Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3iYli6RcYHhQpL_sKLl-tVosFbg.roa
File: 3iYli6RcYHhQpL_sKLl-tVosFbg.roa (raw, json)
Hash identifier: fH6LYQiTjaoQiwBaRpX4uIzpUeX+Md3Otn70n5CxSuk=
Subject key identifier: DE:26:25:8B:A4:5C:60:78:50:A4:BF:EC:28:B9:7E:B5:5A:2C:15:B8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 460A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3iYli6RcYHhQpL_sKLl-tVosFbg.roa
Signing time: Sun 21 Apr 2024 23:23:16 +0000
ROA not before: Sun 21 Apr 2024 23:23:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17930 (0x460a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 21 23:23:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DE26258BA45C607850A4BFEC28B97EB55A2C15B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2d:60:76:ec:ac:1e:00:9b:2a:ec:a0:0b:b4:
cc:e4:09:cb:a3:a6:d6:01:71:73:2a:6d:57:e2:6a:
61:34:fd:62:b8:b3:34:4e:9d:06:ed:65:2b:ee:6a:
99:0c:97:42:2c:55:d1:6e:e6:3a:b2:60:d8:49:3a:
53:7d:b3:d3:5d:a8:01:09:30:7a:20:22:51:79:13:
f1:c7:5e:9f:58:4e:8a:c9:b5:7a:88:f0:fe:43:35:
06:67:b2:7a:3a:d5:8e:4c:38:b3:e6:1f:4d:ef:a6:
2e:83:49:c0:94:aa:8b:14:6d:80:70:c9:b7:f8:8d:
1b:4d:ec:e0:a5:50:9b:9e:7b:38:5d:6c:c4:85:3b:
2d:e4:db:2e:d2:f8:70:6f:fc:d6:35:be:3f:aa:5e:
72:4f:42:6d:99:23:54:27:57:36:f4:42:99:b1:2e:
57:cd:b7:35:56:8e:62:96:a4:68:7d:8c:f6:a5:ff:
a0:a5:bd:55:89:85:18:86:a5:3c:b8:a5:01:5d:ce:
34:50:84:00:f0:7d:aa:15:27:94:cf:47:91:19:c2:
d2:f8:0a:25:8c:4a:54:87:36:8a:5d:1d:78:69:f2:
39:ee:a4:b4:00:8a:d8:23:9e:b9:c9:89:c3:00:2d:
7e:75:f5:c3:3b:38:8c:b1:da:1c:42:9f:95:05:68:
05:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:26:25:8B:A4:5C:60:78:50:A4:BF:EC:28:B9:7E:B5:5A:2C:15:B8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3iYli6RcYHhQpL_sKLl-tVosFbg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:dd:0a:4a:11:26:19:a1:6e:c8:e6:2e:b7:5a:3b:65:a6:ad:
be:11:9f:6a:b1:5b:2c:73:7f:d6:d6:8e:12:32:00:86:b0:55:
58:d6:d5:9c:8d:69:90:a1:a2:43:e6:53:52:4e:4f:2d:85:22:
00:fe:36:41:a5:00:a1:d1:d6:14:1a:b7:34:f6:78:01:f3:9e:
8a:17:47:6c:86:87:2c:bc:7f:83:97:27:31:b3:c8:de:fe:fb:
49:01:c7:25:54:08:5e:fd:32:48:50:73:25:78:5a:fe:bc:88:
ec:9c:b9:25:db:70:67:69:5f:9a:9a:db:a3:eb:4b:a6:26:17:
00:8b:64:4b:dd:87:e5:21:d1:7a:cf:7e:c9:93:11:9f:33:17:
b9:80:1e:39:50:66:2c:8c:41:8d:fd:76:4c:83:df:1d:7d:c3:
bb:7f:9f:79:c4:82:da:d5:b3:34:57:37:ec:c1:da:d7:c9:d8:
ac:b9:e8:47:3e:37:fc:94:48:28:3b:db:2e:df:37:6c:56:26:
ac:0a:f8:4f:75:c5:a3:1b:2a:67:14:42:c3:73:2f:b3:e2:f1:
47:c0:87:1a:93:bf:da:78:08:73:be:4c:60:27:08:05:cb:53:
86:ca:36:33:ab:85:61:75:27:e3:16:14:d3:9f:97:99:d6:45:
87:81:ea:32
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRgowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjEy
MzIzMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERFMjYyNThCQTQ1QzYw
Nzg1MEE0QkZFQzI4Qjk3RUI1NUEyQzE1QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8LWB27KweAJsq7KALtMzkCcujptYBcXMqbVfiamE0/WK4szRO
nQbtZSvuapkMl0IsVdFu5jqyYNhJOlN9s9NdqAEJMHogIlF5E/HHXp9YTorJtXqI
8P5DNQZnsno61Y5MOLPmH03vpi6DScCUqosUbYBwybf4jRtN7OClUJueezhdbMSF
Oy3k2y7S+HBv/NY1vj+qXnJPQm2ZI1QnVzb0QpmxLlfNtzVWjmKWpGh9jPal/6Cl
vVWJhRiGpTy4pQFdzjRQhADwfaoVJ5TPR5EZwtL4CiWMSlSHNopdHXhp8jnupLQA
itgjnrnJicMALX519cM7OIyx2hxCn5UFaAXJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU3iYli6RcYHhQpL/sKLl+tVosFbgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNpWWxpNlJjWUhoUXBM
X3NLTGwtdFZvc0ZiZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAId0KShEmGaFuyOYut1o7ZaatvhGfarFb
LHN/1taOEjIAhrBVWNbVnI1pkKGiQ+ZTUk5PLYUiAP42QaUAodHWFBq3NPZ4AfOe
ihdHbIaHLLx/g5cnMbPI3v77SQHHJVQIXv0ySFBzJXha/ryI7Jy5JdtwZ2lfmprb
o+tLpiYXAItkS92H5SHRes9+yZMRnzMXuYAeOVBmLIxBjf12TIPfHX3Du3+fecSC
2tWzNFc37MHa18nYrLnoRz43/JRIKDvbLt83bFYmrAr4T3XFoxsqZxRCw3Mvs+Lx
R8CHGpO/2ngIc75MYCcIBctThso2M6uFYXUn4xYU05+XmdZFh4HqMg==
-----END CERTIFICATE-----
Generated at Wed Apr 24 03:15:13 2024 by rpki-client on console.sobornost.net