Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xJnyTQGkR8UaF-EE7nBYkRURGHM.roa
File: xJnyTQGkR8UaF-EE7nBYkRURGHM.roa (raw, json)
Hash identifier: ubZ6H0gBVMrw/7mDQPWdDbDzl1l4Yi4KwOialjBzXsI=
Subject key identifier: C4:99:F2:4D:01:A4:47:C5:1A:17:E1:04:EE:70:58:91:15:11:18:73
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 330A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xJnyTQGkR8UaF-EE7nBYkRURGHM.roa
Signing time: Wed 27 Mar 2024 15:22:04 +0000
ROA not before: Wed 27 Mar 2024 15:22:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13066 (0x330a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 15:22:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C499F24D01A447C51A17E104EE70589115111873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e7:41:9d:ea:99:15:f8:bd:5a:68:e1:19:fb:
7c:3f:93:73:41:a3:04:f7:f4:2f:6f:3c:d3:f4:21:
31:54:56:f7:f9:11:26:64:9f:b0:1d:6d:fe:a8:5b:
4d:07:eb:93:29:ba:cb:66:32:2e:37:be:74:b8:c1:
de:6e:78:47:2d:7b:3c:ba:2c:86:5c:0d:5c:50:46:
cd:34:85:52:6f:f4:91:9d:cb:98:b9:4d:c9:71:3e:
24:fb:8a:6c:6d:6b:89:a7:a9:81:76:de:1f:80:77:
81:5d:cf:c0:4e:93:34:4a:16:3f:a3:8d:49:db:2f:
85:9e:d4:f5:35:4c:9d:9f:71:27:a2:26:76:88:7a:
59:5b:a1:5a:0d:3e:a9:66:86:1b:df:c4:34:d3:8a:
36:9a:29:e0:45:7a:04:ec:4e:2f:9b:a1:3d:74:c9:
8d:49:de:0e:97:26:64:f2:a3:a7:2a:e9:ec:b3:14:
06:64:06:fa:5e:03:80:08:0a:44:a9:09:f8:df:05:
9f:ed:4e:8e:df:73:4b:96:e9:74:20:25:2a:7e:ef:
62:34:85:d4:07:01:05:11:14:c1:d1:84:84:12:25:
85:d5:b7:85:11:ea:84:d1:a8:3f:c2:34:e4:39:b2:
00:a0:bc:1e:48:0f:34:02:d8:6a:13:b5:a0:1d:fd:
2b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:99:F2:4D:01:A4:47:C5:1A:17:E1:04:EE:70:58:91:15:11:18:73
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xJnyTQGkR8UaF-EE7nBYkRURGHM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9c:83:81:c3:76:e5:2b:d2:c4:2a:f5:3c:57:63:6c:f4:c1:16:
e1:bf:f1:e7:9b:40:b8:bf:cc:d0:4b:1e:a9:4d:be:30:25:e4:
90:96:a2:97:ca:1c:3e:e9:8d:ba:f5:c6:12:92:4a:cd:91:22:
87:dc:5a:2f:50:31:e3:5b:aa:b7:d7:9d:df:64:85:ea:99:a9:
ec:fb:1a:a5:53:1a:11:38:11:43:3a:17:cd:28:b6:ff:e5:56:
be:81:53:52:28:1e:57:2a:ef:a2:a3:f2:7b:bb:a9:48:d5:40:
71:9f:04:2f:4d:f6:6c:12:32:19:f4:1e:df:cc:82:eb:5e:67:
46:48:62:23:f3:db:63:f8:de:c1:2d:97:d9:61:35:3f:e0:14:
d6:26:99:f0:fa:73:5a:0e:87:2e:e9:04:8c:9f:5a:07:a2:f1:
0a:24:bd:f9:1f:c9:d5:bb:a7:fd:68:33:26:68:5e:08:a4:9a:
86:05:d4:47:53:1b:68:37:37:2d:48:ee:b6:5e:77:7d:4e:1c:
26:6b:3b:38:35:65:5b:b3:fe:c5:9d:7d:76:a4:39:75:c7:0e:
15:0d:f6:20:22:15:f1:08:fc:d1:56:72:95:44:fc:8c:2f:51:
c0:ac:7d:5d:97:ca:55:4e:f2:55:e4:5a:a8:67:c6:0a:40:20:
bc:cf:58:cb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICMwowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
NTIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM0OTlGMjREMDFBNDQ3
QzUxQTE3RTEwNEVFNzA1ODkxMTUxMTE4NzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs50Gd6pkV+L1aaOEZ+3w/k3NBowT39C9vPNP0ITFUVvf5ESZk
n7Adbf6oW00H65MpustmMi43vnS4wd5ueEctezy6LIZcDVxQRs00hVJv9JGdy5i5
TclxPiT7imxta4mnqYF23h+Ad4Fdz8BOkzRKFj+jjUnbL4We1PU1TJ2fcSeiJnaI
ellboVoNPqlmhhvfxDTTijaaKeBFegTsTi+boT10yY1J3g6XJmTyo6cq6eyzFAZk
BvpeA4AICkSpCfjfBZ/tTo7fc0uW6XQgJSp+72I0hdQHAQURFMHRhIQSJYXVt4UR
6oTRqD/CNOQ5sgCgvB5IDzQC2GoTtaAd/StjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxJnyTQGkR8UaF+EE7nBYkRURGHMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hKbnlUUUdrUjhVYUYt
RUU3bkJZa1JVUkdITS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAnIOBw3blK9LEKvU8V2Ns9MEW4b/x55tA
uL/M0EseqU2+MCXkkJail8ocPumNuvXGEpJKzZEih9xaL1Ax41uqt9ed32SF6pmp
7PsapVMaETgRQzoXzSi2/+VWvoFTUigeVyrvoqPye7upSNVAcZ8EL032bBIyGfQe
38yC615nRkhiI/PbY/jewS2X2WE1P+AU1iaZ8PpzWg6HLukEjJ9aB6LxCiS9+R/J
1bun/WgzJmheCKSahgXUR1MbaDc3LUjutl53fU4cJms7ODVlW7P+xZ19dqQ5dccO
FQ32ICIV8Qj80VZylUT8jC9RwKx9XZfKVU7yVeRaqGfGCkAgvM9Yyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:55 2024 by rpki-client on console-fra.rpki-client.org