Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CCGlIAkCjRK2X6c-w3IX14mTX8c.roa
File: CCGlIAkCjRK2X6c-w3IX14mTX8c.roa (raw, json)
Hash identifier: 4HnPmCoUay+qfFcOebtOEAh7ywfVgy663KxaL+UoUuU=
Subject key identifier: 08:21:A5:20:09:02:8D:12:B6:5F:A7:3E:C3:72:17:D7:89:93:5F:C7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3CA2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CCGlIAkCjRK2X6c-w3IX14mTX8c.roa
Signing time: Tue 09 Apr 2024 10:22:37 +0000
ROA not before: Tue 09 Apr 2024 10:22:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15522 (0x3ca2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 10:22:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0821A52009028D12B65FA73EC37217D789935FC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7b:9a:79:87:f1:12:53:19:0b:40:77:d0:47:
3d:d7:e0:aa:95:cc:7b:3f:19:64:a6:4b:bc:fd:b5:
d9:01:c2:a8:04:d6:0d:73:7b:92:aa:cc:57:93:92:
b4:eb:29:4e:96:a5:82:b9:5d:14:2e:ec:55:42:7a:
25:a9:77:59:92:3c:b5:63:b9:50:28:4f:84:70:7f:
1f:ce:cf:89:3d:3f:f6:16:3d:8d:6a:89:19:9b:b4:
f5:d8:76:b9:06:77:69:0b:a3:b6:13:40:ce:e9:59:
8c:90:0c:e5:e8:07:e1:9d:3f:ac:d6:db:5a:88:14:
67:31:a3:6a:37:97:a0:45:8a:90:c3:3e:86:8f:71:
e6:a6:d8:51:82:3f:06:37:8e:48:65:08:31:87:63:
95:8d:a8:a8:08:91:39:e3:bc:e9:e3:3c:8e:d6:08:
a8:17:fc:16:8d:37:bf:12:ee:2c:19:0b:10:1c:a7:
6d:62:c8:f9:07:87:5b:a8:78:f9:58:45:16:f8:25:
f6:21:50:ab:b6:9e:8f:05:b7:db:48:8d:31:52:71:
d5:74:98:c6:3e:72:fd:27:c0:cd:77:d1:6a:d5:17:
62:fa:19:e5:1c:3a:1b:df:e0:95:9f:21:4c:32:17:
ea:20:c6:91:77:da:75:ab:ab:98:64:ed:f2:48:16:
97:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:21:A5:20:09:02:8D:12:B6:5F:A7:3E:C3:72:17:D7:89:93:5F:C7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CCGlIAkCjRK2X6c-w3IX14mTX8c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:ed:44:ee:6e:0b:73:27:b6:fd:c4:09:07:11:68:e8:3a:d8:
6e:74:07:e7:ce:85:a3:f2:e8:72:bc:3c:25:4c:81:5d:c2:e0:
f0:59:c4:a6:07:b5:0e:66:5e:4a:bf:25:89:04:62:ea:06:a3:
8a:eb:74:46:b5:d3:ca:a7:b0:81:8f:0c:d5:24:53:9f:b3:a3:
3c:97:8a:10:dc:a4:30:6c:ea:dd:c1:33:05:f4:1b:41:54:88:
00:a3:58:53:61:63:1d:03:6d:ba:2e:73:56:4a:90:fb:9c:e6:
9b:c3:3b:05:0c:69:b9:08:a9:ab:14:81:46:28:2a:22:90:65:
a3:52:ca:75:5a:a0:fa:a3:8a:75:8b:94:67:99:8d:5a:d5:9f:
ba:d8:9d:d4:f6:ee:42:49:8d:06:d6:dd:b4:c1:02:de:ca:33:
5c:10:b7:7f:e1:20:71:9b:a7:1f:9c:f5:f5:9f:9a:02:37:e2:
2c:4c:55:5c:30:1c:57:dc:61:d6:ff:88:99:42:ce:33:d6:33:
19:24:7c:61:63:92:f9:58:f2:6a:b1:e2:cf:fd:75:d5:55:47:
e8:55:0e:4b:20:01:8e:03:a2:25:59:95:19:53:eb:eb:96:5d:
99:ea:93:07:c8:cf:99:46:18:27:d1:d4:ba:62:e0:a8:7f:c1:
38:5f:26:7e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkx
MDIyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA4MjFBNTIwMDkwMjhE
MTJCNjVGQTczRUMzNzIxN0Q3ODk5MzVGQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCye5p5h/ESUxkLQHfQRz3X4KqVzHs/GWSmS7z9tdkBwqgE1g1z
e5KqzFeTkrTrKU6WpYK5XRQu7FVCeiWpd1mSPLVjuVAoT4Rwfx/Oz4k9P/YWPY1q
iRmbtPXYdrkGd2kLo7YTQM7pWYyQDOXoB+GdP6zW21qIFGcxo2o3l6BFipDDPoaP
ceam2FGCPwY3jkhlCDGHY5WNqKgIkTnjvOnjPI7WCKgX/BaNN78S7iwZCxAcp21i
yPkHh1uoePlYRRb4JfYhUKu2no8Ft9tIjTFScdV0mMY+cv0nwM130WrVF2L6GeUc
Ohvf4JWfIUwyF+ogxpF32nWrq5hk7fJIFpclAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCCGlIAkCjRK2X6c+w3IX14mTX8cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NDR2xJQWtDalJLMlg2
Yy13M0lYMTRtVFg4Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAlO1E7m4Lcye2/cQJBxFo6DrYbnQH586F
o/Locrw8JUyBXcLg8FnEpge1DmZeSr8liQRi6gajiut0RrXTyqewgY8M1SRTn7Oj
PJeKENykMGzq3cEzBfQbQVSIAKNYU2FjHQNtui5zVkqQ+5zmm8M7BQxpuQipqxSB
RigqIpBlo1LKdVqg+qOKdYuUZ5mNWtWfutid1PbuQkmNBtbdtMEC3sozXBC3f+Eg
cZunH5z19Z+aAjfiLExVXDAcV9xh1v+ImULOM9YzGSR8YWOS+VjyarHiz/111VVH
6FUOSyABjgOiJVmVGVPr65ZdmeqTB8jPmUYYJ9HUumLgqH/BOF8mfg==
-----END CERTIFICATE-----
Generated at Tue Apr 9 16:59:43 2024 by rpki-client on console.sobornost.net