Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/HI1g8Y7MXu6T_JwtkMR7lKHOrmk.roa
File: HI1g8Y7MXu6T_JwtkMR7lKHOrmk.roa (raw, json)
Hash identifier: eKT25KEXqsEEAMORN57u6NWoTQlf2r8hQCbL6JvX0Rg=
Subject key identifier: 1C:8D:60:F1:8E:CC:5E:EE:93:FC:9C:2D:90:C4:7B:94:A1:CE:AE:69
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 412A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HI1g8Y7MXu6T_JwtkMR7lKHOrmk.roa
Signing time: Mon 15 Apr 2024 11:22:53 +0000
ROA not before: Mon 15 Apr 2024 11:22:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16682 (0x412a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 11:22:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1C8D60F18ECC5EEE93FC9C2D90C47B94A1CEAE69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:82:6a:ce:6d:f9:5f:95:3b:94:96:7e:98:21:
fa:5c:62:16:d2:fc:3d:7d:a6:92:f6:6a:01:ce:6b:
1c:d8:08:20:28:74:6d:0e:22:53:e8:d8:1f:2a:26:
00:68:c4:0b:c4:6f:75:3c:42:03:45:b0:1e:03:b4:
a8:30:1d:e9:3e:b3:3b:1e:47:d1:5c:37:f6:98:b0:
d7:d8:8c:88:76:e8:d6:f7:86:d6:57:13:4e:87:a7:
02:6c:2d:86:be:2c:1f:6d:d4:21:3b:69:a3:fc:94:
12:22:a4:e0:e6:5c:1e:12:87:2c:28:f1:ce:bc:a7:
27:a5:a1:d5:39:b3:99:c7:25:d8:6e:11:d9:9f:be:
55:ad:ea:20:04:52:d7:da:a6:a4:e7:9f:6e:ac:49:
35:46:25:76:63:fe:a8:f3:70:dd:dc:30:c5:40:e6:
34:f4:5e:19:02:3c:0d:df:c2:bf:81:7b:62:69:a4:
ef:79:d9:64:9c:60:a6:4b:06:46:a8:cc:ce:b3:79:
4a:bc:10:5e:c3:c0:03:75:e3:5c:bf:d5:33:17:8b:
33:09:9a:f3:3b:94:3d:98:c4:0c:ed:c3:39:0a:70:
5e:9d:c7:82:cd:90:b7:b0:44:98:f6:45:3e:ef:cd:
e5:fe:b2:ea:0e:3a:0d:bf:20:79:f4:27:09:91:8b:
cd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8D:60:F1:8E:CC:5E:EE:93:FC:9C:2D:90:C4:7B:94:A1:CE:AE:69
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HI1g8Y7MXu6T_JwtkMR7lKHOrmk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:ae:d1:d6:00:fe:26:e3:d1:e9:fd:93:19:80:c0:67:42:9a:
4b:b1:eb:61:31:39:5e:dc:d7:89:70:b7:5a:74:c1:48:eb:4f:
bc:e1:f6:c9:c3:43:fa:46:d7:bf:00:35:37:93:92:dc:6c:b9:
51:0e:a5:5e:44:19:c0:ae:cc:78:9f:8d:fb:1b:41:67:d0:53:
3e:f4:ee:7a:a5:e1:d2:03:19:80:94:93:fb:00:4e:6c:41:ff:
37:9b:70:cb:db:cd:84:d0:60:00:4e:09:0d:0f:62:4e:25:9a:
36:17:5b:21:14:5a:5d:b5:1e:b6:d9:0f:fe:a7:46:63:98:b8:
5c:f4:72:00:03:32:f4:53:60:bf:0f:2e:b8:b9:e6:90:ec:db:
23:c1:a1:f3:21:8a:5d:32:40:57:17:7c:75:df:35:cf:13:6d:
60:77:ea:57:29:b8:a1:43:ae:1e:07:2d:bd:13:99:5f:a3:70:
48:6e:94:48:be:63:4c:0c:79:69:67:85:a2:b3:cf:c6:80:07:
4a:33:42:8b:05:78:41:98:d5:ca:b0:52:8b:26:1f:37:70:e3:
2a:4d:e9:c5:f8:23:88:e8:c2:b9:5f:20:4c:bf:f0:e3:04:ee:
a1:28:dd:fe:84:e0:7a:d7:dc:bc:04:b0:72:06:49:9c:24:c7:
62:83:45:3a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQSowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUx
MTIyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFDOEQ2MEYxOEVDQzVF
RUU5M0ZDOUMyRDkwQzQ3Qjk0QTFDRUFFNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDggmrObflflTuUln6YIfpcYhbS/D19ppL2agHOaxzYCCAodG0O
IlPo2B8qJgBoxAvEb3U8QgNFsB4DtKgwHek+szseR9FcN/aYsNfYjIh26Nb3htZX
E06HpwJsLYa+LB9t1CE7aaP8lBIipODmXB4Shywo8c68pyelodU5s5nHJdhuEdmf
vlWt6iAEUtfapqTnn26sSTVGJXZj/qjzcN3cMMVA5jT0XhkCPA3fwr+Be2JppO95
2WScYKZLBkaozM6zeUq8EF7DwAN141y/1TMXizMJmvM7lD2YxAztwzkKcF6dx4LN
kLewRJj2RT7vzeX+suoOOg2/IHn0JwmRi80VAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHI1g8Y7MXu6T/JwtkMR7lKHOrmkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0hJMWc4WTdNWHU2VF9K
d3RrTVI3bEtIT3Jtay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAla7R1gD+JuPR6f2TGYDAZ0KaS7HrYTE5
XtzXiXC3WnTBSOtPvOH2ycND+kbXvwA1N5OS3Gy5UQ6lXkQZwK7MeJ+N+xtBZ9BT
PvTueqXh0gMZgJST+wBObEH/N5twy9vNhNBgAE4JDQ9iTiWaNhdbIRRaXbUettkP
/qdGY5i4XPRyAAMy9FNgvw8uuLnmkOzbI8Gh8yGKXTJAVxd8dd81zxNtYHfqVym4
oUOuHgctvROZX6NwSG6USL5jTAx5aWeForPPxoAHSjNCiwV4QZjVyrBSiyYfN3Dj
Kk3pxfgjiOjCuV8gTL/w4wTuoSjd/oTgetfcvASwcgZJnCTHYoNFOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:17 2024 by rpki-client on console-fra.rpki-client.org