Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/N3-qGPM9ctgGis14rnGEC-MkM90.roa
File: N3-qGPM9ctgGis14rnGEC-MkM90.roa (raw, json)
Hash identifier: 86o8lpnCtZ8kYJaT3EBrYACmcXhTVFZqJANxoJjo8bE=
Subject key identifier: 37:7F:AA:18:F3:3D:72:D8:06:8A:CD:78:AE:71:84:0B:E3:24:33:DD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E0A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/N3-qGPM9ctgGis14rnGEC-MkM90.roa
Signing time: Thu 11 Apr 2024 07:22:45 +0000
ROA not before: Thu 11 Apr 2024 07:22:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15882 (0x3e0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 07:22:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=377FAA18F33D72D8068ACD78AE71840BE32433DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9a:a6:0e:e5:9e:5b:4f:a4:50:e0:64:6b:a4:
ff:f2:25:fa:ef:9c:0f:bd:5f:0b:6d:38:96:47:66:
cc:1e:c9:f1:e2:c5:61:56:da:9c:e0:4c:e8:b4:d4:
3a:51:b2:16:53:3e:3e:0f:b9:e4:ca:52:22:3f:4b:
8a:f0:0f:e1:39:b8:c4:c9:b2:31:fd:65:ad:d3:22:
1c:80:72:04:89:e1:04:e6:4c:21:2a:2f:8f:03:ca:
26:89:80:aa:af:66:9d:f3:94:55:3e:51:0b:4b:2b:
22:c6:3f:a5:a7:c1:2f:fc:f8:09:9f:11:ef:dc:89:
e3:cd:ff:56:50:2f:8d:7f:7b:84:8c:8a:55:b0:5d:
f5:2c:40:25:46:ba:3f:0d:df:9e:a7:2a:a7:59:a3:
97:99:ce:6d:6f:80:d1:81:33:3e:29:42:d4:d7:0c:
59:81:d7:01:72:c5:7c:1b:61:53:72:a7:d7:a2:b4:
78:55:26:cb:aa:90:2b:8b:6a:d9:2e:77:ef:c6:bd:
b3:f0:49:2a:09:2d:70:9a:ba:ec:fd:53:03:4e:e6:
f5:5c:d0:11:c7:fd:f8:2b:6f:69:0f:79:0e:2c:c9:
00:a6:d8:09:9b:30:f6:e9:71:83:d8:cf:70:b5:3d:
b3:32:bb:77:56:f7:59:33:8e:84:74:ef:f1:c4:47:
dd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:7F:AA:18:F3:3D:72:D8:06:8A:CD:78:AE:71:84:0B:E3:24:33:DD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/N3-qGPM9ctgGis14rnGEC-MkM90.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1a:ee:c2:56:1d:31:15:e6:c4:6a:9c:30:47:08:a7:de:f2:a2:
d0:d4:38:24:5d:a5:f7:5f:79:84:c7:00:b3:31:33:a0:c3:c8:
3c:d3:8c:ae:94:9d:7e:1c:2e:7b:00:fb:de:f9:4b:ff:de:f1:
01:a8:35:db:e4:02:8f:d0:e2:52:c2:b9:19:b1:33:d9:fd:fe:
9a:4e:b1:b7:a8:89:cd:34:0b:08:39:c5:2d:ef:e8:9e:a7:3c:
38:5f:cf:d2:7d:30:98:75:a9:c0:54:2a:09:bb:e2:d7:96:f8:
9a:6b:7b:e2:73:71:f9:33:02:60:c0:d6:b3:e2:0a:7a:af:4b:
29:7f:bb:64:7e:36:a6:b6:f8:aa:2f:4d:24:c2:5a:62:06:d3:
32:c5:87:c8:f8:bb:ec:b9:7c:ee:77:b4:c3:36:3a:4d:1a:a3:
8a:9d:b4:d3:e4:99:e5:b8:34:a1:03:91:2c:50:a4:0d:b1:fa:
68:1e:b9:ba:9d:4a:60:da:a4:c7:e9:53:12:c6:23:ca:11:94:
5c:05:9d:9f:7a:5d:4c:78:73:50:4e:9f:28:29:04:4d:fa:8e:
70:6a:5f:62:ab:b4:b2:fd:58:23:e5:34:08:0b:5f:f4:b6:42:
18:4d:8a:87:2d:06:47:5b:2e:04:af:5f:39:ec:81:78:b0:e2:
05:a8:ea:eb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPgowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
NzIyNDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM3N0ZBQTE4RjMzRDcy
RDgwNjhBQ0Q3OEFFNzE4NDBCRTMyNDMzREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDImqYO5Z5bT6RQ4GRrpP/yJfrvnA+9XwttOJZHZsweyfHixWFW
2pzgTOi01DpRshZTPj4PueTKUiI/S4rwD+E5uMTJsjH9Za3TIhyAcgSJ4QTmTCEq
L48DyiaJgKqvZp3zlFU+UQtLKyLGP6WnwS/8+AmfEe/ciePN/1ZQL41/e4SMilWw
XfUsQCVGuj8N356nKqdZo5eZzm1vgNGBMz4pQtTXDFmB1wFyxXwbYVNyp9eitHhV
JsuqkCuLatkud+/GvbPwSSoJLXCauuz9UwNO5vVc0BHH/fgrb2kPeQ4syQCm2Amb
MPbpcYPYz3C1PbMyu3dW91kzjoR07/HER911AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUN3+qGPM9ctgGis14rnGEC+MkM90wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L04zLXFHUE05Y3RnR2lz
MTRybkdFQy1Na005MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAGu7CVh0xFebEapwwRwin3vKi0NQ4JF2l
9195hMcAszEzoMPIPNOMrpSdfhwuewD73vlL/97xAag12+QCj9DiUsK5GbEz2f3+
mk6xt6iJzTQLCDnFLe/onqc8OF/P0n0wmHWpwFQqCbvi15b4mmt74nNx+TMCYMDW
s+IKeq9LKX+7ZH42prb4qi9NJMJaYgbTMsWHyPi77Ll87ne0wzY6TRqjip200+SZ
5bg0oQORLFCkDbH6aB65up1KYNqkx+lTEsYjyhGUXAWdn3pdTHhzUE6fKCkETfqO
cGpfYqu0sv1YI+U0CAtf9LZCGE2Khy0GR1suBK9fOeyBeLDiBajq6w==
-----END CERTIFICATE-----
Generated at Thu Apr 11 14:03:39 2024 by rpki-client on console.sobornost.net