Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xEUDBkmBdQOot98uljZ0iDjiq9A.roa
File: xEUDBkmBdQOot98uljZ0iDjiq9A.roa (raw, json)
Hash identifier: Jj+pB3DLzS9dfp7pQWvdXeRWVEXlqU3mGarJkNXK1Pk=
Subject key identifier: C4:45:03:06:49:81:75:03:A8:B7:DF:2E:96:36:74:88:38:E2:AB:D0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40E2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xEUDBkmBdQOot98uljZ0iDjiq9A.roa
Signing time: Mon 15 Apr 2024 02:22:52 +0000
ROA not before: Mon 15 Apr 2024 02:22:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16610 (0x40e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 02:22:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C445030649817503A8B7DF2E9636748838E2ABD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ab:31:b3:18:ed:10:b9:5a:b5:0b:b8:b2:82:
b6:6b:8e:ee:0a:ae:c8:77:86:20:17:16:4e:4f:b0:
4b:8e:a0:28:e4:c6:32:7d:44:eb:71:8a:ce:75:ab:
c8:f8:ea:19:39:2e:78:05:65:e7:ea:97:a5:90:0c:
7f:90:b6:86:1f:f1:27:9d:f4:3f:09:93:63:08:8f:
d6:09:b4:bb:28:a3:d1:97:b2:b1:fd:f8:fd:e0:28:
24:7b:da:2f:d6:54:2b:60:48:ea:ea:94:33:d0:0f:
b2:b2:42:f8:fa:c5:3b:e1:3e:6b:dd:79:a2:7f:dc:
44:06:2b:e6:99:e6:7b:5e:09:a1:1e:00:89:82:3b:
15:9a:51:f6:f9:a7:54:c3:b7:4e:20:84:a2:28:8d:
b1:e4:1b:6f:f3:7c:ac:ee:2e:f1:7c:29:a4:05:bb:
21:64:34:47:41:47:58:65:2a:ef:14:47:e3:ae:76:
c0:8c:95:12:9b:52:07:e1:ac:88:99:79:7e:20:6e:
73:09:59:fc:b4:44:10:00:87:0e:2d:2d:d5:fd:2e:
1d:11:b5:1c:7b:8d:f7:4f:5f:eb:e2:78:c0:87:da:
0e:08:18:f5:f2:08:4f:39:75:77:d7:5b:16:41:91:
cf:04:3e:65:ae:ac:1b:d1:c5:69:73:d1:a7:3c:41:
14:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:45:03:06:49:81:75:03:A8:B7:DF:2E:96:36:74:88:38:E2:AB:D0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xEUDBkmBdQOot98uljZ0iDjiq9A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:85:e2:43:b4:78:8f:fd:81:fe:5e:06:50:d3:46:0f:7f:b4:
91:cb:4f:3d:0f:d6:b7:c6:c7:27:ab:b6:10:f5:17:7d:f2:77:
26:cf:10:05:d8:91:ac:fc:e7:d8:fd:7e:09:97:15:fb:45:ab:
64:81:77:0f:6b:e7:c8:19:dd:7d:17:dd:ff:de:5a:fe:06:92:
b9:a6:9c:69:38:69:cd:6f:4d:1c:e9:2a:59:99:02:ac:90:59:
29:85:a4:3a:05:52:1a:72:f3:5a:71:04:4b:ea:22:76:c9:4b:
3e:54:2b:90:e0:fe:91:44:fc:c1:07:8a:a1:93:8f:62:3b:98:
f7:6d:ad:3e:2f:61:53:66:22:e1:71:2c:be:d5:24:ae:d6:7b:
0a:88:35:fa:db:5e:0f:2b:57:b1:3a:3e:3d:b5:b7:22:e4:c9:
3e:f4:75:68:c7:5d:28:d4:60:0c:46:c1:51:71:cd:77:38:1d:
7d:ba:f6:d5:ab:4d:47:ce:3a:fe:e7:f8:fd:67:50:fa:1c:d9:
65:7f:2c:f7:de:e5:fa:21:90:8d:d8:57:61:8b:1a:0b:d2:82:
84:e0:a0:28:0f:a4:64:94:a5:72:9c:e4:f3:99:2b:a6:71:0c:
7c:74:9d:27:10:13:cf:4f:57:33:b0:0b:04:8e:91:54:08:04:
32:14:54:66
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQOIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
MjIyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM0NDUwMzA2NDk4MTc1
MDNBOEI3REYyRTk2MzY3NDg4MzhFMkFCRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyqzGzGO0QuVq1C7iygrZrju4Krsh3hiAXFk5PsEuOoCjkxjJ9
ROtxis51q8j46hk5LngFZefql6WQDH+QtoYf8Sed9D8Jk2MIj9YJtLsoo9GXsrH9
+P3gKCR72i/WVCtgSOrqlDPQD7KyQvj6xTvhPmvdeaJ/3EQGK+aZ5nteCaEeAImC
OxWaUfb5p1TDt04ghKIojbHkG2/zfKzuLvF8KaQFuyFkNEdBR1hlKu8UR+OudsCM
lRKbUgfhrIiZeX4gbnMJWfy0RBAAhw4tLdX9Lh0RtRx7jfdPX+vieMCH2g4IGPXy
CE85dXfXWxZBkc8EPmWurBvRxWlz0ac8QRTTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxEUDBkmBdQOot98uljZ0iDjiq9AwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hFVURCa21CZFFPb3Q5
OHVsalowaURqaXE5QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAOoXiQ7R4j/2B/l4GUNNGD3+0kctPPQ/W
t8bHJ6u2EPUXffJ3Js8QBdiRrPzn2P1+CZcV+0WrZIF3D2vnyBndfRfd/95a/gaS
uaacaThpzW9NHOkqWZkCrJBZKYWkOgVSGnLzWnEES+oidslLPlQrkOD+kUT8wQeK
oZOPYjuY922tPi9hU2Yi4XEsvtUkrtZ7Cog1+tteDytXsTo+PbW3IuTJPvR1aMdd
KNRgDEbBUXHNdzgdfbr21atNR846/uf4/WdQ+hzZZX8s997l+iGQjdhXYYsaC9KC
hOCgKA+kZJSlcpzk85krpnEMfHSdJxATz09XM7ALBI6RVAgEMhRUZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:55 2024 by rpki-client on console-fra.rpki-client.org