Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/65EcS0JqRdGxOtWmuUN7Y0PQPhc.roa
File: 65EcS0JqRdGxOtWmuUN7Y0PQPhc.roa (raw, json)
Hash identifier: zY/mcve1X1cyxU4+vaibfECnWGq4gRj29yVy7Cfv3LU=
Subject key identifier: EB:91:1C:4B:42:6A:45:D1:B1:3A:D5:A6:B9:43:7B:63:43:D0:3E:17
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5196
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/65EcS0JqRdGxOtWmuUN7Y0PQPhc.roa
Signing time: Tue 07 May 2024 08:53:52 +0000
ROA not before: Tue 07 May 2024 08:53:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20886 (0x5196)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 08:53:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EB911C4B426A45D1B13AD5A6B9437B6343D03E17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:10:2c:91:ff:45:2e:f2:90:0e:12:1b:d0:bc:
6b:19:18:da:f0:52:8c:17:9d:69:b7:c2:c6:b3:d0:
16:a4:12:ba:09:c9:ec:e6:e7:05:26:27:93:46:2b:
a5:e7:3c:38:4b:d0:3e:9f:63:a0:6c:4b:a2:4f:5c:
12:f9:9b:72:a1:86:67:50:ea:76:d7:69:36:6d:37:
49:39:00:13:7b:37:66:ca:10:d6:d8:a4:12:91:d9:
7a:90:ec:dc:e2:06:db:37:a2:19:b9:d1:13:d2:17:
5a:8f:5d:2c:e4:bb:b6:41:be:01:d1:7e:f1:f6:c3:
cd:fc:d9:02:b2:01:2e:9c:42:e8:27:69:5f:0a:8e:
8a:e0:80:86:de:0b:b2:89:f8:3b:a7:fc:95:46:ad:
8f:13:c3:d7:d5:da:e8:0c:33:de:bf:eb:d5:a0:e5:
2a:14:d9:bb:82:a2:db:05:9f:00:5f:28:3a:0e:e8:
a0:9e:34:05:45:fc:35:3e:0f:6e:57:8c:0f:6c:da:
c9:ba:40:c4:c9:86:ba:95:c8:10:1b:78:ec:60:9b:
b5:34:8a:d4:b2:72:55:0d:00:32:5f:64:23:33:25:
34:2a:76:91:39:44:58:6d:64:49:ef:51:f9:1a:af:
d1:47:a9:ae:f2:09:3f:47:b8:1e:41:4f:d7:15:b9:
90:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:91:1C:4B:42:6A:45:D1:B1:3A:D5:A6:B9:43:7B:63:43:D0:3E:17
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/65EcS0JqRdGxOtWmuUN7Y0PQPhc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:c7:bd:1f:5b:d5:1f:17:c1:65:b5:38:bc:a6:db:5e:78:70:
87:47:22:fa:67:57:8c:0d:27:25:d8:74:43:a2:b3:5d:93:59:
55:b7:2c:2d:01:15:37:09:3f:f2:6f:10:62:9a:f0:40:2c:0f:
88:7e:19:7a:fa:bf:5e:16:cd:70:9c:aa:4e:5d:46:21:f0:4f:
1c:3f:cb:5f:bb:20:b9:b2:15:60:1a:0f:c0:7c:91:d8:bc:a9:
74:60:98:cd:4e:f4:44:bd:d4:d7:fc:5a:ad:0a:98:19:fc:11:
1b:44:7d:78:4b:3e:77:97:96:3b:49:02:22:69:62:33:e4:b7:
5b:0e:5b:39:cc:d7:3d:45:2e:b5:e9:ab:0d:04:1d:8a:ea:09:
63:a2:11:2c:c8:69:fc:4a:8c:ff:61:22:9a:89:ec:79:bc:93:
c3:c4:fa:7c:77:f5:51:e1:2a:33:ac:bf:e3:ad:70:45:00:80:
45:fa:4b:a6:d0:08:91:f1:5d:03:28:6e:75:15:0c:42:da:16:
26:9d:18:f5:b0:14:3a:f4:f9:ce:fb:36:e0:d0:be:b3:ea:7a:
59:c0:2a:cb:2f:d7:51:04:dc:6b:3c:05:c8:35:0d:03:45:cc:
81:29:cf:8c:4f:f8:f9:60:cc:7d:45:74:19:29:6b:87:4a:b3:
cf:45:29:e3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcw
ODUzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVCOTExQzRCNDI2QTQ1
RDFCMTNBRDVBNkI5NDM3QjYzNDNEMDNFMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEECyR/0Uu8pAOEhvQvGsZGNrwUowXnWm3wsaz0BakEroJyezm
5wUmJ5NGK6XnPDhL0D6fY6BsS6JPXBL5m3KhhmdQ6nbXaTZtN0k5ABN7N2bKENbY
pBKR2XqQ7NziBts3ohm50RPSF1qPXSzku7ZBvgHRfvH2w8382QKyAS6cQugnaV8K
jorggIbeC7KJ+Dun/JVGrY8Tw9fV2ugMM96/69Wg5SoU2buCotsFnwBfKDoO6KCe
NAVF/DU+D25XjA9s2sm6QMTJhrqVyBAbeOxgm7U0itSyclUNADJfZCMzJTQqdpE5
RFhtZEnvUfkar9FHqa7yCT9HuB5BT9cVuZCjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU65EcS0JqRdGxOtWmuUN7Y0PQPhcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzY1RWNTMEpxUmRHeE90
V211VU43WTBQUVBoYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEApse9H1vVHxfBZbU4vKbbXnhwh0ci+mdX
jA0nJdh0Q6KzXZNZVbcsLQEVNwk/8m8QYprwQCwPiH4Zevq/XhbNcJyqTl1GIfBP
HD/LX7sgubIVYBoPwHyR2LypdGCYzU70RL3U1/xarQqYGfwRG0R9eEs+d5eWO0kC
ImliM+S3Ww5bOczXPUUutemrDQQdiuoJY6IRLMhp/EqM/2EimonsebyTw8T6fHf1
UeEqM6y/461wRQCARfpLptAIkfFdAyhudRUMQtoWJp0Y9bAUOvT5zvs24NC+s+p6
WcAqyy/XUQTcazwFyDUNA0XMgSnPjE/4+WDMfUV0GSlrh0qzz0Up4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:07 2024 by rpki-client on console-fra.rpki-client.org