Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-HCTjOQcIaPhX7f3YMcq1gIiLas.roa
File: -HCTjOQcIaPhX7f3YMcq1gIiLas.roa (raw, json)
Hash identifier: KQXaij0hHHQwVwIgQiYC/WutXsud8jN99uuDtvwLwmY=
Subject key identifier: F8:70:93:8C:E4:1C:21:A3:E1:5F:B7:F7:60:C7:2A:D6:02:22:2D:AB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 452E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-HCTjOQcIaPhX7f3YMcq1gIiLas.roa
Signing time: Sat 20 Apr 2024 19:53:05 +0000
ROA not before: Sat 20 Apr 2024 19:53:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17710 (0x452e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 19:53:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F870938CE41C21A3E15FB7F760C72AD602222DAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ec:27:99:a4:e0:08:9e:c9:d4:bd:e7:bb:cb:
ca:2b:0b:03:95:d3:ff:76:d9:be:07:67:6d:4e:dc:
17:8c:fd:a6:4f:18:a8:12:1d:19:47:84:43:55:c7:
71:61:79:10:74:80:31:18:19:18:85:ef:89:f8:3b:
7b:cb:e6:67:4c:ba:f8:01:1c:b6:7b:5d:21:ba:25:
d4:05:63:e7:d5:79:38:d5:78:d5:b1:6d:8d:14:8c:
b8:87:b2:af:36:05:ec:54:c8:95:45:8d:a0:29:ed:
26:2b:10:7d:26:ce:f9:39:05:e4:50:7c:33:c7:fd:
23:d6:51:9a:74:8c:1a:5e:21:87:ed:b1:cc:62:f0:
7f:be:9c:c0:66:8e:70:85:6e:a8:17:18:03:5a:3c:
d8:2f:c6:a9:b2:e6:fa:05:f8:52:91:ba:fd:3c:8f:
01:c8:87:5f:a6:d3:85:ab:fc:2c:65:2d:e5:d8:d8:
18:3d:2d:02:88:a5:ab:76:1e:95:4b:b4:0d:d2:54:
b6:f6:04:40:c8:e5:c9:bf:2b:ea:dc:f5:91:02:cd:
c7:0c:c7:05:3c:19:6d:c6:5e:c4:25:f4:5e:7b:3b:
75:85:db:77:e0:12:0e:5b:56:2e:59:35:56:60:a5:
1e:d4:0b:66:55:1c:de:d2:a4:ba:b6:26:b0:4d:e3:
95:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:70:93:8C:E4:1C:21:A3:E1:5F:B7:F7:60:C7:2A:D6:02:22:2D:AB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-HCTjOQcIaPhX7f3YMcq1gIiLas.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:de:36:a1:a1:11:fe:c2:28:ef:ed:1e:a0:ba:34:41:fc:14:
f2:51:5d:0f:e4:e8:3a:f0:c7:64:5c:69:91:72:b8:c1:9c:d1:
77:42:7f:3b:1d:27:6e:ba:44:9e:c8:af:d9:dd:4c:fc:a2:5b:
58:d3:61:ec:7f:3e:30:c0:76:fa:4f:19:47:02:32:60:7d:83:
40:80:22:c5:dc:14:a6:ab:0d:45:6e:45:a6:34:c5:dd:cf:15:
33:ac:9b:4c:5a:66:7f:6a:6c:4e:09:5c:06:80:5c:6f:9b:6c:
79:9c:42:c3:9d:cb:a5:a4:9b:1b:e5:cd:a1:da:88:28:1b:be:
db:2d:a5:7b:fc:5e:d2:b4:8a:91:7b:be:7a:6e:b3:8a:79:8f:
36:77:bf:f8:ec:2f:c1:cb:de:de:4f:47:81:b5:fd:55:96:48:
e4:17:58:cc:d1:5d:2e:2a:80:29:11:e5:7f:01:aa:23:79:5a:
ff:ba:32:c5:67:31:1d:a4:e6:73:e9:84:12:35:71:e0:f9:d3:
9f:9d:74:86:3c:7f:0d:32:6a:e1:44:19:aa:0c:c2:ca:fd:94:
b0:7c:a5:f2:50:a1:2c:a6:bd:0b:e8:72:4a:2c:a7:d1:55:ac:
82:e2:a4:82:2d:05:c4:fe:43:db:4e:5f:88:3f:07:6b:01:d7:
e8:fa:5d:71
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRS4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
OTUzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY4NzA5MzhDRTQxQzIx
QTNFMTVGQjdGNzYwQzcyQUQ2MDIyMjJEQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE7CeZpOAInsnUvee7y8orCwOV0/922b4HZ21O3BeM/aZPGKgS
HRlHhENVx3FheRB0gDEYGRiF74n4O3vL5mdMuvgBHLZ7XSG6JdQFY+fVeTjVeNWx
bY0UjLiHsq82BexUyJVFjaAp7SYrEH0mzvk5BeRQfDPH/SPWUZp0jBpeIYftscxi
8H++nMBmjnCFbqgXGANaPNgvxqmy5voF+FKRuv08jwHIh1+m04Wr/CxlLeXY2Bg9
LQKIpat2HpVLtA3SVLb2BEDI5cm/K+rc9ZECzccMxwU8GW3GXsQl9F57O3WF23fg
Eg5bVi5ZNVZgpR7UC2ZVHN7SpLq2JrBN45UhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU+HCTjOQcIaPhX7f3YMcq1gIiLaswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly1IQ1RqT1FjSWFQaFg3
ZjNZTWNxMWdJaUxhcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAWt42oaER/sIo7+0eoLo0QfwU8lFdD+To
OvDHZFxpkXK4wZzRd0J/Ox0nbrpEnsiv2d1M/KJbWNNh7H8+MMB2+k8ZRwIyYH2D
QIAixdwUpqsNRW5FpjTF3c8VM6ybTFpmf2psTglcBoBcb5tseZxCw53LpaSbG+XN
odqIKBu+2y2le/xe0rSKkXu+em6zinmPNne/+Owvwcve3k9HgbX9VZZI5BdYzNFd
LiqAKRHlfwGqI3la/7oyxWcxHaTmc+mEEjVx4PnTn510hjx/DTJq4UQZqgzCyv2U
sHyl8lChLKa9C+hySiyn0VWsguKkgi0FxP5D205fiD8HawHX6PpdcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:01 2024 by rpki-client on console-fra.rpki-client.org