Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5MaVn3CF15ETFazTWkKzmS6kr4o.roa
File: 5MaVn3CF15ETFazTWkKzmS6kr4o.roa (raw, json)
Hash identifier: V9onrjByHLxP/buZTOY44LCEVF9ZuCg4LamGl0tskU0=
Subject key identifier: E4:C6:95:9F:70:85:D7:91:13:15:AC:D3:5A:42:B3:99:2E:A4:AF:8A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34EA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5MaVn3CF15ETFazTWkKzmS6kr4o.roa
Signing time: Sat 30 Mar 2024 03:22:15 +0000
ROA not before: Sat 30 Mar 2024 03:22:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13546 (0x34ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 03:22:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E4C6959F7085D7911315ACD35A42B3992EA4AF8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3e:da:30:20:c2:da:8b:0e:62:c0:ab:13:f1:
0c:15:0f:0e:ac:7e:b2:77:be:cb:02:a6:a9:60:3a:
8f:f7:46:50:68:d0:06:d4:f2:46:b6:cb:d4:08:9b:
f2:9d:d0:db:7c:8e:b4:23:4f:70:ce:3b:24:bd:ae:
dd:cc:a2:29:1e:8a:1b:89:32:ce:2a:b5:85:0e:12:
1b:5b:29:a0:e2:78:46:26:02:57:bf:c0:e9:1d:4b:
a5:c4:c7:2b:4e:4e:e5:0c:d9:be:82:84:a2:2a:fb:
71:bb:36:4d:31:fc:fe:d7:61:87:62:42:48:ba:f1:
33:05:8c:a6:d9:1a:04:71:b8:55:9a:a7:c8:23:e5:
5a:a7:99:c0:a4:c2:4f:7a:13:17:16:d2:fe:fb:5f:
08:7f:12:1c:cc:0b:87:33:3e:09:64:3c:a5:dc:c3:
c2:2f:29:cf:3d:7b:35:ae:9b:74:b6:9d:d3:55:2c:
64:4c:58:cb:37:dd:01:ec:ba:78:46:d7:d3:65:2c:
90:06:c5:5c:89:85:29:b3:cc:56:63:f5:31:00:c2:
0b:6d:85:d4:3d:0e:61:a9:a6:c8:92:38:53:93:54:
b7:e9:bc:ed:3f:da:f3:7e:ba:89:02:d3:73:ea:14:
46:fc:56:d6:3a:3f:5e:fd:cb:91:9e:ed:46:3e:37:
e3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C6:95:9F:70:85:D7:91:13:15:AC:D3:5A:42:B3:99:2E:A4:AF:8A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5MaVn3CF15ETFazTWkKzmS6kr4o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:c1:8f:fc:4d:72:0c:66:0f:2e:8b:0b:8c:de:76:68:64:1e:
6c:b5:be:4e:98:19:b6:45:e9:c0:7b:0c:8a:ef:be:ad:5d:79:
03:27:2c:b7:e3:7b:e5:74:e0:a1:69:f6:fb:46:5d:1e:6b:4e:
47:90:3e:ac:d0:b3:cc:23:c1:34:93:30:46:ae:fb:14:3b:e4:
2b:55:6d:6b:32:a2:27:46:c1:32:10:42:56:ed:43:b3:1b:d0:
cc:2b:bc:af:86:12:89:ff:9c:92:21:03:37:78:c9:a5:10:fa:
90:53:64:b3:7a:44:8a:61:39:68:5f:19:42:46:2b:94:eb:99:
03:ef:cc:f9:78:2b:5f:6c:98:01:a1:b1:fc:b8:ed:9c:47:da:
4d:a4:a7:16:c4:cc:e5:b1:67:07:5a:07:28:e5:34:19:e1:16:
ab:5f:a9:1e:96:7c:90:66:19:81:34:e9:39:c6:e5:22:5a:52:
d0:4d:1e:2d:d6:ee:57:e6:dc:e5:b8:da:43:bb:02:29:b9:91:
4d:05:e6:d8:45:dc:54:45:8d:d4:23:b9:24:89:60:4b:95:45:
1b:5e:d2:8a:0f:9d:a7:96:5f:a5:ad:23:15:7c:5f:63:92:5c:
1e:66:2d:03:03:05:44:53:00:a4:4d:a1:91:fc:f4:23:63:94:
13:06:90:03
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNOowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
MzIyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU0QzY5NTlGNzA4NUQ3
OTExMzE1QUNEMzVBNDJCMzk5MkVBNEFGOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnPtowIMLaiw5iwKsT8QwVDw6sfrJ3vssCpqlgOo/3RlBo0AbU
8ka2y9QIm/Kd0Nt8jrQjT3DOOyS9rt3MoikeihuJMs4qtYUOEhtbKaDieEYmAle/
wOkdS6XExytOTuUM2b6ChKIq+3G7Nk0x/P7XYYdiQki68TMFjKbZGgRxuFWap8gj
5VqnmcCkwk96ExcW0v77Xwh/EhzMC4czPglkPKXcw8IvKc89ezWum3S2ndNVLGRM
WMs33QHsunhG19NlLJAGxVyJhSmzzFZj9TEAwgtthdQ9DmGppsiSOFOTVLfpvO0/
2vN+uokC03PqFEb8VtY6P179y5Ge7UY+N+ONAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU5MaVn3CF15ETFazTWkKzmS6kr4owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVNYVZuM0NGMTVFVEZh
elRXa0t6bVM2a3I0by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAl8GP/E1yDGYPLosLjN52aGQebLW+TpgZ
tkXpwHsMiu++rV15Aycst+N75XTgoWn2+0ZdHmtOR5A+rNCzzCPBNJMwRq77FDvk
K1VtazKiJ0bBMhBCVu1DsxvQzCu8r4YSif+ckiEDN3jJpRD6kFNks3pEimE5aF8Z
QkYrlOuZA+/M+XgrX2yYAaGx/LjtnEfaTaSnFsTM5bFnB1oHKOU0GeEWq1+pHpZ8
kGYZgTTpOcblIlpS0E0eLdbuV+bc5bjaQ7sCKbmRTQXm2EXcVEWN1CO5JIlgS5VF
G17Sig+dp5Zfpa0jFXxfY5JcHmYtAwMFRFMApE2hkfz0I2OUEwaQAw==
-----END CERTIFICATE-----
Generated at Sat Mar 30 09:11:45 2024 by rpki-client on console.sobornost.net