Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vwSgVhHNdjKnID6lG7I6MwElZpw.roa
File: vwSgVhHNdjKnID6lG7I6MwElZpw.roa (raw, json)
Hash identifier: WKeWdemkLfNQ2NFLemY/4SyQg0I+5RJ8Wb0eLwmxPok=
Subject key identifier: BF:04:A0:56:11:CD:76:32:A7:20:3E:A5:1B:B2:3A:33:01:25:66:9C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4096
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vwSgVhHNdjKnID6lG7I6MwElZpw.roa
Signing time: Sun 14 Apr 2024 16:52:53 +0000
ROA not before: Sun 14 Apr 2024 16:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16534 (0x4096)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 16:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BF04A05611CD7632A7203EA51BB23A330125669C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:20:55:4a:18:86:10:1b:66:d0:26:95:31:1b:
3d:92:c2:c7:4b:02:e2:d4:ef:70:be:cd:29:24:4b:
31:dd:57:19:d0:f5:29:c1:9c:a4:ad:b4:0d:3e:e7:
ff:16:c0:60:45:5c:91:a5:7e:c9:ec:61:89:65:94:
9f:e2:d6:e1:00:05:7e:6d:de:a1:ea:76:35:c8:04:
3d:3b:d7:b3:c1:b4:d7:10:ff:18:d7:2b:e6:12:4c:
72:1e:96:df:c5:c6:56:a1:22:59:7b:ea:a4:18:ac:
ed:f5:ce:58:5e:3f:c4:a7:a2:a3:4d:9c:ab:65:00:
3c:67:89:f9:ef:3c:bf:cb:6f:88:45:6a:5e:98:28:
8b:f8:f1:fc:b9:37:c9:a6:fb:8f:d0:96:d8:28:b3:
24:9a:3d:7d:1c:46:47:e9:c4:9a:c9:a9:f4:6b:0a:
bc:8b:35:4e:f9:78:b8:ab:6d:97:ee:3c:54:fb:ac:
78:3c:55:4c:fe:8c:3a:e3:a0:57:c9:2d:3c:bb:ca:
81:04:b0:af:0e:3d:c2:5c:82:a0:39:84:2e:d8:39:
8d:24:b2:db:c3:60:d9:3f:69:1e:f7:f9:6b:d3:e2:
d3:bc:ee:92:5a:d5:2c:d2:17:8c:18:e3:fe:ec:d2:
c7:1a:e2:4c:d9:f6:6f:8d:9e:29:10:28:cc:a1:bc:
bd:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:04:A0:56:11:CD:76:32:A7:20:3E:A5:1B:B2:3A:33:01:25:66:9C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vwSgVhHNdjKnID6lG7I6MwElZpw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:d2:ba:c5:c0:b1:87:51:fa:a1:c3:78:ce:01:0e:e6:32:91:
02:58:16:22:14:51:62:05:d5:48:97:1d:25:3f:38:7f:b5:d7:
a3:70:28:5e:5b:74:cf:ef:2f:95:ce:5a:b9:1e:34:12:85:29:
fb:c9:c3:a7:46:b9:db:15:bb:8c:19:e3:23:b6:f1:49:59:7c:
eb:cd:66:8c:0b:a6:f8:55:06:61:4f:fb:14:15:58:ac:92:6e:
21:01:a8:3f:ad:d2:7c:67:4d:cb:ad:36:78:ed:43:a3:5c:ea:
73:f7:31:e8:02:e9:0d:55:72:31:b5:7c:ee:d8:11:b4:ab:cb:
f4:29:60:eb:be:a4:18:d2:80:b3:d1:c7:cb:c3:f5:6d:fc:d2:
44:c2:7a:84:c5:d6:ff:96:61:f3:84:c3:3f:63:bf:9a:95:7f:
ef:23:76:e5:92:03:3c:05:59:35:8e:c3:64:d4:75:76:6b:1d:
00:72:17:24:aa:96:be:e0:f3:f2:f6:c5:f0:05:cd:3b:f0:e2:
92:c1:8b:9d:1e:6a:27:c3:73:f0:c8:6f:26:ff:b1:9c:38:75:
3c:67:11:ce:e8:a9:4a:b7:3d:c7:04:33:70:e2:c4:78:41:80:
1d:04:64:2a:9d:85:0d:3e:5f:38:79:40:a3:1d:09:f2:da:86:
9d:a1:7e:62
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
NjUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJGMDRBMDU2MTFDRDc2
MzJBNzIwM0VBNTFCQjIzQTMzMDEyNTY2OUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChIFVKGIYQG2bQJpUxGz2SwsdLAuLU73C+zSkkSzHdVxnQ9SnB
nKSttA0+5/8WwGBFXJGlfsnsYYlllJ/i1uEABX5t3qHqdjXIBD0717PBtNcQ/xjX
K+YSTHIelt/FxlahIll76qQYrO31zlheP8SnoqNNnKtlADxnifnvPL/Lb4hFal6Y
KIv48fy5N8mm+4/QltgosySaPX0cRkfpxJrJqfRrCryLNU75eLirbZfuPFT7rHg8
VUz+jDrjoFfJLTy7yoEEsK8OPcJcgqA5hC7YOY0kstvDYNk/aR73+WvT4tO87pJa
1SzSF4wY4/7s0sca4kzZ9m+NnikQKMyhvL2BAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUvwSgVhHNdjKnID6lG7I6MwElZpwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3Z3U2dWaEhOZGpLbklE
NmxHN0k2TXdFbFpwdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEACNK6xcCxh1H6ocN4zgEO5jKRAlgWIhRR
YgXVSJcdJT84f7XXo3AoXlt0z+8vlc5auR40EoUp+8nDp0a52xW7jBnjI7bxSVl8
681mjAum+FUGYU/7FBVYrJJuIQGoP63SfGdNy602eO1Do1zqc/cx6ALpDVVyMbV8
7tgRtKvL9Clg676kGNKAs9HHy8P1bfzSRMJ6hMXW/5Zh84TDP2O/mpV/7yN25ZID
PAVZNY7DZNR1dmsdAHIXJKqWvuDz8vbF8AXNO/DiksGLnR5qJ8Nz8MhvJv+xnDh1
PGcRzuipSrc9xwQzcOLEeEGAHQRkKp2FDT5fOHlAox0J8tqGnaF+Yg==
-----END CERTIFICATE-----
Generated at Sun Apr 14 22:29:59 2024 by rpki-client on console.sobornost.net