Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8fhgGlFbysCrITRfLVSWyls6Cus.roa
File: 8fhgGlFbysCrITRfLVSWyls6Cus.roa (raw, json)
Hash identifier: UkQrKeMukou+M/MrxUJcc+rxiUqCDhl9ziwd6sydt7g=
Subject key identifier: F1:F8:60:1A:51:5B:CA:C0:AB:21:34:5F:2D:54:96:CA:5B:3A:0A:EB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 488A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8fhgGlFbysCrITRfLVSWyls6Cus.roa
Signing time: Thu 25 Apr 2024 07:23:22 +0000
ROA not before: Thu 25 Apr 2024 07:23:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18570 (0x488a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 07:23:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F1F8601A515BCAC0AB21345F2D5496CA5B3A0AEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:52:19:50:fa:42:6f:75:79:b8:e2:de:a3:19:
dd:33:92:df:8c:ad:d8:f9:c9:e1:57:b5:12:cc:35:
30:e3:1b:cf:ef:65:c1:0c:41:79:3a:51:35:f4:9a:
e8:3f:c1:9e:82:06:98:05:51:f7:d2:ae:3b:4d:6b:
0e:9a:43:c4:ae:9f:67:a3:04:d2:d3:45:5a:c2:03:
a7:b3:31:4c:0f:ba:bb:0e:3d:9c:1d:80:3d:4a:23:
2b:63:77:cf:41:94:cb:29:1d:18:51:29:fa:90:9f:
3f:b9:b0:21:c9:87:6b:94:3d:7a:51:4c:53:f5:c0:
23:25:75:e2:a7:03:2b:81:fa:3d:af:78:e8:60:eb:
56:1e:07:be:c1:90:06:16:2d:af:0e:b8:66:db:84:
07:64:b1:61:b5:86:10:8d:26:31:9d:38:8a:f0:f8:
4d:fa:d6:b2:cf:01:10:0d:e5:00:25:f0:2e:5a:3e:
b9:0b:be:32:c4:3c:7a:25:f9:f5:55:f3:1e:cf:08:
43:b8:2c:93:2c:37:b9:ce:c2:8f:da:bf:04:54:70:
50:6f:b1:4a:22:7f:f9:67:9b:9d:57:43:27:14:d0:
1d:e4:9c:b5:64:23:ee:97:3d:3c:20:46:9c:bb:1e:
3f:8c:52:0b:3d:fc:a2:33:9a:a5:e4:67:bd:58:ac:
5b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F8:60:1A:51:5B:CA:C0:AB:21:34:5F:2D:54:96:CA:5B:3A:0A:EB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8fhgGlFbysCrITRfLVSWyls6Cus.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:b0:03:bc:3d:4f:34:dd:2c:6e:48:d4:a3:e3:bf:cb:63:6d:
38:53:f9:f3:02:9a:22:a9:90:d5:d1:76:88:f8:f3:d2:e9:aa:
68:f0:9b:5c:d8:51:69:44:fb:b2:d1:6d:5a:c9:2c:3d:a0:0e:
31:ca:e3:9e:62:7e:f9:a4:e3:ce:ee:b4:41:52:18:3c:b0:23:
47:19:96:83:a4:d6:5e:c1:b6:f1:f0:6d:0c:ae:8d:8d:23:36:
85:9a:07:95:ec:36:aa:7c:e7:f9:13:65:f2:7a:03:7f:86:75:
d4:20:f4:66:f9:30:3b:ca:85:40:e5:2f:f2:d8:95:c2:57:3b:
29:e8:ac:b8:c7:08:96:8a:9b:9d:78:6f:01:7c:29:4a:eb:22:
e5:43:e7:f6:e9:5e:61:eb:0a:9b:43:57:9c:27:06:e5:f3:d1:
09:00:c3:72:de:ae:97:45:39:07:49:b6:7e:1b:74:43:12:d2:
d4:95:35:a8:49:8c:32:c6:89:47:93:e3:2f:7e:4e:f6:2f:7a:
32:3d:29:df:9a:8c:fc:11:49:ac:e4:23:56:a5:f2:9b:9e:c8:
dc:85:c5:f8:8a:5a:9b:a5:61:94:b3:b0:bf:52:8c:32:ae:f4:
d4:cd:cb:c3:20:5f:3b:64:62:9f:d3:89:ee:f2:76:c6:55:77:
6f:84:f0:b2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSIowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUw
NzIzMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYxRjg2MDFBNTE1QkNB
QzBBQjIxMzQ1RjJENTQ5NkNBNUIzQTBBRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9UhlQ+kJvdXm44t6jGd0zkt+Mrdj5yeFXtRLMNTDjG8/vZcEM
QXk6UTX0mug/wZ6CBpgFUffSrjtNaw6aQ8Sun2ejBNLTRVrCA6ezMUwPursOPZwd
gD1KIytjd89BlMspHRhRKfqQnz+5sCHJh2uUPXpRTFP1wCMldeKnAyuB+j2veOhg
61YeB77BkAYWLa8OuGbbhAdksWG1hhCNJjGdOIrw+E361rLPARAN5QAl8C5aPrkL
vjLEPHol+fVV8x7PCEO4LJMsN7nOwo/avwRUcFBvsUoif/lnm51XQycU0B3knLVk
I+6XPTwgRpy7Hj+MUgs9/KIzmqXkZ71YrFuHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU8fhgGlFbysCrITRfLVSWyls6CuswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhmaGdHbEZieXNDcklU
UmZMVlNXeWxzNkN1cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAgLADvD1PNN0sbkjUo+O/y2NtOFP58wKa
IqmQ1dF2iPjz0umqaPCbXNhRaUT7stFtWsksPaAOMcrjnmJ++aTjzu60QVIYPLAj
RxmWg6TWXsG28fBtDK6NjSM2hZoHlew2qnzn+RNl8noDf4Z11CD0ZvkwO8qFQOUv
8tiVwlc7KeisuMcIloqbnXhvAXwpSusi5UPn9uleYesKm0NXnCcG5fPRCQDDct6u
l0U5B0m2fht0QxLS1JU1qEmMMsaJR5PjL35O9i96Mj0p35qM/BFJrOQjVqXym57I
3IXF+Ipam6VhlLOwv1KMMq701M3LwyBfO2Rin9OJ7vJ2xlV3b4Twsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:19 2024 by rpki-client on console-ams.rpki-client.org