Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2sHfZRwfQubs7h4aWzPl1VDgeqc.roa
File: 2sHfZRwfQubs7h4aWzPl1VDgeqc.roa (raw, json)
Hash identifier: /OCSAq0ALEY3V0Db7qYvIMpis1RwDvWta72yRUPWK2A=
Subject key identifier: DA:C1:DF:65:1C:1F:42:E6:EC:EE:1E:1A:5B:33:E5:D5:50:E0:7A:A7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 50AA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2sHfZRwfQubs7h4aWzPl1VDgeqc.roa
Signing time: Mon 06 May 2024 03:23:54 +0000
ROA not before: Mon 06 May 2024 03:23:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20650 (0x50aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 03:23:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DAC1DF651C1F42E6ECEE1E1A5B33E5D550E07AA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e2:6e:ec:6c:73:e4:1e:4a:bb:8d:48:bd:c4:
fa:ac:03:85:69:59:05:ae:14:25:40:0c:a7:53:ac:
5d:8d:25:b3:d7:5e:7f:0b:06:0a:7b:b0:84:9e:7c:
f2:89:2f:a3:54:ca:ca:2e:d9:4d:4b:6c:6d:ef:50:
dd:72:17:fc:c5:01:f8:11:5f:ad:89:1e:3d:c0:92:
db:33:fb:49:e3:76:a1:22:1c:05:40:75:5c:7e:ae:
79:99:4d:bb:0e:06:71:f1:34:f1:01:a8:eb:49:19:
0c:57:2f:07:b3:65:09:7b:46:04:14:23:f0:44:c9:
f3:d1:87:a7:b9:6a:8b:72:28:97:f4:ab:73:ef:4c:
b7:7c:cd:99:4c:18:3a:ee:44:e1:08:7a:f2:cf:63:
e1:73:68:fc:55:1d:d9:75:15:f5:21:51:ba:61:eb:
5b:b1:5a:0b:8a:ec:83:86:ce:fd:cb:19:21:6a:7c:
28:66:c0:b7:e4:6c:24:1d:fb:77:f5:d0:bb:4c:30:
69:3f:62:0b:6f:0f:87:ad:6d:8f:6c:15:ee:7b:cc:
dd:bc:79:4f:13:7f:f8:f3:45:4d:74:bb:5e:2d:bb:
80:44:4f:ab:ce:3f:98:9e:93:2d:ea:36:14:96:10:
01:3a:22:1f:b7:c8:a2:08:a6:c4:56:6b:26:4b:19:
8f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C1:DF:65:1C:1F:42:E6:EC:EE:1E:1A:5B:33:E5:D5:50:E0:7A:A7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2sHfZRwfQubs7h4aWzPl1VDgeqc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:71:04:e8:ec:b6:1a:2b:03:e9:94:ae:9b:47:bf:10:4d:d8:
c4:3f:2f:a9:31:d7:89:53:b3:5c:2d:fb:18:65:11:62:2a:d0:
e8:47:24:40:22:14:ec:2b:87:51:7f:27:e0:5c:02:b6:31:27:
83:44:fc:00:e0:1a:1f:9c:c8:bc:cb:0a:a8:80:21:c1:fd:9a:
a0:8a:e4:a1:8c:b3:99:41:fb:a1:db:d0:89:4e:b4:65:80:49:
d9:47:b7:9c:b5:be:f5:5d:0e:a4:6a:60:84:1b:76:d0:82:63:
cf:75:7b:e7:19:35:7b:eb:55:53:c2:c3:1e:cf:2f:df:26:13:
ba:47:75:a3:76:02:41:b6:9c:86:ec:00:80:b0:c6:26:78:65:
f6:2d:7c:42:d1:c8:59:a3:7e:37:98:26:de:d4:e1:be:a7:81:
c3:d7:25:9a:0e:9f:a4:f4:9c:99:3b:ff:13:d9:47:53:38:fb:
81:f5:00:80:67:0a:74:99:40:26:5c:f4:44:11:85:93:6d:55:
08:21:39:6b:68:e1:42:21:39:20:42:df:6a:29:32:37:eb:db:
04:c5:a5:88:37:10:f6:a4:60:66:03:97:4c:66:1b:e4:e0:ac:
24:77:99:af:58:c8:dc:f9:54:c5:42:b7:2b:58:34:27:c3:e7:
73:03:48:78
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYw
MzIzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBQzFERjY1MUMxRjQy
RTZFQ0VFMUUxQTVCMzNFNUQ1NTBFMDdBQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD4m7sbHPkHkq7jUi9xPqsA4VpWQWuFCVADKdTrF2NJbPXXn8L
Bgp7sISefPKJL6NUysou2U1LbG3vUN1yF/zFAfgRX62JHj3Aktsz+0njdqEiHAVA
dVx+rnmZTbsOBnHxNPEBqOtJGQxXLwezZQl7RgQUI/BEyfPRh6e5aotyKJf0q3Pv
TLd8zZlMGDruROEIevLPY+FzaPxVHdl1FfUhUbph61uxWguK7IOGzv3LGSFqfChm
wLfkbCQd+3f10LtMMGk/YgtvD4etbY9sFe57zN28eU8Tf/jzRU10u14tu4BET6vO
P5ieky3qNhSWEAE6Ih+3yKIIpsRWayZLGY8HAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2sHfZRwfQubs7h4aWzPl1VDgeqcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJzSGZaUndmUXViczdo
NGFXelBsMVZEZ2VxYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAenEE6Oy2GisD6ZSum0e/EE3YxD8vqTHX
iVOzXC37GGURYirQ6EckQCIU7CuHUX8n4FwCtjEng0T8AOAaH5zIvMsKqIAhwf2a
oIrkoYyzmUH7odvQiU60ZYBJ2Ue3nLW+9V0OpGpghBt20IJjz3V75xk1e+tVU8LD
Hs8v3yYTukd1o3YCQbachuwAgLDGJnhl9i18QtHIWaN+N5gm3tThvqeBw9clmg6f
pPScmTv/E9lHUzj7gfUAgGcKdJlAJlz0RBGFk21VCCE5a2jhQiE5IELfaikyN+vb
BMWliDcQ9qRgZgOXTGYb5OCsJHeZr1jI3PlUxUK3K1g0J8PncwNIeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:12 2024 by rpki-client on console-ams.rpki-client.org