Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xhAkMQDvrgebkk36-_DUpjl7EcM.roa
File: xhAkMQDvrgebkk36-_DUpjl7EcM.roa (raw, json)
Hash identifier: G4WmsLTkXYXIikByhrBR9yQA1d/Y7YoCsYvdIWmJkZg=
Subject key identifier: C6:10:24:31:00:EF:AE:07:9B:92:4D:FA:FB:F0:D4:A6:39:7B:11:C3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 437A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xhAkMQDvrgebkk36-_DUpjl7EcM.roa
Signing time: Thu 18 Apr 2024 13:22:59 +0000
ROA not before: Thu 18 Apr 2024 13:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17274 (0x437a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 13:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C610243100EFAE079B924DFAFBF0D4A6397B11C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:95:bd:fb:bf:2b:3b:d1:4f:7b:e9:b0:e5:94:
35:5d:55:fe:3e:90:4d:71:5d:6e:39:1c:30:a8:76:
ca:e8:db:fc:e7:6f:12:d2:ee:50:b3:5c:09:cd:96:
b4:87:b6:83:c7:06:1a:17:dd:72:99:00:90:f3:67:
b2:ae:70:c0:1a:8d:76:45:a5:71:87:b3:17:df:72:
58:17:82:9e:49:6c:72:63:cd:3b:43:6f:70:da:4f:
40:41:95:ee:7e:1f:9e:07:79:f1:0b:c9:da:f5:b8:
96:a8:3a:2b:3c:be:98:01:4c:72:43:15:a8:95:6e:
cc:cd:0d:db:da:7f:8e:e2:c2:3f:76:1a:f2:f6:05:
7e:5a:b2:ee:3d:26:ae:ce:93:d7:a9:d6:6c:80:4a:
0c:e3:36:10:e4:5d:e2:e1:d7:f3:aa:95:0d:85:54:
79:20:ab:a2:6e:59:bb:b8:93:3a:44:5f:ea:89:2b:
d9:1a:f1:dd:7c:24:77:88:d0:11:6a:81:1d:1c:ac:
c1:45:cb:38:7c:41:75:5d:b2:e8:11:a0:42:aa:b2:
28:fa:9f:9e:ab:0c:44:26:b4:24:d8:3f:c0:8c:d2:
38:87:9c:30:d3:17:eb:e8:57:33:83:89:e7:5c:95:
42:58:95:82:bb:35:c4:8f:53:a5:ad:ff:a6:68:8e:
f5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:10:24:31:00:EF:AE:07:9B:92:4D:FA:FB:F0:D4:A6:39:7B:11:C3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xhAkMQDvrgebkk36-_DUpjl7EcM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:2f:d2:e8:ff:ed:4e:1e:8c:84:17:d4:5b:e4:78:cf:9a:b3:
c3:de:98:a4:54:f6:8a:f8:fb:4b:ba:cf:1b:85:70:3e:ae:0a:
b7:0b:69:2a:1e:52:4f:1d:61:f6:5c:11:32:20:50:d4:52:e5:
7c:1d:df:dd:7e:70:66:82:15:cc:a5:9f:cd:b2:52:50:10:84:
3a:1c:7a:bb:14:fb:2f:34:1c:10:c8:ee:85:18:3c:60:03:bf:
7d:4d:8a:18:37:81:5d:42:e3:8a:b8:db:0a:4c:ef:8c:a4:44:
53:9a:e6:c8:4c:21:73:5e:c8:88:38:6b:cb:97:55:2b:8b:be:
07:94:05:c9:74:fa:05:13:26:d0:2c:69:fd:af:e7:96:4b:04:
2c:8a:0d:87:cc:89:87:eb:03:9d:84:e4:e1:41:55:3c:13:3a:
7c:47:7f:e1:ef:af:54:b8:06:1e:c8:48:81:f2:71:f6:d7:ba:
7d:52:8f:fc:a2:08:7a:0f:fa:2d:59:53:3f:e9:4f:67:fd:a6:
ca:bc:fa:2f:93:75:32:3b:7b:d2:13:6d:8c:57:9d:ee:fd:4a:
4a:72:60:13:cd:f3:43:36:dd:c4:49:54:ab:29:d0:bb:87:85:
e5:28:9b:83:1b:90:b4:2f:d8:46:38:3c:67:62:d3:06:0d:4f:
8d:66:41:5b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ3owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
MzIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM2MTAyNDMxMDBFRkFF
MDc5QjkyNERGQUZCRjBENEE2Mzk3QjExQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBlb37vys70U976bDllDVdVf4+kE1xXW45HDCodsro2/znbxLS
7lCzXAnNlrSHtoPHBhoX3XKZAJDzZ7KucMAajXZFpXGHsxffclgXgp5JbHJjzTtD
b3DaT0BBle5+H54HefELydr1uJaoOis8vpgBTHJDFaiVbszNDdvaf47iwj92GvL2
BX5asu49Jq7Ok9ep1myASgzjNhDkXeLh1/OqlQ2FVHkgq6JuWbu4kzpEX+qJK9ka
8d18JHeI0BFqgR0crMFFyzh8QXVdsugRoEKqsij6n56rDEQmtCTYP8CM0jiHnDDT
F+voVzODiedclUJYlYK7NcSPU6Wt/6ZojvWTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxhAkMQDvrgebkk36+/DUpjl7EcMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hoQWtNUUR2cmdlYmtr
MzYtX0RVcGpsN0VjTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAMC/S6P/tTh6MhBfUW+R4z5qzw96YpFT2
ivj7S7rPG4VwPq4KtwtpKh5STx1h9lwRMiBQ1FLlfB3f3X5wZoIVzKWfzbJSUBCE
Ohx6uxT7LzQcEMjuhRg8YAO/fU2KGDeBXULjirjbCkzvjKREU5rmyEwhc17IiDhr
y5dVK4u+B5QFyXT6BRMm0Cxp/a/nlksELIoNh8yJh+sDnYTk4UFVPBM6fEd/4e+v
VLgGHshIgfJx9te6fVKP/KIIeg/6LVlTP+lPZ/2myrz6L5N1Mjt70hNtjFed7v1K
SnJgE83zQzbdxElUqynQu4eF5SibgxuQtC/YRjg8Z2LTBg1PjWZBWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:20 2024 by rpki-client on console-ams.rpki-client.org