Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yi9a6J8iCFKLXh3q1Ufcpv5l_dA.roa
File: yi9a6J8iCFKLXh3q1Ufcpv5l_dA.roa (raw, json)
Hash identifier: VGDo074B9QfWksmthvRqmTXnj43N13gRjQbKi6Ey7ME=
Subject key identifier: CA:2F:5A:E8:9F:22:08:52:8B:5E:1D:EA:D5:47:DC:A6:FE:65:FD:D0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DEA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yi9a6J8iCFKLXh3q1Ufcpv5l_dA.roa
Signing time: Thu 11 Apr 2024 03:22:44 +0000
ROA not before: Thu 11 Apr 2024 03:22:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15850 (0x3dea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 03:22:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CA2F5AE89F2208528B5E1DEAD547DCA6FE65FDD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fa:bc:fa:4a:01:33:f6:c2:36:3f:09:f2:cf:
cc:ca:1b:17:3c:a8:f0:3c:15:c6:6f:d3:92:63:68:
6a:27:48:ec:3d:0e:df:20:8d:bc:29:52:f0:75:b4:
79:1e:b9:ca:6c:c8:25:ee:63:c6:8b:1f:cb:4c:3b:
d5:a4:c8:ea:88:ef:df:3f:38:93:f7:6f:2d:62:21:
9f:2c:c1:6f:c3:ba:76:62:b0:e8:94:f7:e7:c1:d3:
5f:bc:25:e2:10:a5:e1:72:76:43:84:c0:b8:83:f1:
b0:fd:d9:7c:f9:7e:ed:56:40:57:2c:b2:29:03:13:
3c:30:5c:f3:c2:a0:cc:48:38:2d:a3:c5:ad:76:77:
c8:c2:1b:34:cb:e9:db:cc:12:1b:a9:d0:f9:30:f6:
77:65:42:52:34:c0:d4:44:7c:75:79:90:3f:e2:54:
ca:e2:b0:88:8e:06:5b:b5:be:42:35:6c:44:ff:9f:
e5:a0:0e:a9:da:48:18:65:f0:a9:5e:bf:b6:40:7d:
35:05:bc:b3:6e:a3:b7:f7:7d:6e:a7:d4:9f:2e:24:
cc:04:0a:27:40:60:b4:94:28:2e:67:3e:73:1d:bc:
84:32:05:88:6f:a4:2d:84:48:f8:07:e9:0d:1f:e2:
1e:04:06:bf:12:14:39:6f:a5:85:18:73:68:0d:d4:
20:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:2F:5A:E8:9F:22:08:52:8B:5E:1D:EA:D5:47:DC:A6:FE:65:FD:D0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yi9a6J8iCFKLXh3q1Ufcpv5l_dA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:a1:7f:6e:77:d9:52:60:7d:8e:91:c1:ba:f9:ef:62:04:92:
1b:17:25:c0:b4:1f:61:86:95:af:e7:07:1c:b2:87:2d:c9:b5:
ef:af:d7:f3:5c:93:74:68:ed:44:12:1f:be:51:9b:03:38:3d:
44:8f:ec:bf:a3:01:fe:a0:a3:14:67:f6:57:f6:39:29:72:25:
1c:99:81:c0:c3:d1:6c:85:97:e9:df:56:df:1a:18:32:f4:df:
ed:19:66:8a:fc:76:26:21:fc:c9:7b:56:5b:46:ed:6e:52:4e:
9c:05:d7:a0:83:46:50:2e:56:53:7f:24:56:6e:58:a3:44:ce:
0f:fd:d4:ae:f1:ac:c7:ea:e3:4c:99:ce:29:bc:91:7a:e3:e8:
26:ab:63:11:5f:59:da:e8:24:69:41:57:a2:ee:0e:4e:83:f2:
9c:99:a5:88:6e:24:e5:6d:bb:a8:ec:9e:9f:89:60:fe:74:91:
79:df:71:a2:0e:e0:d2:b1:89:d8:e8:a9:42:41:42:3d:11:f0:
84:ea:e5:8c:fc:d5:df:56:cf:f3:a6:d0:f4:0f:3d:40:6f:53:
f1:fe:ec:45:f0:66:d4:25:01:4b:25:e3:02:9a:39:17:6c:97:
5d:27:a9:8b:55:25:35:a8:60:84:8f:f1:ed:94:56:7e:19:35:
61:75:1d:57
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPeowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
MzIyNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBMkY1QUU4OUYyMjA4
NTI4QjVFMURFQUQ1NDdEQ0E2RkU2NUZERDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt+rz6SgEz9sI2Pwnyz8zKGxc8qPA8FcZv05JjaGonSOw9Dt8g
jbwpUvB1tHkeucpsyCXuY8aLH8tMO9WkyOqI798/OJP3by1iIZ8swW/DunZisOiU
9+fB01+8JeIQpeFydkOEwLiD8bD92Xz5fu1WQFcssikDEzwwXPPCoMxIOC2jxa12
d8jCGzTL6dvMEhup0Pkw9ndlQlI0wNREfHV5kD/iVMrisIiOBlu1vkI1bET/n+Wg
DqnaSBhl8Klev7ZAfTUFvLNuo7f3fW6n1J8uJMwECidAYLSUKC5nPnMdvIQyBYhv
pC2ESPgH6Q0f4h4EBr8SFDlvpYUYc2gN1CD3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUyi9a6J8iCFKLXh3q1Ufcpv5l/dAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3lpOWE2SjhpQ0ZLTFho
M3ExVWZjcHY1bF9kQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAPKF/bnfZUmB9jpHBuvnvYgSSGxclwLQf
YYaVr+cHHLKHLcm176/X81yTdGjtRBIfvlGbAzg9RI/sv6MB/qCjFGf2V/Y5KXIl
HJmBwMPRbIWX6d9W3xoYMvTf7Rlmivx2JiH8yXtWW0btblJOnAXXoINGUC5WU38k
Vm5Yo0TOD/3UrvGsx+rjTJnOKbyReuPoJqtjEV9Z2ugkaUFXou4OToPynJmliG4k
5W27qOyen4lg/nSRed9xog7g0rGJ2OipQkFCPRHwhOrljPzV31bP86bQ9A89QG9T
8f7sRfBm1CUBSyXjApo5F2yXXSepi1UlNahghI/x7ZRWfhk1YXUdVw==
-----END CERTIFICATE-----
Generated at Thu Apr 11 10:36:37 2024 by rpki-client on console.sobornost.net