Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5DhgyWF9wtHWbRHDi500llQ9U_s.roa
File: 5DhgyWF9wtHWbRHDi500llQ9U_s.roa (raw, json)
Hash identifier: qdSNNQvfrRX8aN2yK8jk306Wa+dct5obJqinRLyduYA=
Subject key identifier: E4:38:60:C9:61:7D:C2:D1:D6:6D:11:C3:8B:9D:34:96:54:3D:53:FB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 396A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5DhgyWF9wtHWbRHDi500llQ9U_s.roa
Signing time: Fri 05 Apr 2024 03:22:24 +0000
ROA not before: Fri 05 Apr 2024 03:22:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14698 (0x396a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 03:22:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E43860C9617DC2D1D66D11C38B9D3496543D53FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7a:e5:0e:27:17:18:33:7b:fc:f5:38:ae:40:
54:b7:a6:58:77:c2:77:3b:09:86:29:4f:17:b9:8d:
10:83:f6:8c:16:2c:77:b0:e0:1b:2c:c9:17:f6:d0:
e6:65:78:2f:9b:80:64:d1:9a:4d:ff:bb:14:e4:b8:
00:62:08:2c:35:0a:5c:95:d1:31:e0:4d:9b:f6:df:
1b:35:c9:96:0e:04:39:0f:51:d4:88:59:6d:96:88:
c6:a1:d8:55:af:6e:36:16:47:65:65:67:12:20:f1:
d2:3e:47:77:54:4f:c1:e0:98:da:47:c7:5b:2f:a3:
29:0f:49:f7:66:ac:55:f5:f9:0d:4f:b9:fb:9d:e8:
3d:90:cd:ad:70:89:51:19:12:56:72:e5:de:5e:e4:
b2:12:d7:14:5e:e3:b3:af:94:5c:91:7a:f9:57:88:
1d:90:b4:72:93:17:bf:48:ad:dd:c3:65:12:50:f6:
1b:f0:4c:ae:4e:58:50:47:46:16:ff:72:49:c3:b2:
d9:dc:b2:99:1e:86:96:97:a2:c2:c9:cf:6d:e8:7f:
a7:ec:ab:19:a9:ad:6b:54:8c:3a:aa:11:9d:4c:30:
80:f7:f7:c8:4e:9f:e7:88:4d:45:92:c2:9b:cd:99:
ee:bf:e7:26:74:56:9d:ef:60:0b:db:8b:51:c8:4a:
77:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:38:60:C9:61:7D:C2:D1:D6:6D:11:C3:8B:9D:34:96:54:3D:53:FB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5DhgyWF9wtHWbRHDi500llQ9U_s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:29:06:48:b2:2d:7e:0a:65:52:cc:bb:90:b7:04:3a:1e:c5:
11:81:07:ff:37:43:eb:9f:8b:59:19:d0:49:a3:ce:68:3a:6d:
f6:85:03:69:e7:23:d5:f9:9d:ab:c1:ae:3f:b3:d2:ac:59:ee:
64:cb:4f:74:3a:ff:7f:cf:0f:82:0d:e1:aa:01:be:9f:54:76:
9f:92:c3:4f:41:be:0f:fe:4c:18:1a:fc:c8:44:02:ba:cd:58:
3b:cf:4a:e7:4b:ca:e9:9b:e3:33:31:b1:e3:dd:b6:7f:83:76:
2f:3d:41:c2:4e:0c:91:d2:da:4b:cd:c1:4e:7f:6e:bb:8c:76:
f4:e6:d7:5f:70:c7:6c:7e:6e:c6:ff:04:5f:06:a3:aa:2d:ca:
8d:22:27:43:99:6e:e7:9a:c0:9e:2a:e9:cf:46:2c:67:44:49:
e7:88:be:a4:bc:da:17:98:b8:b5:ed:41:32:81:db:ca:97:4c:
3f:66:52:d4:7d:57:2f:9f:9f:86:21:cc:99:9d:7e:a9:31:40:
a2:96:0c:bb:bc:7b:b6:46:d8:89:e8:23:c8:95:b0:ec:5f:25:
32:e2:8b:57:56:cd:5c:23:73:93:e9:b1:6e:35:05:fe:50:40:
0e:8e:7f:2c:71:34:f7:18:f1:b7:1f:b8:4d:0a:ee:09:47:1a:
52:57:e8:d6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOWowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
MzIyMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU0Mzg2MEM5NjE3REMy
RDFENjZEMTFDMzhCOUQzNDk2NTQzRDUzRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCveuUOJxcYM3v89TiuQFS3plh3wnc7CYYpTxe5jRCD9owWLHew
4BssyRf20OZleC+bgGTRmk3/uxTkuABiCCw1ClyV0THgTZv23xs1yZYOBDkPUdSI
WW2WiMah2FWvbjYWR2VlZxIg8dI+R3dUT8HgmNpHx1svoykPSfdmrFX1+Q1Pufud
6D2Qza1wiVEZElZy5d5e5LIS1xRe47OvlFyRevlXiB2QtHKTF79Ird3DZRJQ9hvw
TK5OWFBHRhb/cknDstncspkehpaXosLJz23of6fsqxmprWtUjDqqEZ1MMID398hO
n+eITUWSwpvNme6/5yZ0Vp3vYAvbi1HISnfRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU5DhgyWF9wtHWbRHDi500llQ9U/swHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVEaGd5V0Y5d3RIV2JS
SERpNTAwbGxROVVfcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAFikGSLItfgplUsy7kLcEOh7FEYEH/zdD
65+LWRnQSaPOaDpt9oUDaecj1fmdq8GuP7PSrFnuZMtPdDr/f88Pgg3hqgG+n1R2
n5LDT0G+D/5MGBr8yEQCus1YO89K50vK6ZvjMzGx4922f4N2Lz1Bwk4MkdLaS83B
Tn9uu4x29ObXX3DHbH5uxv8EXwajqi3KjSInQ5lu55rAnirpz0YsZ0RJ54i+pLza
F5i4te1BMoHbypdMP2ZS1H1XL5+fhiHMmZ1+qTFAopYMu7x7tkbYiegjyJWw7F8l
MuKLV1bNXCNzk+mxbjUF/lBADo5/LHE09xjxtx+4TQruCUcaUlfo1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:15 2024 by rpki-client on console-ams.rpki-client.org