Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/eitF9TkxIhcP21EKwfTkz5K13FI.roa
File: eitF9TkxIhcP21EKwfTkz5K13FI.roa (raw, json)
Hash identifier: tJZr7do0a6WL8Hcf/91BLs8237F5OwGBOUAuUoG/VhE=
Subject key identifier: 7A:2B:45:F5:39:31:22:17:0F:DB:51:0A:C1:F4:E4:CF:92:B5:DC:52
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37BE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eitF9TkxIhcP21EKwfTkz5K13FI.roa
Signing time: Tue 02 Apr 2024 21:52:20 +0000
ROA not before: Tue 02 Apr 2024 21:52:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14270 (0x37be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 21:52:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7A2B45F5393122170FDB510AC1F4E4CF92B5DC52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f4:e2:af:3a:fb:ad:81:a7:0c:fc:d2:23:a4:
7c:dc:76:52:7c:5d:6c:da:f5:c7:79:d5:05:0a:2e:
b1:4e:ec:f4:3a:63:ce:62:d5:43:f9:2e:92:f5:33:
8c:25:ad:85:00:e0:25:da:d1:62:8a:3d:92:ca:70:
50:64:e5:ff:68:5c:1d:3a:48:c7:85:57:e9:1e:50:
3a:e6:04:4d:c6:0c:56:2b:21:43:44:17:26:f9:fd:
94:6e:d9:3b:3b:44:74:97:a6:14:7a:b9:7f:53:fa:
ea:d9:f2:fd:c2:94:64:18:2c:62:7c:cf:d0:31:2a:
07:e1:87:43:58:18:55:94:ee:f4:ad:31:44:df:2c:
70:0b:2a:8f:2c:3f:0e:7e:ef:36:73:ec:80:d0:c2:
fc:22:7b:8d:2d:5e:c3:08:9c:56:24:c7:11:80:04:
e3:c2:74:e2:1a:96:ba:53:b4:78:60:a8:c8:2b:6a:
47:51:14:3e:4d:97:d3:f5:3b:31:c6:92:d5:4c:1b:
85:27:7d:39:76:e9:09:6b:9f:5a:09:92:e0:e4:82:
74:25:44:0e:97:83:b4:6c:dc:cb:a1:8f:6a:3d:87:
b3:9d:d6:88:be:86:b6:7c:dc:76:26:ba:19:f6:88:
ad:e5:fc:1e:cf:49:71:5c:8d:bb:36:af:68:46:1a:
90:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:2B:45:F5:39:31:22:17:0F:DB:51:0A:C1:F4:E4:CF:92:B5:DC:52
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eitF9TkxIhcP21EKwfTkz5K13FI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:29:27:e9:87:ee:cf:7d:64:95:67:73:e7:6d:df:a0:1b:0e:
69:53:0f:d6:2f:44:aa:d4:fd:70:ad:f2:d2:1c:22:ca:ba:82:
30:45:53:07:74:81:9a:58:dc:4e:f5:c8:2f:4a:61:47:21:02:
7e:21:11:99:1f:71:54:80:21:be:5a:e1:c0:fe:04:f2:8b:2c:
f7:52:ca:2e:c5:ea:29:bc:6e:c0:43:03:8b:57:ba:f1:a3:78:
0c:70:3e:bc:65:d0:fd:8f:9a:be:87:cb:27:24:f9:f1:52:24:
d3:ef:2e:99:13:dc:cf:63:15:4f:43:e7:3b:87:db:62:b0:df:
53:48:4d:5f:0d:c2:75:9c:e4:5a:8d:43:17:29:44:cf:63:90:
4e:b2:6b:54:96:46:05:c6:fe:6b:94:e7:e6:8d:89:16:d8:31:
4e:0b:46:fa:da:79:2e:25:41:a1:c8:9a:4f:7e:b6:25:a1:10:
7a:ce:b3:ed:16:a7:41:0a:e0:5d:c5:ac:f0:73:ba:80:90:2f:
6e:81:96:b5:c9:2f:5a:a7:1f:71:e2:44:cb:cb:95:d4:9e:4e:
10:d7:41:ce:66:1b:6e:69:70:f1:d9:74:38:3e:66:8d:8b:99:
75:bd:2e:03:9c:5c:e1:5d:c5:57:c6:cd:48:4a:89:e6:b8:d4:
e1:e9:1c:1f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICN74wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIy
MTUyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdBMkI0NUY1MzkzMTIy
MTcwRkRCNTEwQUMxRjRFNENGOTJCNURDNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC49OKvOvutgacM/NIjpHzcdlJ8XWza9cd51QUKLrFO7PQ6Y85i
1UP5LpL1M4wlrYUA4CXa0WKKPZLKcFBk5f9oXB06SMeFV+keUDrmBE3GDFYrIUNE
Fyb5/ZRu2Ts7RHSXphR6uX9T+urZ8v3ClGQYLGJ8z9AxKgfhh0NYGFWU7vStMUTf
LHALKo8sPw5+7zZz7IDQwvwie40tXsMInFYkxxGABOPCdOIalrpTtHhgqMgrakdR
FD5Nl9P1OzHGktVMG4UnfTl26Qlrn1oJkuDkgnQlRA6Xg7Rs3Muhj2o9h7Od1oi+
hrZ83HYmuhn2iK3l/B7PSXFcjbs2r2hGGpBXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUeitF9TkxIhcP21EKwfTkz5K13FIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VpdEY5VGt4SWhjUDIx
RUt3ZlRrejVLMTNGSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAlSkn6Yfuz31klWdz523foBsOaVMP1i9E
qtT9cK3y0hwiyrqCMEVTB3SBmljcTvXIL0phRyECfiERmR9xVIAhvlrhwP4E8oss
91LKLsXqKbxuwEMDi1e68aN4DHA+vGXQ/Y+avofLJyT58VIk0+8umRPcz2MVT0Pn
O4fbYrDfU0hNXw3CdZzkWo1DFylEz2OQTrJrVJZGBcb+a5Tn5o2JFtgxTgtG+tp5
LiVBociaT362JaEQes6z7RanQQrgXcWs8HO6gJAvboGWtckvWqcfceJEy8uV1J5O
ENdBzmYbbmlw8dl0OD5mjYuZdb0uA5xc4V3FV8bNSEqJ5rjU4ekcHw==
-----END CERTIFICATE-----
Generated at Wed Apr 3 06:11:29 2024 by rpki-client on console.sobornost.net