Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DOjlI8MH7PNgzQU0d2XZEJSj1Qs.roa
File: DOjlI8MH7PNgzQU0d2XZEJSj1Qs.roa (raw, json)
Hash identifier: 9hYVYIu8vYi30tzSy0Q9dtqs+CMEO+KCSQCNCk6SKOA=
Subject key identifier: 0C:E8:E5:23:C3:07:EC:F3:60:CD:05:34:77:65:D9:10:94:A3:D5:0B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 572A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DOjlI8MH7PNgzQU0d2XZEJSj1Qs.roa
Signing time: Tue 14 May 2024 19:24:14 +0000
ROA not before: Tue 14 May 2024 19:24:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22314 (0x572a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 19:24:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0CE8E523C307ECF360CD05347765D91094A3D50B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:87:ac:c5:f2:26:86:ae:cc:95:6b:d6:82:ac:
06:45:4a:c8:31:97:76:ac:22:0c:e8:a9:cd:84:c2:
11:ed:33:e8:d6:d1:97:66:ff:86:dd:80:e6:72:99:
a6:2c:b2:57:31:62:e6:01:fb:81:06:1c:23:5d:91:
34:e4:74:7f:9e:4d:63:cc:27:be:86:b8:08:51:e3:
29:d4:86:5f:53:26:60:87:13:2d:62:7e:1d:41:7e:
65:fc:42:7d:94:b7:75:90:1f:c9:8d:2c:53:ba:5d:
d7:e7:15:d2:d2:80:7e:9b:82:11:71:05:83:ec:27:
83:d4:c7:3d:97:bd:b4:6c:ff:a7:1a:db:cf:6d:ba:
39:74:31:10:55:33:6b:2a:34:77:a7:ce:3f:b1:29:
9c:57:b9:23:c6:70:9b:e6:4f:4c:1b:b0:65:b5:a8:
6c:cf:64:1c:b9:7a:39:2b:a8:05:83:ab:9c:3d:98:
ec:66:f7:e0:d2:c6:87:5a:4e:1b:54:02:b2:98:81:
60:95:ff:c7:7d:ed:35:8d:e1:8d:51:6c:df:46:21:
f8:45:59:42:17:09:b9:0a:39:0d:80:31:13:45:75:
03:f4:f5:f4:1c:1f:b6:b4:92:11:24:52:e0:35:99:
20:c9:b6:61:18:05:23:40:69:83:c1:e9:ce:f9:87:
b3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E8:E5:23:C3:07:EC:F3:60:CD:05:34:77:65:D9:10:94:A3:D5:0B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DOjlI8MH7PNgzQU0d2XZEJSj1Qs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:e9:40:7b:e4:5b:95:2d:40:84:6e:47:71:0d:5b:32:c5:27:
c5:fe:b4:f1:03:c3:4f:d1:34:a1:d3:f1:7d:52:dc:f7:2b:d0:
2d:6b:54:17:57:7f:0f:ec:02:65:49:12:ce:88:0a:2b:b1:fa:
90:77:ea:bc:56:22:09:be:9c:9d:73:d1:42:09:33:b4:51:25:
2a:b5:4c:87:73:4b:d4:11:4d:49:d9:83:4c:62:44:1a:db:96:
1d:89:a4:10:c4:11:e8:3f:a6:f9:61:69:b5:3e:d2:3d:bb:74:
9e:71:66:20:0d:c9:3f:0b:1a:05:a7:99:c2:0b:f8:5a:0c:5d:
4d:5b:6e:19:3b:60:d8:23:60:7d:8e:e8:60:0b:5e:ef:64:75:
5d:09:2a:5a:67:70:6b:25:cf:9e:ef:96:e3:4d:52:bc:e5:a1:
d9:90:e5:53:4b:f4:e8:8e:cf:de:ad:ba:3c:66:21:be:69:be:
90:25:9d:3c:6b:35:67:36:f5:b6:25:c5:b9:af:84:19:6f:62:
b7:65:41:ab:f1:c1:b0:ac:73:91:79:be:01:68:3a:e8:e9:bb:
1d:f7:46:cb:72:4e:1c:2a:8e:d4:56:72:a7:0c:20:82:c8:a0:
58:16:4a:b1:57:1f:51:8a:bd:c9:31:80:e5:b7:5c:73:a0:0d:
66:84:a8:63
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQx
OTI0MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBDRThFNTIzQzMwN0VD
RjM2MENEMDUzNDc3NjVEOTEwOTRBM0Q1MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnh6zF8iaGrsyVa9aCrAZFSsgxl3asIgzoqc2EwhHtM+jW0Zdm
/4bdgOZymaYsslcxYuYB+4EGHCNdkTTkdH+eTWPMJ76GuAhR4ynUhl9TJmCHEy1i
fh1BfmX8Qn2Ut3WQH8mNLFO6XdfnFdLSgH6bghFxBYPsJ4PUxz2XvbRs/6ca289t
ujl0MRBVM2sqNHenzj+xKZxXuSPGcJvmT0wbsGW1qGzPZBy5ejkrqAWDq5w9mOxm
9+DSxodaThtUArKYgWCV/8d97TWN4Y1RbN9GIfhFWUIXCbkKOQ2AMRNFdQP09fQc
H7a0khEkUuA1mSDJtmEYBSNAaYPB6c75h7PZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUDOjlI8MH7PNgzQU0d2XZEJSj1QswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RPamxJOE1IN1BOZ3pR
VTBkMlhaRUpTajFRcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAWulAe+RblS1AhG5HcQ1bMsUnxf608QPD
T9E0odPxfVLc9yvQLWtUF1d/D+wCZUkSzogKK7H6kHfqvFYiCb6cnXPRQgkztFEl
KrVMh3NL1BFNSdmDTGJEGtuWHYmkEMQR6D+m+WFptT7SPbt0nnFmIA3JPwsaBaeZ
wgv4WgxdTVtuGTtg2CNgfY7oYAte72R1XQkqWmdwayXPnu+W401SvOWh2ZDlU0v0
6I7P3q26PGYhvmm+kCWdPGs1Zzb1tiXFua+EGW9it2VBq/HBsKxzkXm+AWg66Om7
HfdGy3JOHCqO1FZypwwggsigWBZKsVcfUYq9yTGA5bdcc6ANZoSoYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:13 2024 by rpki-client on console-fra.rpki-client.org