Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/x2VjAsuAlwrNTwPZ2sdm-UqCAjo.roa
File: x2VjAsuAlwrNTwPZ2sdm-UqCAjo.roa (raw, json)
Hash identifier: nJI33YHBzL5fYUq40ioLaIoeJHknJy2J+d2a6OIXyd4=
Subject key identifier: C7:65:63:02:CB:80:97:0A:CD:4F:03:D9:DA:C7:66:F9:4A:82:02:3A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34C2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/x2VjAsuAlwrNTwPZ2sdm-UqCAjo.roa
Signing time: Fri 29 Mar 2024 22:22:16 +0000
ROA not before: Fri 29 Mar 2024 22:22:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13506 (0x34c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 22:22:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C7656302CB80970ACD4F03D9DAC766F94A82023A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:be:a1:cf:dc:bf:21:7a:03:52:47:68:52:36:
f3:f5:6e:40:50:96:bf:e2:7a:d9:23:02:98:24:eb:
64:f7:ea:75:83:64:ee:af:ad:87:36:9b:b6:5b:9b:
c2:3a:a2:a5:72:93:b9:62:ce:84:01:c9:ed:2a:7e:
01:66:82:72:53:b8:00:a6:36:1e:35:c7:e8:8c:a3:
2d:2d:b7:43:0d:71:b2:a5:24:b2:32:6e:96:59:2c:
29:f2:79:53:78:a3:71:cb:a6:68:80:f7:61:1d:9e:
6e:3e:46:f4:e4:a2:da:9f:15:28:85:b1:03:8f:99:
f2:b9:47:a3:7e:e9:7a:87:f7:24:48:ce:c7:f6:dc:
23:74:54:53:d7:ac:dc:be:c8:9f:5e:a1:c0:91:c7:
49:03:c7:61:a7:aa:ab:20:20:dc:be:1b:82:a7:49:
3c:20:40:fd:b0:83:41:89:d1:8c:be:1f:0e:d7:20:
ad:c6:e3:fc:dd:3c:2b:42:58:8a:ec:89:56:87:ff:
b9:62:8a:b4:d7:b7:90:b8:3e:40:82:ce:ce:ac:1b:
40:08:d7:39:f6:1e:40:fd:c5:a7:79:1a:53:da:48:
3d:a1:df:5d:bc:38:64:4f:2c:92:23:4e:ca:23:d9:
9c:04:d6:a3:07:53:61:43:9b:d5:d7:01:ab:57:b2:
c1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:65:63:02:CB:80:97:0A:CD:4F:03:D9:DA:C7:66:F9:4A:82:02:3A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/x2VjAsuAlwrNTwPZ2sdm-UqCAjo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:94:e7:06:ab:86:63:fd:c8:f1:b1:d4:16:91:74:de:d3:3b:
ac:db:ab:37:ad:1d:d7:c0:42:07:f8:2c:52:ff:cb:96:0f:41:
53:d9:65:44:cd:92:1f:dc:7f:88:67:93:e7:95:e3:4f:c5:f9:
45:d5:37:19:4f:7a:f9:24:dc:c8:83:e8:42:5a:ef:01:c7:24:
26:a0:e0:a6:b0:52:10:22:d4:49:eb:ad:43:b2:bd:e0:dd:0f:
c5:92:a3:31:c8:07:ec:fd:3c:d0:5b:1e:f5:ee:fd:9c:7d:ff:
63:92:b4:d0:3d:3a:e5:ce:5b:8a:6d:94:52:47:90:91:f0:f2:
aa:d3:07:bf:6e:1e:fa:91:38:5f:08:4c:9c:8a:16:a1:54:b3:
86:8b:2c:1f:93:9d:42:57:70:dc:17:54:f6:29:03:a5:05:2d:
b6:fb:bf:8e:7e:1e:a8:2e:31:95:1c:de:fb:b9:cd:3e:4a:35:
fc:f2:9f:7e:43:fa:48:1b:65:5a:e8:7e:da:ab:e1:25:bc:0d:
9a:4d:7e:a7:db:a4:9d:40:33:e6:b1:95:3f:ec:7c:40:8e:74:
5b:c0:2c:41:23:49:03:c6:53:b4:11:b8:67:5d:41:f2:87:39:
fe:fc:cb:ff:66:78:7e:72:be:f0:83:4c:a8:09:74:12:97:c0:
95:83:57:6c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNMIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjky
MjIyMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM3NjU2MzAyQ0I4MDk3
MEFDRDRGMDNEOURBQzc2NkY5NEE4MjAyM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD5vqHP3L8hegNSR2hSNvP1bkBQlr/ietkjApgk62T36nWDZO6v
rYc2m7Zbm8I6oqVyk7lizoQBye0qfgFmgnJTuACmNh41x+iMoy0tt0MNcbKlJLIy
bpZZLCnyeVN4o3HLpmiA92Ednm4+RvTkotqfFSiFsQOPmfK5R6N+6XqH9yRIzsf2
3CN0VFPXrNy+yJ9eocCRx0kDx2GnqqsgINy+G4KnSTwgQP2wg0GJ0Yy+Hw7XIK3G
4/zdPCtCWIrsiVaH/7liirTXt5C4PkCCzs6sG0AI1zn2HkD9xad5GlPaSD2h3128
OGRPLJIjTsoj2ZwE1qMHU2FDm9XXAatXssH5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUx2VjAsuAlwrNTwPZ2sdm+UqCAjowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3gyVmpBc3VBbHdyTlR3
UFoyc2RtLVVxQ0Fqby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKJTnBquGY/3I8bHUFpF03tM7rNurN60d
18BCB/gsUv/Llg9BU9llRM2SH9x/iGeT55XjT8X5RdU3GU96+STcyIPoQlrvAcck
JqDgprBSECLUSeutQ7K94N0PxZKjMcgH7P080Fse9e79nH3/Y5K00D065c5bim2U
UkeQkfDyqtMHv24e+pE4XwhMnIoWoVSzhossH5OdQldw3BdU9ikDpQUttvu/jn4e
qC4xlRze+7nNPko1/PKffkP6SBtlWuh+2qvhJbwNmk1+p9uknUAz5rGVP+x8QI50
W8AsQSNJA8ZTtBG4Z11B8oc5/vzL/2Z4fnK+8INMqAl0EpfAlYNXbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:55 2024 by rpki-client on console-fra.rpki-client.org