Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LLjcQbqt5LWnVrroNEWdRZMfEos.roa
File: LLjcQbqt5LWnVrroNEWdRZMfEos.roa (raw, json)
Hash identifier: T2VxIi0FZ2pNaCqy1sNQwhQHm0Z6cgJhOtvaVgNf9Ls=
Subject key identifier: 2C:B8:DC:41:BA:AD:E4:B5:A7:56:BA:E8:34:45:9D:45:93:1F:12:8B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 559A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LLjcQbqt5LWnVrroNEWdRZMfEos.roa
Signing time: Sun 12 May 2024 17:24:12 +0000
ROA not before: Sun 12 May 2024 17:24:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21914 (0x559a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 17:24:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2CB8DC41BAADE4B5A756BAE834459D45931F128B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bc:b8:63:9e:2e:c7:a5:31:97:f8:19:63:c4:
a0:9e:c1:a6:71:a2:e4:1d:5d:b9:e4:a9:8b:d4:42:
d4:44:59:87:ad:57:08:17:3e:8e:e5:96:e5:18:80:
14:bc:09:5c:25:48:b0:e5:91:f6:c9:43:d8:be:43:
a0:4d:43:35:d1:90:ab:d7:a0:cc:27:cd:21:46:bc:
50:75:18:38:4c:47:f4:a5:19:54:50:04:03:45:3a:
da:04:bf:29:2f:f0:51:28:b6:6e:10:c1:ea:18:ba:
79:46:f0:c9:d2:98:48:02:ac:e6:1f:5d:f7:04:65:
2b:44:67:d6:36:49:df:4a:b8:96:78:18:a7:90:5c:
c2:ef:77:9a:04:e3:5a:94:5f:4f:09:31:ab:f6:44:
8e:93:b1:cf:42:5d:e9:4a:43:a7:d9:07:99:22:24:
b5:f0:60:3f:bc:3e:1f:3e:34:5b:b2:aa:98:4b:71:
cf:e1:30:2e:49:4a:c8:86:87:ae:af:c6:22:87:36:
87:4e:3c:97:f2:9d:d3:3f:0f:5c:b6:b0:87:df:b4:
31:7e:01:1d:56:ea:91:ee:e9:87:0b:b8:1a:10:fb:
2a:3b:da:5d:60:88:f3:dc:50:94:e6:ca:36:5b:ce:
04:81:f1:50:83:02:02:cf:74:68:f1:e2:09:92:4e:
71:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:B8:DC:41:BA:AD:E4:B5:A7:56:BA:E8:34:45:9D:45:93:1F:12:8B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LLjcQbqt5LWnVrroNEWdRZMfEos.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:04:07:57:4d:dd:73:db:6d:a7:28:75:34:48:1a:96:23:69:
f1:cc:45:06:1d:96:4f:ba:c6:60:15:9c:fd:0a:66:c4:2f:68:
fd:2d:a1:2e:43:bf:c7:3f:be:49:aa:0a:19:b2:ab:66:0e:2e:
4d:3b:7d:4c:ca:79:8c:b6:e3:bc:e9:f9:2f:35:0c:33:dc:69:
71:8e:fa:fe:50:23:8a:1f:dc:97:0b:aa:46:4f:39:a1:e3:ee:
d3:4e:15:b0:88:4f:8c:1a:d5:18:91:ec:12:ac:16:8e:3b:36:
f4:78:ff:e5:42:ad:94:4b:9e:c9:84:f2:3e:4a:36:90:7c:b8:
18:e5:d6:2b:75:6b:36:37:ec:d2:73:f8:9f:9b:55:b1:e5:9a:
9d:4c:22:5e:dd:3d:b5:04:3e:06:84:d3:d6:76:31:21:28:c3:
34:59:b6:65:4b:e6:01:c9:85:f1:c9:4d:cf:45:53:39:d6:17:
de:cb:a0:68:6a:43:1b:6c:8b:ba:d3:20:e3:17:56:8f:bd:5c:
f0:79:8b:34:79:71:9f:21:2e:df:e8:6c:0f:d6:e1:4a:1c:9b:
e3:5b:74:58:cf:fc:65:14:e6:1b:32:b2:04:72:d8:b7:c4:5f:
17:8b:90:02:1d:cb:bb:25:d5:5e:3a:1f:0e:72:98:38:92:ce:
9f:b2:a7:e9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVZowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIx
NzI0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJDQjhEQzQxQkFBREU0
QjVBNzU2QkFFODM0NDU5RDQ1OTMxRjEyOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnvLhjni7HpTGX+BljxKCewaZxouQdXbnkqYvUQtREWYetVwgX
Po7lluUYgBS8CVwlSLDlkfbJQ9i+Q6BNQzXRkKvXoMwnzSFGvFB1GDhMR/SlGVRQ
BANFOtoEvykv8FEotm4QweoYunlG8MnSmEgCrOYfXfcEZStEZ9Y2Sd9KuJZ4GKeQ
XMLvd5oE41qUX08JMav2RI6Tsc9CXelKQ6fZB5kiJLXwYD+8Ph8+NFuyqphLcc/h
MC5JSsiGh66vxiKHNodOPJfyndM/D1y2sIfftDF+AR1W6pHu6YcLuBoQ+yo72l1g
iPPcUJTmyjZbzgSB8VCDAgLPdGjx4gmSTnH9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULLjcQbqt5LWnVrroNEWdRZMfEoswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xMamNRYnF0NUxXblZy
cm9ORVdkUlpNZkVvcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKgQHV03dc9ttpyh1NEgaliNp8cxFBh2W
T7rGYBWc/QpmxC9o/S2hLkO/xz++SaoKGbKrZg4uTTt9TMp5jLbjvOn5LzUMM9xp
cY76/lAjih/clwuqRk85oePu004VsIhPjBrVGJHsEqwWjjs29Hj/5UKtlEueyYTy
Pko2kHy4GOXWK3VrNjfs0nP4n5tVseWanUwiXt09tQQ+BoTT1nYxISjDNFm2ZUvm
AcmF8clNz0VTOdYX3sugaGpDG2yLutMg4xdWj71c8HmLNHlxnyEu3+hsD9bhShyb
41t0WM/8ZRTmGzKyBHLYt8RfF4uQAh3LuyXVXjofDnKYOJLOn7Kn6Q==
-----END CERTIFICATE-----
Generated at Sun May 12 22:20:19 2024 by rpki-client on console.sobornost.net