Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/H6n0wnEupa4iM8t88oTxaEqL0N0.roa
File: H6n0wnEupa4iM8t88oTxaEqL0N0.roa (raw, json)
Hash identifier: 9VSCpFheDsP5hP0t2fR4dUZm3l+JrD1gXNPWv+Lcut8=
Subject key identifier: 1F:A9:F4:C2:71:2E:A5:AE:22:33:CB:7C:F2:84:F1:68:4A:8B:D0:DD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44AE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/H6n0wnEupa4iM8t88oTxaEqL0N0.roa
Signing time: Sat 20 Apr 2024 03:53:05 +0000
ROA not before: Sat 20 Apr 2024 03:53:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17582 (0x44ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 03:53:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1FA9F4C2712EA5AE2233CB7CF284F1684A8BD0DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:96:cf:24:3c:d1:da:92:09:21:a4:f9:26:82:
21:e3:13:41:e4:61:e4:bc:82:46:1c:9b:36:93:70:
3b:20:2d:ea:a9:a1:3b:95:b6:aa:7f:e8:53:6c:7c:
9d:28:77:05:8f:b5:45:69:2e:0c:a2:52:58:5a:c4:
49:14:90:80:56:63:c2:71:f8:68:eb:d7:bb:a9:d6:
2b:48:fe:6c:2d:9a:31:67:d2:8b:39:b7:c7:b2:14:
24:dc:e6:8d:98:08:c1:dd:ee:8b:fd:f2:2e:c6:fe:
e7:8a:d1:0b:17:07:db:42:a3:a0:6c:6a:9d:cf:98:
ed:91:05:bf:fa:41:d0:0d:61:35:cf:8d:64:45:cf:
70:1a:da:d3:6e:79:26:9b:59:12:d1:33:a3:c0:de:
39:1f:30:90:5c:e7:dc:a7:d2:b7:5d:e3:0d:f3:16:
6b:46:fe:9d:f3:68:31:8f:75:a4:59:36:f6:4c:f2:
0e:1f:5c:18:22:92:0b:dc:0e:28:50:50:0e:9a:2e:
1b:7c:7b:67:e6:b9:95:a6:1b:1d:70:0b:3b:af:d5:
0f:15:f5:18:9a:c4:9e:f8:23:b3:14:cc:89:f6:44:
36:8d:27:76:67:c7:af:81:44:a5:98:9c:a2:88:0c:
29:c5:5b:5e:bb:7d:eb:03:43:5f:85:f6:6d:9b:6d:
5e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A9:F4:C2:71:2E:A5:AE:22:33:CB:7C:F2:84:F1:68:4A:8B:D0:DD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/H6n0wnEupa4iM8t88oTxaEqL0N0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:32:80:2d:f9:99:80:96:ea:81:43:2f:70:0e:81:3f:a2:c1:
49:2d:08:52:28:78:06:da:ad:09:24:b3:f3:7c:56:dc:44:44:
63:43:e2:ba:95:ab:0c:fc:26:1e:05:59:fd:51:7e:bd:3c:6a:
6c:5a:99:55:d7:a4:c6:a8:0b:e2:2e:3f:84:24:ac:83:c6:62:
07:49:4d:35:55:df:3b:7a:76:27:34:27:81:af:55:e6:43:bd:
fa:3d:65:86:0e:e3:ff:27:48:1c:a1:c8:19:91:2d:ba:68:44:
d7:8f:05:3e:e5:ba:0f:96:fb:31:59:08:20:bc:39:cb:f4:bf:
c4:92:20:22:74:aa:0b:25:37:3f:9e:68:ef:72:67:9f:ec:f2:
e7:58:0b:8e:44:fa:b9:60:ba:3f:58:f6:76:a0:ed:ea:1b:d1:
14:a3:31:03:13:72:72:84:1f:a4:08:44:e7:54:55:7c:94:c9:
4c:06:9e:ed:7a:7f:ba:e8:50:37:a4:78:b3:a4:d0:a9:6a:ec:
7d:40:48:69:f9:d7:29:b3:43:b0:66:57:ad:30:31:ec:f2:09:
0f:6c:3e:c9:fb:3c:44:62:a9:f1:a4:ff:25:03:06:1f:27:62:
11:34:a7:77:db:38:06:a6:4a:44:01:ed:2b:90:99:2a:2b:d4:
23:33:81:c9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRK4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
MzUzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFGQTlGNEMyNzEyRUE1
QUUyMjMzQ0I3Q0YyODRGMTY4NEE4QkQwREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHls8kPNHakgkhpPkmgiHjE0HkYeS8gkYcmzaTcDsgLeqpoTuV
tqp/6FNsfJ0odwWPtUVpLgyiUlhaxEkUkIBWY8Jx+Gjr17up1itI/mwtmjFn0os5
t8eyFCTc5o2YCMHd7ov98i7G/ueK0QsXB9tCo6Bsap3PmO2RBb/6QdANYTXPjWRF
z3Aa2tNueSabWRLRM6PA3jkfMJBc59yn0rdd4w3zFmtG/p3zaDGPdaRZNvZM8g4f
XBgikgvcDihQUA6aLht8e2fmuZWmGx1wCzuv1Q8V9RiaxJ74I7MUzIn2RDaNJ3Zn
x6+BRKWYnKKIDCnFW167fesDQ1+F9m2bbV7rAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUH6n0wnEupa4iM8t88oTxaEqL0N0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0g2bjB3bkV1cGE0aU04
dDg4b1R4YUVxTDBOMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAqTKALfmZgJbqgUMvcA6BP6LBSS0IUih4
BtqtCSSz83xW3EREY0PiupWrDPwmHgVZ/VF+vTxqbFqZVdekxqgL4i4/hCSsg8Zi
B0lNNVXfO3p2JzQnga9V5kO9+j1lhg7j/ydIHKHIGZEtumhE148FPuW6D5b7MVkI
ILw5y/S/xJIgInSqCyU3P55o73Jnn+zy51gLjkT6uWC6P1j2dqDt6hvRFKMxAxNy
coQfpAhE51RVfJTJTAae7Xp/uuhQN6R4s6TQqWrsfUBIafnXKbNDsGZXrTAx7PIJ
D2w+yfs8RGKp8aT/JQMGHydiETSnd9s4BqZKRAHtK5CZKivUIzOByQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:16 2024 by rpki-client on console-fra.rpki-client.org