Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4c5WhhFuevwQygqP_3XNRHluK3o.roa
File: 4c5WhhFuevwQygqP_3XNRHluK3o.roa (raw, json)
Hash identifier: YI+IkRaHaVqu6HkjaWPNqbsPBtmITqIFJvl5mdnZpaE=
Subject key identifier: E1:CE:56:86:11:6E:7A:FC:10:CA:0A:8F:FF:75:CD:44:79:6E:2B:7A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55BE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4c5WhhFuevwQygqP_3XNRHluK3o.roa
Signing time: Sun 12 May 2024 21:54:12 +0000
ROA not before: Sun 12 May 2024 21:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21950 (0x55be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 21:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E1CE5686116E7AFC10CA0A8FFF75CD44796E2B7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5e:3b:aa:bc:d6:2e:df:53:d5:37:4e:22:5a:
e9:d7:a1:16:ae:df:47:08:87:c5:6b:d6:1d:3a:4a:
b4:47:e0:54:79:8c:b0:13:54:aa:50:13:88:b3:0b:
ef:44:98:8c:df:35:1e:90:aa:85:a3:ec:11:f2:fa:
99:e1:dd:c4:e1:bd:61:de:68:af:0f:13:ca:a1:8c:
cf:51:13:df:7c:d5:b9:2d:96:4f:1d:2b:b3:37:1a:
94:e7:21:fc:7a:e0:43:5c:60:11:05:45:92:6b:5f:
dc:d0:26:df:b6:09:0a:69:a2:21:02:e0:07:1e:47:
e8:6b:66:6e:d6:c1:c4:4a:3c:df:df:c9:28:f7:5a:
bc:51:d0:c8:1d:6c:2d:96:b8:de:06:a7:37:ce:d4:
d6:0c:18:2a:74:17:cd:9f:f5:46:74:fd:98:32:0b:
bd:c7:d6:f2:98:06:71:be:c9:a7:8e:37:15:62:c9:
b4:f4:f2:88:13:81:b3:28:98:88:08:31:f0:69:0e:
07:5c:44:8b:be:2d:05:5d:a3:34:23:b1:f7:0b:53:
af:2f:0e:0b:1c:7b:14:d8:3c:7b:32:52:cc:08:92:
17:64:34:9d:32:02:40:d6:05:a1:2c:e9:f4:d1:1a:
a7:7c:f2:9a:54:3a:28:c5:ee:b9:05:cb:e5:3f:7f:
44:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CE:56:86:11:6E:7A:FC:10:CA:0A:8F:FF:75:CD:44:79:6E:2B:7A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4c5WhhFuevwQygqP_3XNRHluK3o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
82:7c:2c:60:08:f0:8e:53:96:fc:d0:d9:80:58:7e:16:0f:e4:
47:69:f9:54:af:f0:10:37:b7:a0:a9:43:a2:45:24:68:58:13:
85:97:1a:9a:b2:dc:a0:45:2f:57:6b:2b:e9:6d:8f:92:19:6f:
a6:1f:d0:11:26:84:6c:3b:2f:a8:47:87:40:e7:88:c1:f5:89:
fe:ef:dd:b2:cb:d9:15:89:42:60:0b:13:61:51:cc:42:24:52:
e7:89:9e:88:5e:c2:8d:d9:fe:fa:59:8f:ec:49:03:71:b0:51:
c3:74:8a:bf:e3:a7:a9:80:bc:10:ad:be:3f:0e:73:3e:38:cb:
5b:66:9f:42:75:89:9c:32:df:01:4f:74:f9:af:ca:c9:35:6c:
f4:11:42:09:da:bf:52:e1:3f:c3:74:fc:5d:3f:88:c5:63:cf:
5f:68:a2:bf:a3:9b:28:bb:86:dc:7d:47:38:39:8e:5b:41:4a:
2d:37:ae:98:b8:96:61:14:93:6a:4d:96:f7:f9:95:ba:7c:e5:
18:a6:88:66:68:08:a1:b6:fa:9d:46:54:41:bc:4b:94:88:4e:
7d:a4:3b:d4:b9:a0:9e:1b:06:02:ce:e2:94:2d:34:61:27:59:
c7:62:1c:23:fe:cd:04:97:c9:b3:3c:2a:46:66:ae:4c:19:fe:
98:f3:0c:2a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVb4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIy
MTU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUxQ0U1Njg2MTE2RTdB
RkMxMENBMEE4RkZGNzVDRDQ0Nzk2RTJCN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3XjuqvNYu31PVN04iWunXoRau30cIh8Vr1h06SrRH4FR5jLAT
VKpQE4izC+9EmIzfNR6QqoWj7BHy+pnh3cThvWHeaK8PE8qhjM9RE9981bktlk8d
K7M3GpTnIfx64ENcYBEFRZJrX9zQJt+2CQppoiEC4AceR+hrZm7WwcRKPN/fySj3
WrxR0MgdbC2WuN4GpzfO1NYMGCp0F82f9UZ0/ZgyC73H1vKYBnG+yaeONxViybT0
8ogTgbMomIgIMfBpDgdcRIu+LQVdozQjsfcLU68vDgscexTYPHsyUswIkhdkNJ0y
AkDWBaEs6fTRGqd88ppUOijF7rkFy+U/f0Q7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU4c5WhhFuevwQygqP/3XNRHluK3owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRjNVdoaEZ1ZXZ3UXln
cVBfM1hOUkhsdUszby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAgnwsYAjwjlOW/NDZgFh+Fg/kR2n5VK/w
EDe3oKlDokUkaFgThZcamrLcoEUvV2sr6W2Pkhlvph/QESaEbDsvqEeHQOeIwfWJ
/u/dssvZFYlCYAsTYVHMQiRS54meiF7Cjdn++lmP7EkDcbBRw3SKv+OnqYC8EK2+
Pw5zPjjLW2afQnWJnDLfAU90+a/KyTVs9BFCCdq/UuE/w3T8XT+IxWPPX2iiv6Ob
KLuG3H1HODmOW0FKLTeumLiWYRSTak2W9/mVunzlGKaIZmgIobb6nUZUQbxLlIhO
faQ71LmgnhsGAs7ilC00YSdZx2IcI/7NBJfJszwqRmauTBn+mPMMKg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:14 2024 by rpki-client on console-ams.rpki-client.org