Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zUj7BFelsOAnlLeAwcr5ur8iwNk.roa
File: zUj7BFelsOAnlLeAwcr5ur8iwNk.roa (raw, json)
Hash identifier: A0rHGgxLAdx+AUauMAe6+03xM6ZmtuDpuClyBwfXhGk=
Subject key identifier: CD:48:FB:04:57:A5:B0:E0:27:94:B7:80:C1:CA:F9:BA:BF:22:C0:D9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3592
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zUj7BFelsOAnlLeAwcr5ur8iwNk.roa
Signing time: Sun 31 Mar 2024 00:22:09 +0000
ROA not before: Sun 31 Mar 2024 00:22:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13714 (0x3592)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 00:22:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CD48FB0457A5B0E02794B780C1CAF9BABF22C0D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d8:f9:3c:4e:80:d0:a4:70:52:f2:93:12:88:
42:a6:f7:62:cc:9f:14:c3:db:68:0e:66:5b:40:61:
46:ae:a0:6a:58:30:b5:36:bd:ce:8a:84:82:19:e4:
78:ab:d9:12:f3:4d:ae:e4:84:24:17:bb:22:c5:eb:
a3:36:99:2e:6f:d3:98:66:5a:0f:7f:97:1a:35:e3:
b7:ce:1c:a1:e7:03:b6:4b:46:5f:4d:76:76:a8:87:
9f:9d:f5:ec:97:49:c6:d7:2f:95:a2:e7:30:dc:b5:
ff:48:06:a3:3f:ad:99:44:55:1b:fa:0b:cc:75:87:
0b:ca:4c:f1:7f:2d:82:5a:47:c3:61:ee:68:0f:d7:
cd:15:60:03:4f:24:e6:4e:5c:81:16:e2:06:34:ec:
4a:6d:3f:2e:bc:0d:9e:16:de:f9:30:6f:bd:be:75:
53:d3:8d:d9:78:f6:3e:c1:f6:df:58:7b:04:17:55:
92:97:9f:2a:9a:37:70:1d:88:24:83:60:69:95:38:
68:29:89:dd:89:06:40:7a:ef:33:42:d6:cd:75:6f:
61:92:8f:0c:73:45:75:ab:fd:70:0b:de:f2:96:65:
12:c3:c9:69:65:78:cd:15:98:b0:e1:b0:06:f3:49:
b2:3d:05:86:f0:d4:5a:ef:f0:cb:d9:68:0a:f5:c2:
74:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:48:FB:04:57:A5:B0:E0:27:94:B7:80:C1:CA:F9:BA:BF:22:C0:D9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zUj7BFelsOAnlLeAwcr5ur8iwNk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:05:e0:7b:a1:0c:f0:57:4d:f2:57:95:cb:c0:4a:01:84:74:
98:32:a9:8a:39:44:b7:a7:b8:9a:c6:42:1b:6c:c2:6d:7e:c4:
85:ef:69:f6:15:e7:19:f1:b4:65:a9:e7:4b:86:da:ce:4e:48:
5d:65:e3:df:fc:b7:ef:8b:97:9b:8d:de:a7:44:f7:81:b7:74:
66:5b:a4:6b:01:de:31:7b:13:d8:c8:8b:48:f8:33:28:c1:44:
e6:64:eb:74:b2:8a:04:e5:dd:9c:9d:63:13:2d:e7:61:d8:bc:
35:be:ed:30:44:9d:2c:9c:ab:a1:3d:4d:8f:38:ab:4e:ab:ee:
69:0a:98:72:7f:17:94:0b:78:8e:29:a2:0d:9f:c2:cd:b1:c3:
aa:10:42:5b:48:a9:9f:b2:9e:d0:c6:46:20:49:61:7c:de:d8:
14:68:22:8a:ea:0c:8a:ae:ca:f4:99:73:af:10:c3:a2:bd:3c:
bb:58:c4:93:a1:e9:80:b5:d1:d1:f7:10:fd:52:c3:5f:b9:e8:
73:b8:a5:db:6f:63:7a:2b:2b:f8:eb:e6:d0:9d:b6:6a:a3:cd:
d0:a9:5d:87:78:e4:4c:fa:3a:39:b8:53:8b:b4:d8:27:6b:bb:
74:29:38:36:f7:7a:1a:c2:ac:b1:5e:27:10:44:83:60:f9:a8:
77:a0:c4:b6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNZIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
MDIyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENENDhGQjA0NTdBNUIw
RTAyNzk0Qjc4MEMxQ0FGOUJBQkYyMkMwRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA2Pk8ToDQpHBS8pMSiEKm92LMnxTD22gOZltAYUauoGpYMLU2
vc6KhIIZ5Hir2RLzTa7khCQXuyLF66M2mS5v05hmWg9/lxo147fOHKHnA7ZLRl9N
dnaoh5+d9eyXScbXL5Wi5zDctf9IBqM/rZlEVRv6C8x1hwvKTPF/LYJaR8Nh7mgP
180VYANPJOZOXIEW4gY07EptPy68DZ4W3vkwb72+dVPTjdl49j7B9t9YewQXVZKX
nyqaN3AdiCSDYGmVOGgpid2JBkB67zNC1s11b2GSjwxzRXWr/XAL3vKWZRLDyWll
eM0VmLDhsAbzSbI9BYbw1Frv8MvZaAr1wnRTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUzUj7BFelsOAnlLeAwcr5ur8iwNkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3pVajdCRmVsc09BbmxM
ZUF3Y3I1dXI4aXdOay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAswXge6EM8FdN8leVy8BKAYR0mDKpijlE
t6e4msZCG2zCbX7Ehe9p9hXnGfG0ZannS4bazk5IXWXj3/y374uXm43ep0T3gbd0
ZlukawHeMXsT2MiLSPgzKMFE5mTrdLKKBOXdnJ1jEy3nYdi8Nb7tMESdLJyroT1N
jzirTqvuaQqYcn8XlAt4jimiDZ/CzbHDqhBCW0ipn7Ke0MZGIElhfN7YFGgiiuoM
iq7K9JlzrxDDor08u1jEk6HpgLXR0fcQ/VLDX7noc7il229jeisr+Ovm0J22aqPN
0Kldh3jkTPo6ObhTi7TYJ2u7dCk4Nvd6GsKssV4nEESDYPmod6DEtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:57 2024 by rpki-client on console-fra.rpki-client.org