Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5B1Lj2j659L0ubTqv2NwYeeh2pY.roa
File: 5B1Lj2j659L0ubTqv2NwYeeh2pY.roa (raw, json)
Hash identifier: K48XzLRuBHpuiT7cQWidwjPgccetx1+8xZYXy8Fw1ZU=
Subject key identifier: E4:1D:4B:8F:68:FA:E7:D2:F4:B9:B4:EA:BF:63:70:61:E7:A1:DA:96
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 38A6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5B1Lj2j659L0ubTqv2NwYeeh2pY.roa
Signing time: Thu 04 Apr 2024 02:52:18 +0000
ROA not before: Thu 04 Apr 2024 02:52:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14502 (0x38a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 02:52:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E41D4B8F68FAE7D2F4B9B4EABF637061E7A1DA96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3a:12:2c:58:09:62:ac:50:8a:6f:b9:a7:ec:
4c:6f:77:c6:7c:3f:2a:a4:b9:c4:dc:38:96:81:ff:
a6:5f:65:66:61:35:2e:1c:6e:5c:16:5d:aa:63:ec:
d6:81:04:29:cc:db:cd:a2:b5:88:e3:b8:62:e7:dc:
99:24:f9:b0:4b:1a:96:ea:38:95:32:ba:f9:05:db:
64:28:9c:a8:75:1e:01:73:2e:ec:ec:ba:8f:58:2d:
f6:af:43:9b:f7:0f:cd:93:40:a5:a8:a4:01:ee:50:
47:89:ac:90:8e:d4:fd:71:77:20:f7:38:40:2c:eb:
13:6e:61:c2:35:0a:7c:f8:9d:57:f4:91:91:d8:9d:
ec:73:40:a1:1b:60:5a:d3:a0:d9:ce:9d:83:42:e8:
d9:3b:c8:9b:1f:2b:bb:34:15:fc:a1:31:55:47:b8:
4a:46:43:ec:e1:eb:cd:9e:29:25:8a:10:43:7c:1b:
a9:46:fe:62:3b:e7:92:9b:f1:44:0f:17:20:d6:e6:
5b:49:71:64:19:0f:d4:1c:43:57:39:98:71:14:4f:
f0:ed:af:19:83:24:47:3c:9b:4c:2d:42:89:06:1b:
4a:88:89:4c:cd:d0:16:2f:0b:ae:17:e1:cd:33:aa:
c5:e2:55:24:ad:61:7c:e6:42:ca:5f:40:6c:74:ae:
7b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:1D:4B:8F:68:FA:E7:D2:F4:B9:B4:EA:BF:63:70:61:E7:A1:DA:96
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5B1Lj2j659L0ubTqv2NwYeeh2pY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:da:4f:7f:db:53:d3:3a:47:89:bf:f9:e3:25:74:4a:41:e5:
f6:b7:14:33:47:3e:88:69:52:77:30:d0:07:3e:7b:43:2b:b0:
92:c8:22:86:6b:44:2a:04:58:8d:0c:ee:18:72:a6:8c:40:45:
f7:9d:3d:8d:c5:ac:26:69:00:86:b8:9b:88:01:03:df:29:79:
03:9f:2e:10:11:c9:ec:87:ca:8b:66:3d:7f:e9:d9:a3:12:ad:
4f:5b:5e:43:c9:9e:eb:da:0f:ec:e4:a8:a2:e9:70:b4:c3:f2:
53:95:54:59:61:47:77:e0:14:18:5e:4b:1d:94:0e:53:71:45:
1b:94:13:43:0e:81:47:a5:1a:80:cc:bc:26:e5:3a:c2:83:17:
35:c4:25:e4:af:dc:6f:65:d2:0a:9a:ba:fd:d9:9e:06:13:4d:
00:1b:d8:cc:5f:5e:e9:ff:ae:9c:a7:72:c5:e0:2a:89:73:a8:
ae:db:af:88:36:ce:f1:05:c3:8e:4d:ee:53:ce:11:88:d2:78:
7f:4b:09:fa:06:68:cd:7a:02:1a:22:2a:16:08:58:47:6f:44:
f4:d6:8c:14:c4:8b:76:6e:59:78:77:e2:b9:f1:d1:ae:87:1f:
32:24:f9:ea:23:95:5e:df:19:a5:c4:c5:4c:f5:89:8a:0d:94:
ed:07:3d:69
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQw
MjUyMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU0MUQ0QjhGNjhGQUU3
RDJGNEI5QjRFQUJGNjM3MDYxRTdBMURBOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgOhIsWAlirFCKb7mn7Exvd8Z8PyqkucTcOJaB/6ZfZWZhNS4c
blwWXapj7NaBBCnM282itYjjuGLn3Jkk+bBLGpbqOJUyuvkF22QonKh1HgFzLuzs
uo9YLfavQ5v3D82TQKWopAHuUEeJrJCO1P1xdyD3OEAs6xNuYcI1Cnz4nVf0kZHY
nexzQKEbYFrToNnOnYNC6Nk7yJsfK7s0FfyhMVVHuEpGQ+zh682eKSWKEEN8G6lG
/mI755Kb8UQPFyDW5ltJcWQZD9QcQ1c5mHEUT/DtrxmDJEc8m0wtQokGG0qIiUzN
0BYvC64X4c0zqsXiVSStYXzmQspfQGx0rnsrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU5B1Lj2j659L0ubTqv2NwYeeh2pYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVCMUxqMmo2NTlMMHVi
VHF2Mk53WWVlaDJwWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAP9pPf9tT0zpHib/54yV0SkHl9rcUM0c+
iGlSdzDQBz57QyuwksgihmtEKgRYjQzuGHKmjEBF9509jcWsJmkAhribiAED3yl5
A58uEBHJ7IfKi2Y9f+nZoxKtT1teQ8me69oP7OSooulwtMPyU5VUWWFHd+AUGF5L
HZQOU3FFG5QTQw6BR6UagMy8JuU6woMXNcQl5K/cb2XSCpq6/dmeBhNNABvYzF9e
6f+unKdyxeAqiXOortuviDbO8QXDjk3uU84RiNJ4f0sJ+gZozXoCGiIqFghYR29E
9NaMFMSLdm5ZeHfiufHRrocfMiT56iOVXt8ZpcTFTPWJig2U7Qc9aQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:15 2024 by rpki-client on console-ams.rpki-client.org