Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WzqbQtRGZxIDJmAhkF1PdZh7Q6k.roa
File: WzqbQtRGZxIDJmAhkF1PdZh7Q6k.roa (raw, json)
Hash identifier: 2FS9djQsBNbvjwZauC32mmQsoTtBP/DyR9ZOA/lgPI4=
Subject key identifier: 5B:3A:9B:42:D4:46:67:12:03:26:60:21:90:5D:4F:75:98:7B:43:A9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 399A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WzqbQtRGZxIDJmAhkF1PdZh7Q6k.roa
Signing time: Fri 05 Apr 2024 09:22:30 +0000
ROA not before: Fri 05 Apr 2024 09:22:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14746 (0x399a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 09:22:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5B3A9B42D446671203266021905D4F75987B43A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e9:23:68:e9:1b:3a:95:60:84:74:e7:a8:6b:
0f:d7:b9:5d:1d:db:9e:c0:c7:67:5e:54:2d:dd:37:
ca:65:83:e5:27:58:e1:7f:69:08:f7:c9:4b:ef:90:
f8:69:c2:c9:f2:11:1a:b3:79:0f:fe:3c:fa:b9:3b:
53:10:c3:15:50:2c:4c:be:0e:d9:c8:e9:65:3f:ff:
36:21:43:26:e7:cd:3c:b5:8a:82:bf:62:59:fb:79:
ba:ee:72:c8:50:f6:5a:59:b8:ab:9c:69:7d:f7:1a:
14:ed:86:f2:f6:91:b0:be:33:2b:e3:19:cb:fd:cb:
dc:33:1e:9f:90:cf:51:68:47:8d:e0:1c:a3:43:e7:
82:2a:cd:9b:8e:6b:3c:ea:17:28:e6:38:b0:6e:35:
a0:f8:18:70:ec:0c:9e:ac:d5:9b:ee:fa:20:08:81:
01:c9:37:b1:80:a5:d0:a3:4f:40:ff:77:87:63:1d:
18:26:a1:73:27:56:3d:27:56:91:22:57:c8:53:1f:
41:cc:01:dc:e0:9a:67:92:22:6e:f0:db:8a:3f:61:
66:dd:e2:18:99:c8:87:56:a6:02:ef:e6:e7:b8:bc:
b1:c5:3e:00:e8:8a:d4:21:d3:59:11:b8:2a:52:69:
61:4a:84:94:4b:9c:4e:4f:c0:57:99:f1:d4:12:73:
ee:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3A:9B:42:D4:46:67:12:03:26:60:21:90:5D:4F:75:98:7B:43:A9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WzqbQtRGZxIDJmAhkF1PdZh7Q6k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:18:6a:3d:c8:35:ad:61:8b:30:47:e7:58:84:66:a8:14:df:
b1:48:93:00:d1:67:6d:44:de:83:88:e7:f4:80:0c:c8:20:0a:
4c:6d:70:a0:03:80:0b:2e:26:9e:ad:71:8e:c9:4a:40:9b:9a:
1b:69:cc:82:17:a2:75:a0:ae:28:d0:54:fe:d5:31:fa:41:be:
f0:ca:de:40:60:7c:84:d5:c1:d4:16:a9:fc:a6:98:d6:dd:be:
b7:89:65:9b:71:2d:8e:4a:1e:b5:51:47:3c:8c:35:2c:4d:97:
f7:2a:37:9b:c3:a1:33:4d:6a:d8:32:9b:da:2c:3b:c4:16:55:
00:39:c6:a6:6b:0d:d7:24:00:64:fa:a7:49:13:ae:2c:f3:4a:
22:94:a8:21:d5:06:e0:96:fe:e0:e1:ee:62:1b:9b:aa:b7:e8:
c3:99:95:fc:7f:48:1d:fd:d5:c0:86:01:3d:b6:6c:05:29:d0:
eb:45:97:6f:5e:94:61:74:c1:3f:9e:20:ff:6a:b0:a2:78:90:
d8:d7:13:1a:ac:4f:fc:c1:8a:82:4e:4a:70:91:b6:d2:62:b9:
77:75:29:ed:56:8f:97:53:cf:81:40:80:a9:46:53:d8:2f:31:
df:be:c5:5e:db:29:33:1f:15:36:33:b6:b4:d1:7e:e3:75:75:
0d:ba:3e:b4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOZowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
OTIyMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVCM0E5QjQyRDQ0NjY3
MTIwMzI2NjAyMTkwNUQ0Rjc1OTg3QjQzQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCb6SNo6Rs6lWCEdOeoaw/XuV0d257Ax2deVC3dN8plg+UnWOF/
aQj3yUvvkPhpwsnyERqzeQ/+PPq5O1MQwxVQLEy+DtnI6WU//zYhQybnzTy1ioK/
Yln7ebrucshQ9lpZuKucaX33GhTthvL2kbC+MyvjGcv9y9wzHp+Qz1FoR43gHKND
54IqzZuOazzqFyjmOLBuNaD4GHDsDJ6s1Zvu+iAIgQHJN7GApdCjT0D/d4djHRgm
oXMnVj0nVpEiV8hTH0HMAdzgmmeSIm7w24o/YWbd4hiZyIdWpgLv5ue4vLHFPgDo
itQh01kRuCpSaWFKhJRLnE5PwFeZ8dQSc+5rAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUWzqbQtRGZxIDJmAhkF1PdZh7Q6kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1d6cWJRdFJHWnhJREpt
QWhrRjFQZFpoN1E2ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAJRhqPcg1rWGLMEfnWIRmqBTfsUiTANFn
bUTeg4jn9IAMyCAKTG1woAOACy4mnq1xjslKQJuaG2nMgheidaCuKNBU/tUx+kG+
8MreQGB8hNXB1Bap/KaY1t2+t4llm3EtjkoetVFHPIw1LE2X9yo3m8OhM01q2DKb
2iw7xBZVADnGpmsN1yQAZPqnSROuLPNKIpSoIdUG4Jb+4OHuYhubqrfow5mV/H9I
Hf3VwIYBPbZsBSnQ60WXb16UYXTBP54g/2qwoniQ2NcTGqxP/MGKgk5KcJG20mK5
d3Up7VaPl1PPgUCAqUZT2C8x377FXtspMx8VNjO2tNF+43V1Dbo+tA==
-----END CERTIFICATE-----
Generated at Fri Apr 5 15:53:53 2024 by rpki-client on console.sobornost.net