Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xozmN9GcsQ-D4mhOxGI2-UC864A.roa
File: xozmN9GcsQ-D4mhOxGI2-UC864A.roa (raw, json)
Hash identifier: m4XX8mf4be3862hqInJuQDfpNI+0vOEMQxGhWPMJjHI=
Subject key identifier: C6:8C:E6:37:D1:9C:B1:0F:83:E2:68:4E:C4:62:36:F9:40:BC:EB:80
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B9E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xozmN9GcsQ-D4mhOxGI2-UC864A.roa
Signing time: Mon 08 Apr 2024 01:52:37 +0000
ROA not before: Mon 08 Apr 2024 01:52:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15262 (0x3b9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 01:52:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C68CE637D19CB10F83E2684EC46236F940BCEB80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:57:e4:fd:a9:46:4a:28:19:db:99:e0:d6:b6:
9e:6e:45:df:e2:bf:e9:4f:d5:b0:fa:c3:39:38:6f:
f2:c0:ce:37:e3:b0:70:2c:a0:45:1b:d4:bc:5f:3a:
46:46:f7:f4:be:ab:ac:be:9a:8b:9f:29:dd:aa:45:
ea:dc:9d:5f:59:41:e4:28:09:df:fa:96:d6:46:12:
4f:2e:7b:8e:8b:37:4e:10:af:29:f5:40:e8:a4:7f:
d6:8c:bc:b2:d3:de:5b:6c:b9:0f:6b:28:1f:95:2c:
84:b1:f8:7b:4f:61:4a:13:38:b0:74:c7:8e:a1:80:
77:e3:b8:c8:d5:7f:5b:bd:d9:db:5a:1b:b3:99:d0:
f2:6f:03:00:26:c3:cc:8b:5c:24:6c:84:dc:36:bf:
3f:10:0e:f2:02:9c:e5:32:c0:bc:32:49:ad:d7:1e:
b7:bf:c2:b4:8b:ff:d2:df:64:f4:95:5d:84:01:8a:
b6:87:90:5e:ef:24:04:cf:10:a6:63:19:06:5b:d1:
6c:6b:eb:02:43:2e:76:c6:fb:94:b6:d3:89:69:16:
9e:24:a3:08:00:4a:5b:f0:e4:fa:f2:eb:3c:6c:4e:
2e:13:f8:e7:da:51:c6:9d:56:39:c8:77:78:0e:28:
8b:42:01:17:11:69:09:2d:51:44:9a:ff:cf:39:0a:
af:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8C:E6:37:D1:9C:B1:0F:83:E2:68:4E:C4:62:36:F9:40:BC:EB:80
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xozmN9GcsQ-D4mhOxGI2-UC864A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:50:b6:b1:30:6c:d3:af:90:dc:30:21:57:4e:cb:e1:1f:75:
b5:bc:b3:17:89:37:c7:64:06:be:b7:83:f4:5f:83:0d:8c:55:
28:79:f6:3d:3c:3c:d1:e0:be:3c:bf:4c:4a:be:98:ee:5a:02:
49:c7:52:84:a0:10:d7:9f:90:15:33:65:43:50:ef:09:36:d0:
66:6e:3f:a7:ae:3d:d0:08:ae:ff:34:a7:13:b7:ad:53:1a:c2:
57:11:df:b7:51:22:04:dd:69:ba:ef:70:ef:c2:4d:93:1f:12:
8b:10:35:99:52:41:40:c7:e2:c9:f1:b2:8f:36:b4:76:ce:d6:
8b:f8:de:76:42:3b:f5:91:8e:fa:84:fd:b3:b6:3a:af:1d:47:
59:ce:1e:87:f0:f6:e9:1f:e0:f9:b7:d8:65:ab:6c:88:4a:11:
d0:1f:2d:6c:5c:50:54:14:65:d3:1e:0f:aa:a1:6b:7e:36:48:
65:b4:11:ac:72:cc:84:5b:00:4e:5c:a0:a5:61:5c:6e:ad:4a:
46:f8:98:03:7d:c9:7f:b4:9a:17:87:d3:a5:6b:d7:c7:a1:05:
2a:0d:f0:2d:5e:08:e5:39:b5:6a:83:78:8e:56:53:a2:4c:10:
72:05:f6:af:69:e0:9a:7f:87:60:79:77:4d:47:44:c9:51:89:
2f:d8:41:97
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICO54wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgw
MTUyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM2OENFNjM3RDE5Q0Ix
MEY4M0UyNjg0RUM0NjIzNkY5NDBCQ0VCODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCV+T9qUZKKBnbmeDWtp5uRd/iv+lP1bD6wzk4b/LAzjfjsHAs
oEUb1LxfOkZG9/S+q6y+moufKd2qRercnV9ZQeQoCd/6ltZGEk8ue46LN04Qryn1
QOikf9aMvLLT3ltsuQ9rKB+VLISx+HtPYUoTOLB0x46hgHfjuMjVf1u92dtaG7OZ
0PJvAwAmw8yLXCRshNw2vz8QDvICnOUywLwySa3XHre/wrSL/9LfZPSVXYQBiraH
kF7vJATPEKZjGQZb0Wxr6wJDLnbG+5S204lpFp4kowgASlvw5Pry6zxsTi4T+Ofa
UcadVjnId3gOKItCARcRaQktUUSa/885Cq9hAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxozmN9GcsQ+D4mhOxGI2+UC864AwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hvem1OOUdjc1EtRDRt
aE94R0kyLVVDODY0QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAZlC2sTBs06+Q3DAhV07L4R91tbyzF4k3
x2QGvreD9F+DDYxVKHn2PTw80eC+PL9MSr6Y7loCScdShKAQ15+QFTNlQ1DvCTbQ
Zm4/p6490Aiu/zSnE7etUxrCVxHft1EiBN1puu9w78JNkx8SixA1mVJBQMfiyfGy
jza0ds7Wi/jedkI79ZGO+oT9s7Y6rx1HWc4eh/D26R/g+bfYZatsiEoR0B8tbFxQ
VBRl0x4PqqFrfjZIZbQRrHLMhFsATlygpWFcbq1KRviYA33Jf7SaF4fTpWvXx6EF
Kg3wLV4I5Tm1aoN4jlZTokwQcgX2r2ngmn+HYHl3TUdEyVGJL9hBlw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:55 2024 by rpki-client on console-fra.rpki-client.org