:a9:60:e2:5f:f8:0a:88:6e:
50:c2:44:50:4e:72:74:c3:53:a2:8b:25:de:7f:d7:
fc:e8:84:15:bc:9a:93:bc:7d:6b:b2:b6:40:0e:12:
c1:b6:97:28:00:12:00:6f:c6:b2:00:aa:72:c3:59:
ed:ec:9a:c9:5b:a5:95:dc:c8:7c:12:26:2e:ee:06:
c1:e5:39:0f:17:0b:1b:6c:bf:74:ca:06:28:19:da:
18:67:b0:c2:22:d9:6c:3a:d6:e7:77:c0:72:3c:39:
9b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:E2:20:C3:5F:1D:03:2B:DC:BC:78:22:94:FD:F2:15:F4:AB:06:01
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wOIgw18dAyvcvHgilP3yFfSrBgE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:76:05:f8:fe:1c:7c:fb:68:25:50:d0:35:63:34:e3:bc:ad:
92:94:0f:16:65:2b:76:a7:0b:f8:9b:a2:9a:e1:0b:1b:18:06:
f8:97:61:18:64:b4:cc:eb:28:ea:c7:31:d4:04:94:e9:04:35:
49:e2:05:5e:d5:bc:08:d5:ef:0a:32:05:41:10:16:a9:7e:f7:
fa:c3:39:0e:7a:35:74:91:0a:bc:e1:a3:e6:a3:70:9e:ff:a2:
61:e6:b8:d3:aa:ed:aa:fa:00:63:20:b7:e0:ba:a6:3c:9c:c8:
3f:61:3d:18:00:aa:98:dc:28:b3:8e:fc:70:fd:fe:07:ee:7d:
8a:3f:20:27:04:61:50:3a:a1:8a:29:87:4b:19:1a:60:64:ad:
19:14:41:f6:0e:85:96:94:05:27:0f:96:15:08:8d:b6:b3:38:
c5:3f:d4:96:04:b7:87:cb:e8:af:1e:13:c2:b2:88:f5:0d:4c:
35:bc:e6:62:bd:e9:b1:60:cd:0a:b6:a6:20:1a:49:9e:f8:02:
50:cd:c8:28:de:9d:87:32:9d:f1:b4:e0:36:12:df:b8:55:2d:
06:a9:9d:c4:b9:00:f8:4a:59:cb:f7:43:e8:24:cb:e8:00:9b:
cc:28:e1:1a:96:d0:f0:cb:a0:46:f4:d5:8b:04:f8:4c:9e:23:
49:b1:b9:39
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
MDI0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMwRTIyMEMzNUYxRDAz
MkJEQ0JDNzgyMjk0RkRGMjE1RjRBQjA2MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt5Ex68XoukcKVuD+1qiU+sXD5hO3wumuh86XKLpdCwYnd/U0/
5nC8IVM2zs7CFmkh0lBM8yVooOmj+VVKGnRkNHnrUHwhPeyMpf9MAu+eNSoFoy+t
HJasbAnWxd2MoFFE2zt1pbb26UJWe8DQurOyMuGrtjJ9zop7JHQk+A5AabXTPxZl
gCMg25tg+vPDgi3zpABxOF8u7gUShv+pYOJf+AqIblDCRFBOcnTDU6KLJd5/1/zo
hBW8mpO8fWuytkAOEsG2lygAEgBvxrIAqnLDWe3smslbpZXcyHwSJi7uBsHlOQ8X
Cxtsv3TKBigZ2hhnsMIi2Ww61ud3wHI8OZsTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUwOIgw18dAyvcvHgilP3yFfSrBgEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3dPSWd3MThkQXl2Y3ZI
Z2lsUDN5RmZTckJnRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAfXYF+P4cfPtoJVDQNWM047ytkpQPFmUr
dqcL+JuimuELGxgG+JdhGGS0zOso6scx1ASU6QQ1SeIFXtW8CNXvCjIFQRAWqX73
+sM5Dno1dJEKvOGj5qNwnv+iYea406rtqvoAYyC34LqmPJzIP2E9GACqmNwos478
cP3+B+59ij8gJwRhUDqhiimHSxkaYGStGRRB9g6FlpQFJw+WFQiNtrM4xT/UlgS3
h8vorx4TwrKI9Q1MNbzmYr3psWDNCramIBpJnvgCUM3IKN6dhzKd8bTgNhLfuFUt
BqmdxLkA+EpZy/dD6CTL6ACbzCjhGpbQ8MugRvTViwT4TJ4jSbG5OQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:54 2024 by rpki-client on console-fra.rpki-client.org