Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0Rc-In8-u3rYZsXYFpJekNxFImk.roa
File: 0Rc-In8-u3rYZsXYFpJekNxFImk.roa (raw, json)
Hash identifier: Pj6UtbgfG95xaPzRYkam8iDI7t7YfhznC7WZdVu+uVk=
Subject key identifier: D1:17:3E:22:7F:3E:BB:7A:D8:66:C5:D8:16:92:5E:90:DC:45:22:69
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5396
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0Rc-In8-u3rYZsXYFpJekNxFImk.roa
Signing time: Fri 10 May 2024 00:54:00 +0000
ROA not before: Fri 10 May 2024 00:54:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21398 (0x5396)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 00:54:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D1173E227F3EBB7AD866C5D816925E90DC452269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:7d:14:2a:2b:bc:fb:a7:ee:aa:a5:38:f4:ef:
f8:1e:ab:1c:4a:f4:a9:33:a2:2b:2a:53:9d:d0:17:
14:17:2a:76:c0:35:9e:4b:14:fd:83:89:1f:7b:d0:
32:80:ac:ad:bd:33:ae:e4:a0:61:a1:ef:b1:73:52:
e1:75:89:f4:5a:86:63:3d:3c:18:fe:b0:01:7e:07:
f6:99:d5:bb:28:09:8e:af:20:0f:b9:45:42:d0:db:
de:84:c0:e7:77:f2:b6:ab:c9:c3:ff:61:81:48:33:
a9:9b:af:82:4a:9f:f4:70:59:95:45:32:63:e3:cf:
6c:01:cb:06:9c:49:21:f6:64:4d:bd:b3:ee:6a:df:
44:a9:b4:1f:14:62:50:95:9b:3b:04:67:18:5c:57:
41:b0:bf:1f:01:27:f8:e3:49:d9:54:75:6e:70:ee:
cb:f8:de:b5:c3:fe:b6:1e:4c:75:53:64:f2:d3:55:
77:1b:85:63:0a:1d:02:d0:5e:f3:a5:0b:07:d3:0d:
22:2a:f3:28:e0:15:5e:88:1a:46:b2:4a:d8:f6:9e:
f7:60:fd:81:8b:c8:a6:29:43:13:7b:36:5c:3b:46:
aa:87:8b:dd:9f:f2:2b:71:3f:dc:ea:1d:1f:ba:81:
e4:42:51:d0:eb:29:e3:5a:94:0c:77:2d:5a:27:16:
7d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:17:3E:22:7F:3E:BB:7A:D8:66:C5:D8:16:92:5E:90:DC:45:22:69
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0Rc-In8-u3rYZsXYFpJekNxFImk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:36:ab:ba:0c:18:f9:20:e3:41:08:4d:13:6d:cc:66:a6:ab:
0b:28:6c:1d:46:21:59:4e:f1:16:47:31:1e:89:b4:91:71:3c:
fb:ca:95:f0:90:57:2e:12:84:48:e5:e5:88:a1:af:18:e7:01:
8c:c6:fb:eb:be:94:ac:59:80:08:fe:14:c1:5f:9e:2b:42:f9:
93:a6:cc:c1:0d:18:c0:2e:b9:5c:5d:59:d4:3a:68:fd:0d:37:
2c:81:b5:6c:11:00:9e:d3:3e:eb:bd:ad:9c:dd:49:bb:12:4b:
2d:a1:f2:ac:a9:0c:97:bd:c9:f0:8d:96:58:00:a3:e9:59:2d:
40:cf:1d:72:6d:b6:5d:9d:6c:e2:a5:02:6f:b0:78:d4:18:b8:
f3:55:50:f1:97:cf:cb:fd:2f:f1:37:af:16:b9:c5:7d:d9:3e:
fe:2a:a9:4e:2d:7e:4c:3a:68:53:89:49:bd:9f:96:33:0a:c3:
11:74:f8:e6:62:dd:e8:89:e4:83:94:fc:fd:a9:8f:5d:32:a2:
c5:23:f1:14:67:20:b6:c9:6d:af:83:b3:05:a4:90:50:67:5d:
2c:2a:fa:b9:0a:64:c5:81:34:dd:5c:20:cb:a3:0b:fb:89:cd:
25:70:66:43:5a:22:30:1e:ad:7b:56:3a:09:35:a3:a1:58:52:
2a:1c:f3:32
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU5YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
MDU0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQxMTczRTIyN0YzRUJC
N0FEODY2QzVEODE2OTI1RTkwREM0NTIyNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkfRQqK7z7p+6qpTj07/geqxxK9KkzoisqU53QFxQXKnbANZ5L
FP2DiR970DKArK29M67koGGh77FzUuF1ifRahmM9PBj+sAF+B/aZ1bsoCY6vIA+5
RULQ296EwOd38rarycP/YYFIM6mbr4JKn/RwWZVFMmPjz2wBywacSSH2ZE29s+5q
30SptB8UYlCVmzsEZxhcV0Gwvx8BJ/jjSdlUdW5w7sv43rXD/rYeTHVTZPLTVXcb
hWMKHQLQXvOlCwfTDSIq8yjgFV6IGkayStj2nvdg/YGLyKYpQxN7Nlw7RqqHi92f
8itxP9zqHR+6geRCUdDrKeNalAx3LVonFn0XAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU0Rc+In8+u3rYZsXYFpJekNxFImkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBSYy1JbjgtdTNyWVpz
WFlGcEpla054Rkltay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEADTarugwY+SDjQQhNE23MZqarCyhsHUYh
WU7xFkcxHom0kXE8+8qV8JBXLhKESOXliKGvGOcBjMb7676UrFmACP4UwV+eK0L5
k6bMwQ0YwC65XF1Z1Dpo/Q03LIG1bBEAntM+672tnN1JuxJLLaHyrKkMl73J8I2W
WACj6VktQM8dcm22XZ1s4qUCb7B41Bi481VQ8ZfPy/0v8TevFrnFfdk+/iqpTi1+
TDpoU4lJvZ+WMwrDEXT45mLd6Inkg5T8/amPXTKixSPxFGcgtsltr4OzBaSQUGdd
LCr6uQpkxYE03Vwgy6ML+4nNJXBmQ1oiMB6te1Y6CTWjoVhSKhzzMg==
-----END CERTIFICATE-----
Generated at Fri May 10 09:46:57 2024 by rpki-client on console.sobornost.net