Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yTt3aDgydmQbAJHs5Aay9o1ex3c.roa
File: yTt3aDgydmQbAJHs5Aay9o1ex3c.roa (raw, json)
Hash identifier: wyRMi94HjBJ0vs7K1hC9BdefLdWGNOdlfKPwElMcjFY=
Subject key identifier: C9:3B:77:68:38:32:76:64:1B:00:91:EC:E4:06:B2:F6:8D:5E:C7:77
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 342E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yTt3aDgydmQbAJHs5Aay9o1ex3c.roa
Signing time: Fri 29 Mar 2024 03:52:03 +0000
ROA not before: Fri 29 Mar 2024 03:52:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13358 (0x342e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 03:52:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C93B7768383276641B0091ECE406B2F68D5EC777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:90:27:f9:fd:ea:87:41:fd:b7:04:7d:18:53:
89:68:22:84:9f:20:9c:ef:9c:1f:2c:3b:8a:e9:94:
24:c3:4c:86:fe:af:86:34:a5:07:b5:d7:9f:a8:cb:
b6:73:5a:22:80:ca:bd:d8:c3:4f:ca:6a:3d:2d:09:
88:47:89:df:ac:a8:72:71:7f:33:cf:b7:78:2d:a1:
a2:cd:c7:a8:46:9a:07:61:1d:06:4f:bd:ac:9b:0c:
f0:dc:8d:c9:d2:7d:e7:0c:0c:58:0a:69:48:19:73:
5c:4f:fa:6e:58:9b:26:5b:d2:d0:5a:e5:a3:ed:c1:
ac:f0:25:56:0b:b0:c3:6e:f4:2a:06:71:db:72:ac:
42:71:25:d2:38:0d:7b:1b:99:c5:b7:33:d7:5b:63:
80:42:2e:20:d3:10:31:88:7f:64:26:57:54:e5:84:
19:5d:fb:95:ea:4e:3a:5f:a7:59:10:e8:4c:ac:e4:
23:d0:97:f9:ac:8d:d1:fd:79:11:f2:5d:7f:df:45:
8c:90:aa:3b:c8:fd:1f:06:07:ce:21:f7:cc:8a:c7:
81:a0:29:93:fe:38:0b:db:85:45:51:a6:f8:16:2f:
f5:37:8f:d7:68:f8:6f:55:ab:9d:8b:71:4e:83:74:
fa:4e:aa:b9:b1:8f:13:10:39:2e:c2:81:99:7a:26:
f4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3B:77:68:38:32:76:64:1B:00:91:EC:E4:06:B2:F6:8D:5E:C7:77
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yTt3aDgydmQbAJHs5Aay9o1ex3c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b5:2e:05:7e:3a:b7:a5:44:46:ef:af:b5:2f:2a:9e:17:c2:b0:
d6:90:db:c0:fe:48:2d:23:6b:b6:39:0f:5b:b9:30:53:c2:70:
77:e8:b9:c0:a1:36:40:3a:fd:89:bc:f9:25:78:79:9a:0b:0a:
cd:a2:00:71:49:96:34:1d:e2:4f:38:0b:45:58:71:5a:4e:1e:
c5:e2:29:73:eb:12:bc:28:85:5a:fa:14:02:92:a0:67:c6:69:
67:5a:15:cc:90:3f:42:63:16:52:ac:70:15:ca:6c:b3:b9:e4:
d1:d4:a0:ad:7a:37:5e:5d:44:c1:e4:86:c2:cf:08:71:84:63:
1d:6e:a7:80:fb:36:d0:fe:50:0d:0b:33:10:21:37:30:0d:6b:
2a:b8:79:91:50:c7:90:0b:b8:b8:6b:5a:9d:7e:e9:aa:e0:a5:
b2:b2:04:68:be:16:e0:6f:f9:38:7b:37:a0:b2:f9:84:8c:48:
8b:3b:5c:ec:bb:66:fc:37:a4:7c:24:91:ea:81:5b:00:67:5c:
85:ef:c3:47:82:3f:ec:7a:de:4a:43:5e:ed:9f:5a:59:10:19:
a1:14:75:08:a7:5e:43:3b:91:0d:2e:b8:2e:db:57:a4:ed:20:
aa:a5:f6:0d:64:01:87:bd:6a:99:c8:18:c7:90:bc:74:95:a5:
fb:8b:d7:e2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNC4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
MzUyMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM5M0I3NzY4MzgzMjc2
NjQxQjAwOTFFQ0U0MDZCMkY2OEQ1RUM3NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/kCf5/eqHQf23BH0YU4loIoSfIJzvnB8sO4rplCTDTIb+r4Y0
pQe115+oy7ZzWiKAyr3Yw0/Kaj0tCYhHid+sqHJxfzPPt3gtoaLNx6hGmgdhHQZP
vaybDPDcjcnSfecMDFgKaUgZc1xP+m5YmyZb0tBa5aPtwazwJVYLsMNu9CoGcdty
rEJxJdI4DXsbmcW3M9dbY4BCLiDTEDGIf2QmV1TlhBld+5XqTjpfp1kQ6Eys5CPQ
l/msjdH9eRHyXX/fRYyQqjvI/R8GB84h98yKx4GgKZP+OAvbhUVRpvgWL/U3j9do
+G9Vq52LcU6DdPpOqrmxjxMQOS7CgZl6JvSVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUyTt3aDgydmQbAJHs5Aay9o1ex3cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3lUdDNhRGd5ZG1RYkFK
SHM1QWF5OW8xZXgzYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAtS4Ffjq3pURG76+1LyqeF8Kw1pDbwP5I
LSNrtjkPW7kwU8Jwd+i5wKE2QDr9ibz5JXh5mgsKzaIAcUmWNB3iTzgLRVhxWk4e
xeIpc+sSvCiFWvoUApKgZ8ZpZ1oVzJA/QmMWUqxwFcpss7nk0dSgrXo3Xl1EweSG
ws8IcYRjHW6ngPs20P5QDQszECE3MA1rKrh5kVDHkAu4uGtanX7pquClsrIEaL4W
4G/5OHs3oLL5hIxIiztc7Ltm/DekfCSR6oFbAGdche/DR4I/7HreSkNe7Z9aWRAZ
oRR1CKdeQzuRDS64LttXpO0gqqX2DWQBh71qmcgYx5C8dJWl+4vX4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:56 2024 by rpki-client on console-fra.rpki-client.org