Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8qs8mfhqMqFnDJ7U2YjDpDTDk-k.roa
File: 8qs8mfhqMqFnDJ7U2YjDpDTDk-k.roa (raw, json)
Hash identifier: 9+9jRpu7harbCFsj1yu0NyGuNqx8oLIlaHHuZ0JFeXY=
Subject key identifier: F2:AB:3C:99:F8:6A:32:A1:67:0C:9E:D4:D9:88:C3:A4:34:C3:93:E9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 501A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8qs8mfhqMqFnDJ7U2YjDpDTDk-k.roa
Signing time: Sun 05 May 2024 09:23:50 +0000
ROA not before: Sun 05 May 2024 09:23:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20506 (0x501a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 09:23:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F2AB3C99F86A32A1670C9ED4D988C3A434C393E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:55:00:f5:ac:36:9e:26:b6:68:5f:de:64:d6:
df:da:93:77:b5:24:f7:0d:59:a3:a4:61:7d:cc:04:
94:fc:da:ed:47:8c:62:fc:ac:a1:9a:81:27:80:ea:
9b:66:9d:69:d0:1b:7d:61:cc:61:81:c9:a1:30:42:
9a:95:04:80:85:12:31:f1:2d:7f:a8:3a:a6:51:ec:
7a:5c:46:50:8b:7f:0e:a0:4c:99:9f:66:48:63:ec:
91:6c:f6:b9:75:24:84:1a:39:c3:cb:ad:a8:d3:80:
fe:66:09:89:83:91:bc:ec:4d:2d:47:99:3d:7a:5d:
37:60:46:ba:2a:c3:e2:09:af:1d:69:b9:79:f1:49:
bf:04:7d:11:eb:61:db:7d:5e:07:e8:17:50:6c:7b:
5d:00:fc:51:62:8e:77:3d:55:1b:4c:90:82:47:20:
a4:65:3e:01:b6:2b:59:15:8c:d3:af:16:3e:2f:bd:
02:ce:64:0d:61:3d:99:19:91:69:1b:09:dd:2c:ce:
d3:2d:c6:61:bc:83:88:3a:64:92:54:5c:b7:f9:05:
86:dd:35:c3:7b:68:9f:c1:e8:02:49:1e:40:9d:c3:
05:29:3d:7c:8c:a2:76:55:5c:84:c4:0b:19:76:6b:
45:a4:82:67:17:b3:b6:b3:8c:d0:f9:0a:66:94:1d:
66:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AB:3C:99:F8:6A:32:A1:67:0C:9E:D4:D9:88:C3:A4:34:C3:93:E9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8qs8mfhqMqFnDJ7U2YjDpDTDk-k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:c4:3b:a5:f5:66:4f:51:16:bc:56:81:c1:ff:63:c0:31:a1:
a0:87:fb:a9:58:fb:75:76:4b:14:9b:a6:cf:ab:d0:32:43:9b:
f1:d0:44:96:ef:ac:d2:13:53:93:be:9a:ac:ff:e7:98:6a:35:
e1:db:f8:b7:62:e1:a2:0f:a8:9a:b2:27:3c:4f:40:ff:ca:65:
62:72:95:8c:4c:25:cb:d6:8a:c8:76:86:c1:46:c0:7f:4c:8c:
bc:32:6b:14:6b:ec:82:90:e2:83:3f:d5:b4:fd:a1:3e:bb:39:
09:73:fb:b7:fb:22:e0:c2:00:35:ed:d7:92:f9:61:87:4a:a9:
53:81:08:90:84:d4:ed:19:5d:f4:29:cf:42:5e:60:53:46:6b:
2f:f8:5e:c9:00:8c:76:de:a4:b0:17:73:81:f8:a5:03:7a:76:
46:b6:32:57:2d:12:2a:20:b5:94:8c:ec:6c:33:93:d0:58:bb:
e4:0d:28:6f:35:f6:32:fe:24:c1:26:24:9f:5d:1f:d8:09:7b:
09:cd:06:93:69:03:8d:d1:7b:6d:c2:24:57:d1:7c:de:2c:57:
99:e3:08:e0:5c:32:05:51:c1:1a:c1:0b:4b:dd:01:4d:b7:bb:
21:5f:d0:1f:86:80:70:0e:67:80:00:e5:fd:57:4b:0d:a7:84:
71:b6:5e:5e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUBowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUw
OTIzNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYyQUIzQzk5Rjg2QTMy
QTE2NzBDOUVENEQ5ODhDM0E0MzRDMzkzRTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClVQD1rDaeJrZoX95k1t/ak3e1JPcNWaOkYX3MBJT82u1HjGL8
rKGagSeA6ptmnWnQG31hzGGByaEwQpqVBICFEjHxLX+oOqZR7HpcRlCLfw6gTJmf
Zkhj7JFs9rl1JIQaOcPLrajTgP5mCYmDkbzsTS1HmT16XTdgRroqw+IJrx1puXnx
Sb8EfRHrYdt9XgfoF1Bse10A/FFijnc9VRtMkIJHIKRlPgG2K1kVjNOvFj4vvQLO
ZA1hPZkZkWkbCd0sztMtxmG8g4g6ZJJUXLf5BYbdNcN7aJ/B6AJJHkCdwwUpPXyM
onZVXITECxl2a0WkgmcXs7azjND5CmaUHWapAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU8qs8mfhqMqFnDJ7U2YjDpDTDk+kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhxczhtZmhxTXFGbkRK
N1UyWWpEcERURGstay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAn8Q7pfVmT1EWvFaBwf9jwDGhoIf7qVj7
dXZLFJumz6vQMkOb8dBElu+s0hNTk76arP/nmGo14dv4t2Lhog+omrInPE9A/8pl
YnKVjEwly9aKyHaGwUbAf0yMvDJrFGvsgpDigz/VtP2hPrs5CXP7t/si4MIANe3X
kvlhh0qpU4EIkITU7Rld9CnPQl5gU0ZrL/heyQCMdt6ksBdzgfilA3p2RrYyVy0S
KiC1lIzsbDOT0Fi75A0obzX2Mv4kwSYkn10f2Al7Cc0Gk2kDjdF7bcIkV9F83ixX
meMI4FwyBVHBGsELS90BTbe7IV/QH4aAcA5ngADl/VdLDaeEcbZeXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:09 2024 by rpki-client on console-fra.rpki-client.org