Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ENHmZdOZfiY3fqPaG_DjjDuBePk.roa
File: ENHmZdOZfiY3fqPaG_DjjDuBePk.roa (raw, json)
Hash identifier: +4CRBe4yS9kFanFdYPnHJxzJf55smEaT+murzTqI/pQ=
Subject key identifier: 10:D1:E6:65:D3:99:7E:26:37:7E:A3:DA:1B:F0:E3:8C:3B:81:78:F9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5582
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ENHmZdOZfiY3fqPaG_DjjDuBePk.roa
Signing time: Sun 12 May 2024 14:24:04 +0000
ROA not before: Sun 12 May 2024 14:24:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21890 (0x5582)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 14:24:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=10D1E665D3997E26377EA3DA1BF0E38C3B8178F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9c:9b:b8:6e:d0:57:58:d9:53:2a:47:45:25:
6d:28:a9:97:fa:21:27:12:9d:85:53:e5:28:11:1a:
df:c6:d4:d0:c0:5d:ee:54:69:ee:59:72:f0:ba:df:
20:27:74:df:dc:91:f2:49:1c:c7:9e:fb:47:0f:8f:
5b:6d:22:f8:bb:60:61:7a:f7:7e:ff:f3:30:e5:6e:
e5:c4:22:5e:e9:cb:e6:48:9b:b2:b7:f4:12:e0:14:
dc:f7:82:6d:30:c2:38:14:8a:8a:7b:7a:a2:81:46:
bd:bb:be:08:be:56:cf:eb:20:bb:08:87:81:b0:a8:
fe:09:2e:83:24:66:65:b8:a2:7e:8a:de:3e:e8:d0:
04:89:a8:c3:df:7d:67:28:8e:e9:39:d1:46:02:62:
7e:55:e4:88:53:81:5c:c1:a2:2f:ed:10:37:21:7e:
4f:23:3a:25:80:59:8b:70:01:74:74:47:40:29:25:
33:03:c7:c8:39:69:75:c8:0e:44:f7:16:9d:ad:be:
58:c8:ad:f9:9b:fb:bb:2b:e8:56:19:f0:3c:d8:34:
89:9e:e4:61:f4:b8:cd:07:a2:a6:64:e4:b6:b7:75:
dc:32:3a:9c:33:49:07:f7:5c:94:15:5f:4e:e7:fe:
76:99:52:01:b3:77:f0:34:ba:13:bc:7d:13:2a:ae:
c3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D1:E6:65:D3:99:7E:26:37:7E:A3:DA:1B:F0:E3:8C:3B:81:78:F9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ENHmZdOZfiY3fqPaG_DjjDuBePk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:3a:09:80:c9:74:dc:22:c1:ca:4c:2f:e2:c8:69:8c:6d:34:
7e:15:66:89:5a:5f:5c:6c:5d:d6:48:11:be:68:d2:e5:d7:55:
23:9a:04:0d:d5:3f:62:67:c5:c3:18:76:26:79:29:78:f0:2e:
29:d3:ab:44:b0:ce:2a:33:de:ca:87:1b:87:e3:20:d5:a2:2a:
6e:e5:5d:4c:b8:f0:6a:8b:54:1d:08:aa:c2:cd:c2:df:ef:79:
53:34:af:b3:6e:00:8f:b2:0a:c2:26:81:9d:16:9c:ca:b9:55:
15:93:fa:a0:0f:13:f2:6c:72:d3:cf:a4:00:f7:76:6f:ab:60:
9d:84:62:85:8d:be:26:87:24:95:65:32:a8:be:7c:0d:8c:f2:
7c:ab:9b:99:73:cb:27:f8:a4:76:45:ca:6d:be:08:4c:34:d7:
47:1c:cd:e9:a6:56:cf:ee:54:b4:54:d0:f9:bd:6a:c9:4f:17:
93:4b:16:b9:d9:c7:7d:9d:a3:2c:27:38:51:3b:01:b5:f9:70:
18:26:56:29:a4:bb:8b:2f:87:3e:dd:1d:a8:4e:0b:9b:11:97:
d1:c0:93:35:b4:fd:81:ee:45:90:93:18:fa:ee:8c:d9:f9:83:
65:db:2d:ee:48:80:35:96:e7:2c:17:01:bf:a8:ba:a6:dc:80:
09:9b:8d:ed
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIx
NDI0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEwRDFFNjY1RDM5OTdF
MjYzNzdFQTNEQTFCRjBFMzhDM0I4MTc4RjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUnJu4btBXWNlTKkdFJW0oqZf6IScSnYVT5SgRGt/G1NDAXe5U
ae5ZcvC63yAndN/ckfJJHMee+0cPj1ttIvi7YGF6937/8zDlbuXEIl7py+ZIm7K3
9BLgFNz3gm0wwjgUiop7eqKBRr27vgi+Vs/rILsIh4GwqP4JLoMkZmW4on6K3j7o
0ASJqMPffWcojuk50UYCYn5V5IhTgVzBoi/tEDchfk8jOiWAWYtwAXR0R0ApJTMD
x8g5aXXIDkT3Fp2tvljIrfmb+7sr6FYZ8DzYNIme5GH0uM0HoqZk5La3ddwyOpwz
SQf3XJQVX07n/naZUgGzd/A0uhO8fRMqrsOTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUENHmZdOZfiY3fqPaG/DjjDuBePkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0VOSG1aZE9aZmlZM2Zx
UGFHX0RqakR1QmVQay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAIToJgMl03CLBykwv4shpjG00fhVmiVpf
XGxd1kgRvmjS5ddVI5oEDdU/YmfFwxh2JnkpePAuKdOrRLDOKjPeyocbh+Mg1aIq
buVdTLjwaotUHQiqws3C3+95UzSvs24Aj7IKwiaBnRacyrlVFZP6oA8T8mxy08+k
APd2b6tgnYRihY2+JocklWUyqL58DYzyfKubmXPLJ/ikdkXKbb4ITDTXRxzN6aZW
z+5UtFTQ+b1qyU8Xk0sWudnHfZ2jLCc4UTsBtflwGCZWKaS7iy+HPt0dqE4LmxGX
0cCTNbT9ge5FkJMY+u6M2fmDZdst7kiANZbnLBcBv6i6ptyACZuN7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:25 2024 by rpki-client on console-ams.rpki-client.org