Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zEMEf27CM3SvFiol-ExD3UWzXaM.roa
File: zEMEf27CM3SvFiol-ExD3UWzXaM.roa (raw, json)
Hash identifier: niNLZ5oNZOwIX84ucgmwW4Pls4tEMP4JSrSO4+V6lOg=
Subject key identifier: CC:43:04:7F:6E:C2:33:74:AF:16:2A:25:F8:4C:43:DD:45:B3:5D:A3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 356A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zEMEf27CM3SvFiol-ExD3UWzXaM.roa
Signing time: Sat 30 Mar 2024 19:22:09 +0000
ROA not before: Sat 30 Mar 2024 19:22:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13674 (0x356a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 19:22:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CC43047F6EC23374AF162A25F84C43DD45B35DA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:90:f4:b6:02:8c:d7:c8:a2:fd:b2:52:ce:4b:
e5:96:dd:68:e4:75:51:fc:b3:a3:94:a4:2c:0c:bc:
d5:52:64:0d:2f:55:18:1c:55:c7:b7:0c:79:b7:b9:
7c:ec:c3:5d:a4:b9:ac:b6:64:c9:eb:52:5b:16:50:
a4:46:94:bb:f0:69:f0:23:cf:0f:3a:0b:4c:e5:4f:
ba:3b:49:b0:cf:1e:57:7b:ec:c1:25:a1:68:38:bf:
2c:d8:79:fa:4a:1b:5c:b8:ec:a1:b3:0c:f4:9a:26:
97:2b:9a:ed:c6:e3:2b:71:5e:1e:a4:97:c9:8a:d0:
f6:b5:db:e2:c0:ed:8a:d3:40:cf:db:d2:bf:be:ac:
32:5f:31:30:cc:27:15:9d:16:44:a2:0d:7e:64:98:
f7:51:c7:07:c1:6e:0f:9c:b8:24:95:9b:2e:8f:86:
37:53:63:34:e7:ba:fd:a0:6f:0e:3a:73:52:b0:fb:
0b:35:87:b2:66:f1:bf:9c:b7:c2:b2:e8:b5:4e:e3:
25:1a:21:5c:88:3f:6b:1c:e6:3e:f4:b3:18:54:b7:
00:1e:6b:e9:c1:63:3f:98:b0:7d:a2:d1:77:5d:97:
04:61:d0:0c:98:49:8d:cb:b2:6a:f0:6e:2c:32:5a:
7d:b4:71:00:3c:e2:a1:79:a2:d1:87:8e:f3:a4:84:
6d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:43:04:7F:6E:C2:33:74:AF:16:2A:25:F8:4C:43:DD:45:B3:5D:A3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zEMEf27CM3SvFiol-ExD3UWzXaM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:ca:1e:f6:b9:b8:b4:c8:23:b1:b2:a0:2b:2e:97:cd:b6:03:
07:53:f2:2a:cc:ae:ad:13:9f:e3:fc:4c:2a:99:03:73:a2:85:
6f:4a:68:44:e1:ac:9f:d0:cf:38:83:de:08:0d:e0:91:1c:a9:
1b:38:36:1f:f4:4b:fc:47:24:aa:37:e2:d8:d3:58:d3:01:4e:
7d:95:5f:a3:0a:a7:d5:2b:1c:d3:ab:94:37:bf:24:df:2c:6d:
58:44:28:05:dd:77:cf:19:5d:77:4c:11:9c:33:6a:e6:37:90:
ce:37:06:2b:c5:47:14:4b:65:9f:c5:e7:c0:d0:ab:e7:40:6a:
5e:fe:47:7c:c2:0b:ad:5c:14:5e:16:49:5c:78:b1:4e:cf:cb:
64:22:86:f0:8c:5d:45:95:d8:92:6c:e3:e4:29:25:cf:d3:ae:
55:d2:e9:98:e5:02:fe:22:40:af:42:44:5d:8f:f1:a1:1d:11:
c8:3b:19:9f:e4:71:6c:84:49:d6:19:70:b2:33:d0:c7:1c:b9:
50:d9:a4:bb:8e:56:08:3c:20:74:7d:8c:08:f1:a3:e1:0b:6c:
25:ee:06:ac:65:85:28:92:7d:3a:95:e6:0d:e0:7a:37:20:f1:
ee:59:10:53:93:d3:4f:3f:7a:78:7c:e2:e8:2b:89:dc:35:5e:
d8:65:91:43
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNWowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
OTIyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENDNDMwNDdGNkVDMjMz
NzRBRjE2MkEyNUY4NEM0M0RENDVCMzVEQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDokPS2AozXyKL9slLOS+WW3WjkdVH8s6OUpCwMvNVSZA0vVRgc
Vce3DHm3uXzsw12kuay2ZMnrUlsWUKRGlLvwafAjzw86C0zlT7o7SbDPHld77MEl
oWg4vyzYefpKG1y47KGzDPSaJpcrmu3G4ytxXh6kl8mK0Pa12+LA7YrTQM/b0r++
rDJfMTDMJxWdFkSiDX5kmPdRxwfBbg+cuCSVmy6PhjdTYzTnuv2gbw46c1Kw+ws1
h7Jm8b+ct8Ky6LVO4yUaIVyIP2sc5j70sxhUtwAea+nBYz+YsH2i0XddlwRh0AyY
SY3LsmrwbiwyWn20cQA84qF5otGHjvOkhG2dAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUzEMEf27CM3SvFiol+ExD3UWzXaMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3pFTUVmMjdDTTNTdkZp
b2wtRXhEM1VXelhhTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAiMoe9rm4tMgjsbKgKy6XzbYDB1PyKsyu
rROf4/xMKpkDc6KFb0poROGsn9DPOIPeCA3gkRypGzg2H/RL/Eckqjfi2NNY0wFO
fZVfowqn1Ssc06uUN78k3yxtWEQoBd13zxldd0wRnDNq5jeQzjcGK8VHFEtln8Xn
wNCr50BqXv5HfMILrVwUXhZJXHixTs/LZCKG8IxdRZXYkmzj5Cklz9OuVdLpmOUC
/iJAr0JEXY/xoR0RyDsZn+RxbIRJ1hlwsjPQxxy5UNmku45WCDwgdH2MCPGj4Qts
Je4GrGWFKJJ9OpXmDeB6NyDx7lkQU5PTTz96eHzi6CuJ3DVe2GWRQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:56 2024 by rpki-client on console-fra.rpki-client.org