Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CuwHPX0yuWooAT413sLNqt5FBs8.roa
File: CuwHPX0yuWooAT413sLNqt5FBs8.roa (raw, json)
Hash identifier: TsvV3dW3pAanbosGzM9/jwzVmm+62r4yVIT3bxkhkZY=
Subject key identifier: 0A:EC:07:3D:7D:32:B9:6A:28:01:3E:35:DE:C2:CD:AA:DE:45:06:CF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4CA2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CuwHPX0yuWooAT413sLNqt5FBs8.roa
Signing time: Tue 30 Apr 2024 18:23:54 +0000
ROA not before: Tue 30 Apr 2024 18:23:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19618 (0x4ca2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 18:23:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0AEC073D7D32B96A28013E35DEC2CDAADE4506CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:33:9a:eb:0a:b2:37:8d:ec:31:fc:72:87:fd:
50:53:a2:de:ea:16:fb:2e:38:a6:2c:86:02:05:7f:
07:87:f0:46:6d:4c:62:92:bd:36:9b:a1:da:78:cb:
90:f4:fb:33:2e:cf:bb:dd:1b:27:d3:0d:a9:e6:f4:
49:b5:16:2f:52:ef:1a:ad:42:1b:19:8c:5c:75:29:
0f:91:26:65:74:26:e2:83:6e:18:b1:ff:f9:5e:04:
d4:32:b8:19:6a:67:5a:74:7e:12:a9:1e:c7:4f:88:
8b:b1:8b:0d:ac:07:12:0d:fd:0d:18:81:b3:79:11:
98:e8:7a:cb:cf:e6:91:2b:07:a8:e6:60:97:63:03:
9c:e9:06:10:c9:8a:83:ba:52:c2:5c:c9:17:cb:55:
70:18:2e:8e:12:bf:ee:19:e1:05:97:e3:43:2e:ce:
a4:b9:d4:73:ac:01:6f:f5:53:5b:3e:c3:79:f8:c6:
0d:4f:8f:24:83:1a:68:79:c5:21:e9:80:32:8c:95:
24:d5:8c:ee:4c:59:82:bf:1c:73:2d:da:4d:30:9b:
1a:67:1c:19:3a:be:79:c2:80:a2:c9:4c:c0:11:a7:
23:11:18:01:a7:e6:fb:be:5d:b7:3b:ff:50:bf:0e:
13:01:fa:bb:3f:b3:69:41:c5:fa:79:b5:91:ee:7f:
93:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:EC:07:3D:7D:32:B9:6A:28:01:3E:35:DE:C2:CD:AA:DE:45:06:CF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CuwHPX0yuWooAT413sLNqt5FBs8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:6d:7b:95:61:06:be:5f:fb:1e:d5:6d:71:26:99:e1:06:9a:
ef:60:7d:38:17:78:f1:a4:27:cf:f3:23:8e:96:53:2e:1a:8c:
b4:9f:58:9a:a7:d6:0a:fb:ab:db:45:7f:da:ec:8e:77:24:e0:
51:91:3a:d7:2b:65:ff:b0:25:fa:46:25:f3:dd:be:e3:8e:db:
40:d2:a4:d2:60:11:e7:b4:65:88:b7:6d:05:1b:ce:05:10:88:
e9:5b:dc:6f:2c:d5:ee:0c:64:46:d5:09:69:b5:59:3c:64:fe:
20:3f:58:22:78:0e:91:87:a7:60:fc:49:39:e5:cf:9c:4d:cf:
15:5e:e0:b9:ce:93:f2:66:84:40:3e:14:5e:7b:a5:63:d7:25:
94:0a:84:36:d3:a2:b3:cc:af:be:13:72:c4:df:ef:26:d9:0d:
62:a7:27:7f:62:37:e7:0e:d7:72:fe:53:1e:e9:e0:ff:a0:90:
d0:e7:ba:f0:36:4e:20:53:34:0b:12:cd:19:a8:5b:62:fe:69:
02:ce:e6:e6:36:b7:09:58:b8:73:f8:43:12:a8:89:19:9d:35:
28:ec:70:6c:53:b7:d8:d3:c3:e6:9e:09:85:88:46:e0:24:f9:
52:48:a8:31:00:22:54:32:49:83:a2:86:cd:4e:56:07:f5:ef:
07:15:e2:2d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAx
ODIzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBBRUMwNzNEN0QzMkI5
NkEyODAxM0UzNURFQzJDREFBREU0NTA2Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrM5rrCrI3jewx/HKH/VBTot7qFvsuOKYshgIFfweH8EZtTGKS
vTabodp4y5D0+zMuz7vdGyfTDanm9Em1Fi9S7xqtQhsZjFx1KQ+RJmV0JuKDbhix
//leBNQyuBlqZ1p0fhKpHsdPiIuxiw2sBxIN/Q0YgbN5EZjoesvP5pErB6jmYJdj
A5zpBhDJioO6UsJcyRfLVXAYLo4Sv+4Z4QWX40MuzqS51HOsAW/1U1s+w3n4xg1P
jySDGmh5xSHpgDKMlSTVjO5MWYK/HHMt2k0wmxpnHBk6vnnCgKLJTMARpyMRGAGn
5vu+Xbc7/1C/DhMB+rs/s2lBxfp5tZHuf5NhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCuwHPX0yuWooAT413sLNqt5FBs8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0N1d0hQWDB5dVdvb0FU
NDEzc0xOcXQ1RkJzOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAl217lWEGvl/7HtVtcSaZ4Qaa72B9OBd4
8aQnz/MjjpZTLhqMtJ9YmqfWCvur20V/2uyOdyTgUZE61ytl/7Al+kYl892+447b
QNKk0mAR57RliLdtBRvOBRCI6VvcbyzV7gxkRtUJabVZPGT+ID9YIngOkYenYPxJ
OeXPnE3PFV7guc6T8maEQD4UXnulY9cllAqENtOis8yvvhNyxN/vJtkNYqcnf2I3
5w7Xcv5THung/6CQ0Oe68DZOIFM0CxLNGahbYv5pAs7m5ja3CVi4c/hDEqiJGZ01
KOxwbFO32NPD5p4JhYhG4CT5UkioMQAiVDJJg6KGzU5WB/XvBxXiLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:24 2024 by rpki-client on console-ams.rpki-client.org