Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/q3QoADp2hEyWKZvZuhGste02RU8.roa
File: q3QoADp2hEyWKZvZuhGste02RU8.roa (raw, json)
Hash identifier: y56nDXzmZLHKP7Vtf0jiZs8JDaXcB4X/9atAgT141Uw=
Subject key identifier: AB:74:28:00:3A:76:84:4C:96:29:9B:D9:BA:11:AC:B5:ED:36:45:4F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 462A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/q3QoADp2hEyWKZvZuhGste02RU8.roa
Signing time: Mon 22 Apr 2024 03:23:08 +0000
ROA not before: Mon 22 Apr 2024 03:23:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17962 (0x462a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 22 03:23:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AB7428003A76844C96299BD9BA11ACB5ED36454F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7c:02:e7:a8:3f:ad:da:91:74:d2:4f:f8:2b:
b4:3f:72:70:90:c9:9b:09:1c:5b:9e:3d:b2:c8:a1:
4f:7c:be:87:fb:43:d5:d0:13:6a:24:16:4a:e6:32:
27:e0:c9:38:43:96:14:f5:14:ed:a6:9e:eb:00:2c:
a3:bd:b0:7d:3f:6a:ea:aa:09:0d:19:62:bb:19:00:
da:a1:a1:55:b2:ca:69:34:a7:6b:ad:3f:af:93:8d:
a2:53:72:4f:4a:02:c2:55:87:4c:4a:b6:12:77:9f:
3d:12:bf:73:12:e4:1d:da:f3:46:0f:1d:7b:a5:55:
2d:52:93:35:ea:96:c3:65:64:d2:83:43:e3:a0:79:
46:8f:5a:17:74:5c:8d:c8:ac:f4:39:fa:0d:64:89:
02:d3:d9:7b:9a:54:61:9e:3a:77:db:2b:20:94:bc:
a2:2a:f5:c2:c1:a5:3f:ed:0f:83:ac:cf:2c:61:13:
d8:2a:93:1c:12:41:14:4c:6b:0f:e9:ba:8a:88:d1:
89:ca:7e:1c:72:30:34:e9:45:f7:f1:b0:74:15:db:
27:74:e5:31:fc:fe:10:1a:b3:ed:c4:57:fc:c0:6b:
92:a2:cc:79:b2:ad:19:11:7f:40:04:25:30:0e:55:
e2:f9:08:a6:92:b8:b0:e4:f3:0f:7f:ef:e0:5e:b3:
a7:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:74:28:00:3A:76:84:4C:96:29:9B:D9:BA:11:AC:B5:ED:36:45:4F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/q3QoADp2hEyWKZvZuhGste02RU8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:af:8e:84:00:32:82:8a:43:9d:91:da:c0:31:40:fb:16:ca:
a5:94:ff:c3:ad:3e:21:28:c0:57:11:1d:a3:2c:4a:38:9f:83:
ce:90:80:ed:f6:40:84:0d:12:fe:7d:01:48:ec:1a:07:2e:3c:
14:ae:37:01:22:dc:7c:8c:38:80:50:f1:fd:01:5e:32:46:4d:
6c:ca:eb:ce:db:91:68:06:cc:01:8a:f7:c0:17:03:fd:68:9c:
0f:df:e5:94:28:a1:5b:53:8b:a2:ce:a7:34:7c:28:fc:03:3b:
e0:65:e7:71:42:4c:b2:79:51:81:f4:8c:dc:bf:65:cf:6d:4d:
86:8e:23:08:31:83:f1:76:df:36:75:27:7d:b9:59:a5:95:11:
8a:e7:01:ac:c2:94:f2:67:27:15:1c:ec:6a:4a:c5:90:f6:76:
f3:16:cc:ce:8d:76:b0:95:4b:56:81:f9:57:eb:c1:43:8f:96:
74:9a:17:fa:43:aa:b5:7c:1a:0b:41:2e:ed:f7:18:cd:3d:e4:
27:ae:71:e4:17:39:ac:11:45:59:7f:3b:6a:6f:e2:b3:dc:97:
ac:54:b6:ee:63:33:21:07:a2:8f:f8:40:4b:d7:c6:64:27:a8:
f1:cf:c0:79:cf:5d:a3:2c:a8:95:b1:d1:be:b5:d5:02:6a:79:
b9:37:c3:35
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRiowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjIw
MzIzMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFCNzQyODAwM0E3Njg0
NEM5NjI5OUJEOUJBMTFBQ0I1RUQzNjQ1NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJfALnqD+t2pF00k/4K7Q/cnCQyZsJHFuePbLIoU98vof7Q9XQ
E2okFkrmMifgyThDlhT1FO2mnusALKO9sH0/auqqCQ0ZYrsZANqhoVWyymk0p2ut
P6+TjaJTck9KAsJVh0xKthJ3nz0Sv3MS5B3a80YPHXulVS1SkzXqlsNlZNKDQ+Og
eUaPWhd0XI3IrPQ5+g1kiQLT2XuaVGGeOnfbKyCUvKIq9cLBpT/tD4OszyxhE9gq
kxwSQRRMaw/puoqI0YnKfhxyMDTpRffxsHQV2yd05TH8/hAas+3EV/zAa5KizHmy
rRkRf0AEJTAOVeL5CKaSuLDk8w9/7+Bes6dDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUq3QoADp2hEyWKZvZuhGste02RU8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3EzUW9BRHAyaEV5V0ta
dlp1aEdzdGUwMlJVOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAqK+OhAAygopDnZHawDFA+xbKpZT/w60+
ISjAVxEdoyxKOJ+DzpCA7fZAhA0S/n0BSOwaBy48FK43ASLcfIw4gFDx/QFeMkZN
bMrrztuRaAbMAYr3wBcD/WicD9/llCihW1OLos6nNHwo/AM74GXncUJMsnlRgfSM
3L9lz21Nho4jCDGD8XbfNnUnfblZpZURiucBrMKU8mcnFRzsakrFkPZ28xbMzo12
sJVLVoH5V+vBQ4+WdJoX+kOqtXwaC0Eu7fcYzT3kJ65x5Bc5rBFFWX87am/is9yX
rFS27mMzIQeij/hAS9fGZCeo8c/Aec9doyyolbHRvrXVAmp5uTfDNQ==
-----END CERTIFICATE-----
Generated at Wed Apr 24 03:15:13 2024 by rpki-client on console.sobornost.net