Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DQ-mhWf9Cq5D6HwP9ImoegrA5FM.roa
File: DQ-mhWf9Cq5D6HwP9ImoegrA5FM.roa (raw, json)
Hash identifier: jBL3BIh6cK7ynwjGzULOzTiexaL8FQdDXCZidRiZthc=
Subject key identifier: 0D:0F:A6:85:67:FD:0A:AE:43:E8:7C:0F:F4:89:A8:7A:0A:C0:E4:53
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43CA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DQ-mhWf9Cq5D6HwP9ImoegrA5FM.roa
Signing time: Thu 18 Apr 2024 23:22:59 +0000
ROA not before: Thu 18 Apr 2024 23:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17354 (0x43ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 23:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0D0FA68567FD0AAE43E87C0FF489A87A0AC0E453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:73:35:7e:2d:45:71:f3:ee:bc:54:47:72:7e:
8e:f4:df:25:d9:e3:04:da:4f:65:91:60:bf:f3:6b:
62:a5:4c:88:46:f7:30:a9:8d:ad:55:7c:6f:43:e5:
93:a4:95:5c:a2:91:53:a6:66:82:62:4a:53:51:bd:
e6:8f:81:4d:19:4b:a3:d6:93:07:9e:60:29:dc:ec:
36:5c:a8:59:8c:6f:20:89:76:13:9a:00:15:2f:d4:
aa:79:ea:81:90:ee:7d:6c:46:4d:69:77:85:99:0a:
d6:2e:64:39:98:35:c1:fd:5c:6e:b4:8c:e5:a9:73:
49:47:9f:1f:d5:7f:bb:93:47:a4:80:ae:d0:1d:6b:
cb:de:72:ff:93:d0:67:26:58:a4:2b:89:f4:3c:1b:
4b:b9:98:11:0d:3a:9b:e4:fc:b6:d1:b0:df:5c:97:
2d:43:2c:ed:f3:e3:a2:28:69:e9:a8:10:8f:27:e3:
70:5d:af:4a:7c:29:7c:69:43:55:87:4f:a9:c2:4a:
65:6d:23:29:b7:53:a0:51:8e:cf:7b:03:46:e9:78:
fd:ee:a4:64:46:79:68:04:3b:7d:e6:c4:6c:73:0c:
22:2b:df:17:95:ce:34:fc:b8:cf:60:43:a3:85:3b:
5c:62:8e:84:a0:17:c1:85:7b:14:38:b0:d8:5b:55:
37:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:0F:A6:85:67:FD:0A:AE:43:E8:7C:0F:F4:89:A8:7A:0A:C0:E4:53
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DQ-mhWf9Cq5D6HwP9ImoegrA5FM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:2f:21:d6:fd:0c:59:c2:0e:b1:6b:1e:c3:6d:05:5d:9a:84:
8d:16:83:a3:44:c0:02:73:40:ad:cb:30:71:03:1b:49:a3:72:
d8:9a:8e:b8:6e:9b:4b:be:61:8a:91:7b:36:41:69:f2:d3:2a:
fd:98:67:db:60:f4:13:4c:ba:bc:ce:e8:2c:56:30:7d:0c:ce:
b6:47:ac:aa:d7:47:41:cd:cf:70:fa:73:79:a7:0b:a1:80:76:
12:f4:b5:b6:e1:ae:ea:12:10:2b:94:f7:52:9e:8c:07:5f:2e:
96:39:9e:28:92:9b:3f:d9:22:fb:9f:de:8b:54:2a:5a:f1:a0:
af:06:e7:44:d5:1c:a5:cd:b9:92:96:c6:37:c2:4b:1e:7a:87:
69:d0:55:44:df:2c:fd:05:ac:94:89:75:f5:26:43:6b:d5:17:
b7:e3:28:70:6e:08:ce:20:16:f5:d8:a7:91:31:ec:64:1b:68:
a2:6a:28:ba:31:2c:0e:7a:59:0a:a5:2f:ab:38:ab:e7:2b:df:
cd:df:95:22:d5:2d:45:bb:e9:7d:96:82:84:2d:50:1d:aa:60:
46:10:c7:2b:52:ac:11:07:90:36:94:c0:f6:36:5b:39:7c:ad:
66:7f:21:68:04:c2:05:97:58:e5:6f:08:45:73:8f:26:dc:63:
9e:76:1f:1e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ8owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgy
MzIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBEMEZBNjg1NjdGRDBB
QUU0M0U4N0MwRkY0ODlBODdBMEFDMEU0NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXczV+LUVx8+68VEdyfo703yXZ4wTaT2WRYL/za2KlTIhG9zCp
ja1VfG9D5ZOklVyikVOmZoJiSlNRveaPgU0ZS6PWkweeYCnc7DZcqFmMbyCJdhOa
ABUv1Kp56oGQ7n1sRk1pd4WZCtYuZDmYNcH9XG60jOWpc0lHnx/Vf7uTR6SArtAd
a8vecv+T0GcmWKQrifQ8G0u5mBENOpvk/LbRsN9cly1DLO3z46IoaemoEI8n43Bd
r0p8KXxpQ1WHT6nCSmVtIym3U6BRjs97A0bpeP3upGRGeWgEO33mxGxzDCIr3xeV
zjT8uM9gQ6OFO1xijoSgF8GFexQ4sNhbVTdjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUDQ+mhWf9Cq5D6HwP9ImoegrA5FMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RRLW1oV2Y5Q3E1RDZI
d1A5SW1vZWdyQTVGTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQS8h1v0MWcIOsWsew20FXZqEjRaDo0TA
AnNArcswcQMbSaNy2JqOuG6bS75hipF7NkFp8tMq/Zhn22D0E0y6vM7oLFYwfQzO
tkesqtdHQc3PcPpzeacLoYB2EvS1tuGu6hIQK5T3Up6MB18uljmeKJKbP9ki+5/e
i1QqWvGgrwbnRNUcpc25kpbGN8JLHnqHadBVRN8s/QWslIl19SZDa9UXt+MocG4I
ziAW9dinkTHsZBtoomooujEsDnpZCqUvqzir5yvfzd+VItUtRbvpfZaChC1QHapg
RhDHK1KsEQeQNpTA9jZbOXytZn8haATCBZdY5W8IRXOPJtxjnnYfHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:24 2024 by rpki-client on console-ams.rpki-client.org