Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8S7VFDhelJDwtseyLqtMRkAGaPU.roa
File: 8S7VFDhelJDwtseyLqtMRkAGaPU.roa (raw, json)
Hash identifier: FEJsOxA6bGIx8il9VLYkZjJWVvTezy75FIG7CSMktP8=
Subject key identifier: F1:2E:D5:14:38:5E:94:90:F0:B6:C7:B2:2E:AB:4C:46:40:06:68:F5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36EE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8S7VFDhelJDwtseyLqtMRkAGaPU.roa
Signing time: Mon 01 Apr 2024 19:52:11 +0000
ROA not before: Mon 01 Apr 2024 19:52:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14062 (0x36ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 19:52:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F12ED514385E9490F0B6C7B22EAB4C46400668F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:66:da:30:2d:f0:17:1d:53:04:0c:1c:95:85:
8c:cd:83:1d:6d:19:d0:26:f0:80:21:b2:dc:46:16:
ab:70:04:a8:bc:24:20:73:33:8e:66:eb:5f:13:4d:
9f:82:59:43:5b:e9:a8:57:8f:23:54:9b:bd:6f:8b:
dc:b5:d6:c5:66:2d:24:e9:00:e9:57:95:a6:0d:f3:
0c:d5:f2:6a:8b:63:e5:1f:18:10:a2:c1:f7:e4:7e:
53:dc:50:8f:53:49:fb:57:65:1d:e3:0a:29:83:8a:
b4:8e:9d:35:99:63:20:a0:f1:ec:f8:2d:97:5c:95:
2f:77:4e:f5:71:92:43:a4:f7:a1:31:7b:7e:a5:d5:
54:7b:02:c0:c1:36:78:2e:8b:94:2f:79:f3:d5:f2:
32:03:48:9f:8d:b2:b3:62:a2:8d:5f:80:9d:57:33:
46:c2:f3:56:cb:72:2b:62:a6:b0:d8:8e:d9:e0:ff:
5d:cd:b7:4a:5a:c3:8b:26:ad:f5:1d:3b:d5:c9:73:
45:b3:3d:55:a9:02:a9:26:7e:85:16:ca:cd:b1:3f:
58:c2:7b:63:e4:24:75:8f:de:e3:da:00:68:85:bb:
b8:b2:91:81:db:f0:da:9f:fb:ab:53:00:5e:c9:f2:
9c:fd:c2:8a:79:54:63:ea:d4:75:d4:f4:bb:1f:44:
45:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:2E:D5:14:38:5E:94:90:F0:B6:C7:B2:2E:AB:4C:46:40:06:68:F5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8S7VFDhelJDwtseyLqtMRkAGaPU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:b5:aa:c5:bd:ef:af:ba:49:f3:bb:2a:d3:d8:30:d2:5b:e2:
bf:4d:2d:51:0d:93:fb:64:51:90:02:7e:92:b8:89:12:e9:e9:
bf:37:8f:80:9f:43:0c:17:aa:5c:3b:f3:76:37:85:25:dd:99:
ad:f9:4b:1f:91:e2:46:8f:95:0a:25:2a:3f:6c:27:98:64:73:
97:08:3d:53:c5:44:e5:cc:81:e1:4f:4e:4e:e9:ee:f5:71:43:
d2:3b:d9:9c:46:53:fd:07:fc:c3:80:18:14:be:7a:fc:6e:ec:
6d:27:64:54:23:37:2b:a9:17:d6:54:eb:8f:92:75:95:ec:b3:
ab:64:2c:f6:03:6b:70:2c:0d:13:aa:55:f9:0f:dd:4a:92:85:
82:e1:cb:40:4a:4f:b9:49:52:2c:98:94:35:cd:c9:f8:56:6d:
b0:26:39:5f:7f:9d:a9:80:93:2a:cc:5c:1f:61:83:46:83:bf:
4f:01:63:91:60:c9:71:06:e1:9f:85:4e:03:ea:52:56:c2:f5:
5c:ee:38:fa:fb:d3:b2:12:9a:51:01:65:64:fa:c5:05:d3:8d:
95:4a:04:ef:e5:0f:91:fe:ac:10:58:8a:f1:7e:79:72:b2:53:
33:0d:b5:f8:1c:6c:d8:9d:3d:42:fe:d2:ba:04:6c:e8:75:5d:
62:62:56:b9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNu4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEx
OTUyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYxMkVENTE0Mzg1RTk0
OTBGMEI2QzdCMjJFQUI0QzQ2NDAwNjY4RjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNZtowLfAXHVMEDByVhYzNgx1tGdAm8IAhstxGFqtwBKi8JCBz
M45m618TTZ+CWUNb6ahXjyNUm71vi9y11sVmLSTpAOlXlaYN8wzV8mqLY+UfGBCi
wffkflPcUI9TSftXZR3jCimDirSOnTWZYyCg8ez4LZdclS93TvVxkkOk96Exe36l
1VR7AsDBNngui5QvefPV8jIDSJ+NsrNioo1fgJ1XM0bC81bLcitiprDYjtng/13N
t0paw4smrfUdO9XJc0WzPVWpAqkmfoUWys2xP1jCe2PkJHWP3uPaAGiFu7iykYHb
8Nqf+6tTAF7J8pz9wop5VGPq1HXU9LsfREUTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU8S7VFDhelJDwtseyLqtMRkAGaPUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhTN1ZGRGhlbEpEd3Rz
ZXlMcXRNUmtBR2FQVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAILWqxb3vr7pJ87sq09gw0lviv00tUQ2T
+2RRkAJ+kriJEunpvzePgJ9DDBeqXDvzdjeFJd2ZrflLH5HiRo+VCiUqP2wnmGRz
lwg9U8VE5cyB4U9OTunu9XFD0jvZnEZT/Qf8w4AYFL56/G7sbSdkVCM3K6kX1lTr
j5J1leyzq2Qs9gNrcCwNE6pV+Q/dSpKFguHLQEpPuUlSLJiUNc3J+FZtsCY5X3+d
qYCTKsxcH2GDRoO/TwFjkWDJcQbhn4VOA+pSVsL1XO44+vvTshKaUQFlZPrFBdON
lUoE7+UPkf6sEFiK8X55crJTMw21+Bxs2J09Qv7SugRs6HVdYmJWuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:19 2024 by rpki-client on console-ams.rpki-client.org