Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Cm01KkK6DDwEAtikuCTptEtsFTQ.roa
File: Cm01KkK6DDwEAtikuCTptEtsFTQ.roa (raw, json)
Hash identifier: 4LdcMrxmMfcfnTDm9DgjsNRj9WljuCiypNZhT2QB23c=
Subject key identifier: 0A:6D:35:2A:42:BA:0C:3C:04:02:D8:A4:B8:24:E9:B4:4B:6C:15:34
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 346A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Cm01KkK6DDwEAtikuCTptEtsFTQ.roa
Signing time: Fri 29 Mar 2024 11:22:32 +0000
ROA not before: Fri 29 Mar 2024 11:22:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13418 (0x346a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 11:22:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0A6D352A42BA0C3C0402D8A4B824E9B44B6C1534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ae:c7:16:8f:1c:4f:a7:2a:4e:58:85:8a:50:
19:b5:db:6f:6a:28:48:41:4f:cb:c0:1c:45:80:7e:
bd:58:10:56:8e:20:99:1c:02:0d:20:95:2c:75:41:
70:aa:0d:21:3e:98:69:7a:fa:66:17:28:32:19:5d:
c9:8e:e3:b2:aa:c7:27:a6:66:bf:94:16:e6:50:ef:
e1:d2:17:49:e0:bc:c2:df:07:12:de:d6:86:3c:38:
b1:85:e7:d3:e8:7d:c5:52:4b:b8:6f:b0:d6:4a:cb:
f0:b4:a0:d6:d4:27:07:9f:15:7d:77:da:01:eb:e3:
f5:f4:e2:d8:15:39:e7:04:ac:f6:7a:88:4b:bf:64:
94:47:6a:c1:f4:d3:79:71:de:5a:03:56:b0:78:88:
8b:be:ad:94:12:9c:f2:55:06:66:35:a4:c5:0a:2d:
cd:ed:e0:45:0e:4d:e9:5c:dc:66:3e:47:35:c0:20:
fa:ec:be:ba:d0:72:09:a2:8c:8c:8f:53:db:9a:38:
12:0a:6a:c9:95:4c:90:2a:fa:52:90:6b:1a:54:d8:
33:ce:1b:04:2e:df:d0:0f:ee:1c:f4:e6:85:31:3e:
8b:10:a2:42:b4:3d:57:ef:a4:a2:97:5c:f0:1c:74:
d2:5e:0c:c0:a8:af:0d:e1:e0:6d:c1:64:10:99:23:
29:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6D:35:2A:42:BA:0C:3C:04:02:D8:A4:B8:24:E9:B4:4B:6C:15:34
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Cm01KkK6DDwEAtikuCTptEtsFTQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:64:a2:42:57:5c:60:e1:67:25:5b:76:56:ff:5b:e5:cf:c7:
84:e4:dd:f6:7d:5c:17:6a:03:28:4a:ea:09:0c:0d:ac:f5:6b:
a5:d8:6a:7a:c9:5f:e6:f8:6f:ec:33:d2:5b:46:46:6e:d5:dc:
7b:cb:c2:c9:e8:13:0b:2f:9e:da:c8:31:3a:36:03:17:c1:75:
65:b1:81:c0:5e:84:b8:b0:70:76:d4:78:79:f5:cf:ca:74:90:
8b:bb:41:7f:df:5c:9d:37:55:0d:e8:92:3c:ed:5f:79:1f:e1:
4c:42:df:91:ee:88:97:4f:43:86:76:ba:aa:bb:a2:2e:dd:e5:
ff:93:34:65:ba:5b:0e:63:b8:a7:ad:68:ce:31:fe:02:01:22:
f6:00:99:bb:00:70:25:7a:4e:31:e7:d3:22:39:ce:cd:f9:17:
63:e2:78:a8:d4:b0:70:b8:4a:68:56:f7:c8:ac:ac:db:c8:43:
f1:fd:e9:52:76:c8:b6:af:3c:b5:77:3d:c1:ac:76:bf:3c:1c:
d4:ab:ca:7b:3d:45:be:c9:6e:81:4f:76:88:54:83:8f:48:84:
59:c6:71:38:99:b2:ea:c6:6a:46:0b:64:f8:e6:15:ba:48:ce:
26:7b:3b:a5:cc:70:a4:b0:4c:77:cb:36:35:b8:e6:3b:b6:63:
ed:78:98:12
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNGowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkx
MTIyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBBNkQzNTJBNDJCQTBD
M0MwNDAyRDhBNEI4MjRFOUI0NEI2QzE1MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZrscWjxxPpypOWIWKUBm1229qKEhBT8vAHEWAfr1YEFaOIJkc
Ag0glSx1QXCqDSE+mGl6+mYXKDIZXcmO47KqxyemZr+UFuZQ7+HSF0ngvMLfBxLe
1oY8OLGF59PofcVSS7hvsNZKy/C0oNbUJwefFX132gHr4/X04tgVOecErPZ6iEu/
ZJRHasH003lx3loDVrB4iIu+rZQSnPJVBmY1pMUKLc3t4EUOTelc3GY+RzXAIPrs
vrrQcgmijIyPU9uaOBIKasmVTJAq+lKQaxpU2DPOGwQu39AP7hz05oUxPosQokK0
PVfvpKKXXPAcdNJeDMCorw3h4G3BZBCZIymHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCm01KkK6DDwEAtikuCTptEtsFTQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NtMDFLa0s2RER3RUF0
aWt1Q1RwdEV0c0ZUUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAJWSiQldcYOFnJVt2Vv9b5c/HhOTd9n1c
F2oDKErqCQwNrPVrpdhqeslf5vhv7DPSW0ZGbtXce8vCyegTCy+e2sgxOjYDF8F1
ZbGBwF6EuLBwdtR4efXPynSQi7tBf99cnTdVDeiSPO1feR/hTELfke6Il09Dhna6
qruiLt3l/5M0ZbpbDmO4p61ozjH+AgEi9gCZuwBwJXpOMefTIjnOzfkXY+J4qNSw
cLhKaFb3yKys28hD8f3pUnbItq88tXc9wax2vzwc1KvKez1FvslugU92iFSDj0iE
WcZxOJmy6sZqRgtk+OYVukjOJns7pcxwpLBMd8s2NbjmO7Zj7XiYEg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 17:59:45 2024 by rpki-client on console.sobornost.net