Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/FhUnYqy3jIUHhYRbrX6Vy_zcOyI.roa
File: FhUnYqy3jIUHhYRbrX6Vy_zcOyI.roa (raw, json)
Hash identifier: rIWl2SDBFLy0j0fkgZRhdIgFREX7g9ovJio8mSJgaS4=
Subject key identifier: 16:15:27:62:AC:B7:8C:85:07:85:84:5B:AD:7E:95:CB:FC:DC:3B:22
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B8A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FhUnYqy3jIUHhYRbrX6Vy_zcOyI.roa
Signing time: Sun 07 Apr 2024 23:22:34 +0000
ROA not before: Sun 07 Apr 2024 23:22:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15242 (0x3b8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 23:22:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=16152762ACB78C850785845BAD7E95CBFCDC3B22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0a:63:93:f4:35:85:ed:8a:2b:64:ce:0d:43:
88:99:12:8f:41:06:97:df:ee:83:6b:07:05:46:70:
5e:5e:d1:1a:c5:4d:49:b9:f9:fb:47:f2:81:8e:fb:
b4:54:4b:f2:8c:3c:f9:68:f8:4a:41:0c:71:c5:bd:
1b:08:b1:98:45:1c:78:54:57:1c:1e:79:28:62:19:
c4:e8:c0:eb:df:08:67:e3:2f:2a:ed:79:ea:a8:65:
30:1a:46:92:aa:37:5f:e7:1f:dd:9b:20:5e:21:e7:
96:14:fd:0e:6c:d3:82:53:54:6f:4d:fd:73:35:a1:
ce:20:47:bf:e5:ef:20:25:fe:0e:b8:6a:85:22:30:
e2:ad:77:b2:5c:39:2d:41:87:66:a7:e9:47:8b:f5:
31:db:26:aa:a3:d3:61:cf:11:24:c3:4a:c9:4d:bb:
a6:f3:34:54:c3:27:94:f9:99:0c:b6:69:15:e0:0f:
5e:4e:70:28:13:66:35:0f:3d:3a:44:cb:29:b0:63:
39:c6:dd:f1:61:23:8c:31:90:b2:ad:97:a4:66:d5:
6c:a8:f1:49:3a:28:45:a4:0d:d6:0b:c4:5d:27:8e:
43:52:75:c5:c0:05:f0:9a:d1:92:c0:d1:d4:64:9d:
38:52:38:f9:d4:bf:a2:e1:26:b7:64:84:57:c5:46:
06:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:15:27:62:AC:B7:8C:85:07:85:84:5B:AD:7E:95:CB:FC:DC:3B:22
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FhUnYqy3jIUHhYRbrX6Vy_zcOyI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:82:e1:f6:a7:a1:2b:5f:ed:d8:83:71:42:92:f8:8d:27:50:
36:75:96:ff:c0:30:80:6e:43:30:8c:45:c2:43:ea:8a:3b:5a:
56:2b:1d:a8:90:d6:21:2b:23:30:13:65:86:9d:63:54:15:86:
45:e3:6f:c9:af:d7:07:df:7d:98:87:03:4d:8c:cc:fc:98:89:
df:bd:97:0c:0f:cd:5c:6e:26:6a:67:1f:1e:ec:10:40:62:6a:
7a:ed:ab:10:76:43:cf:f4:51:96:5a:e1:85:0f:5b:c6:64:5a:
e6:c3:e9:76:be:cd:f3:0c:f7:59:3f:65:43:a2:54:95:60:51:
0f:c9:37:d2:b1:7c:0d:8d:d7:01:0c:4b:bf:4d:9b:a0:8c:14:
b7:da:4a:c3:84:ad:82:1c:f6:af:cd:f9:05:d7:77:f3:ce:c9:
d4:0c:a4:66:37:df:12:9e:ef:f0:55:d3:cd:1d:21:18:64:1c:
54:f3:63:39:02:f3:4e:f2:1e:4a:d8:23:c4:a8:19:5f:f3:47:
27:ef:df:37:96:39:58:f6:fd:c5:9a:0e:5d:ac:5e:cf:0a:34:
9d:73:5d:d3:d1:84:98:95:2c:13:0a:4b:2a:b9:c0:aa:77:d1:
e4:8a:c4:5a:26:78:80:0a:00:6f:ac:ca:82:1f:5d:f0:54:f8:
6b:fa:80:15
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICO4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcy
MzIyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE2MTUyNzYyQUNCNzhD
ODUwNzg1ODQ1QkFEN0U5NUNCRkNEQzNCMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClCmOT9DWF7YorZM4NQ4iZEo9BBpff7oNrBwVGcF5e0RrFTUm5
+ftH8oGO+7RUS/KMPPlo+EpBDHHFvRsIsZhFHHhUVxweeShiGcTowOvfCGfjLyrt
eeqoZTAaRpKqN1/nH92bIF4h55YU/Q5s04JTVG9N/XM1oc4gR7/l7yAl/g64aoUi
MOKtd7JcOS1Bh2an6UeL9THbJqqj02HPESTDSslNu6bzNFTDJ5T5mQy2aRXgD15O
cCgTZjUPPTpEyymwYznG3fFhI4wxkLKtl6Rm1Wyo8Uk6KEWkDdYLxF0njkNSdcXA
BfCa0ZLA0dRknThSOPnUv6LhJrdkhFfFRgbxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUFhUnYqy3jIUHhYRbrX6Vy/zcOyIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZoVW5ZcXkzaklVSGhZ
UmJyWDZWeV96Y095SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAXoLh9qehK1/t2INxQpL4jSdQNnWW/8Aw
gG5DMIxFwkPqijtaVisdqJDWISsjMBNlhp1jVBWGReNvya/XB999mIcDTYzM/JiJ
372XDA/NXG4mamcfHuwQQGJqeu2rEHZDz/RRllrhhQ9bxmRa5sPpdr7N8wz3WT9l
Q6JUlWBRD8k30rF8DY3XAQxLv02boIwUt9pKw4Stghz2r835Bdd3887J1AykZjff
Ep7v8FXTzR0hGGQcVPNjOQLzTvIeStgjxKgZX/NHJ+/fN5Y5WPb9xZoOXaxezwo0
nXNd09GEmJUsEwpLKrnAqnfR5IrEWiZ4gAoAb6zKgh9d8FT4a/qAFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:15 2024 by rpki-client on console-fra.rpki-client.org