Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/HLxdXTzHrD964WzPv0_YtrXrj_U.roa
File: HLxdXTzHrD964WzPv0_YtrXrj_U.roa (raw, json)
Hash identifier: zjPd8u6f4tPn/N8mRaT/GGduwCy/bvXA6ulUSxple2M=
Subject key identifier: 1C:BC:5D:5D:3C:C7:AC:3F:7A:E1:6C:CF:BF:4F:D8:B6:B5:EB:8F:F5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5596
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HLxdXTzHrD964WzPv0_YtrXrj_U.roa
Signing time: Sun 12 May 2024 16:54:13 +0000
ROA not before: Sun 12 May 2024 16:54:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21910 (0x5596)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 16:54:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1CBC5D5D3CC7AC3F7AE16CCFBF4FD8B6B5EB8FF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e9:e8:d7:ba:be:79:58:c3:e1:12:a1:17:9e:
85:6c:f0:70:a1:fc:eb:a4:cc:6b:cb:51:08:8e:8d:
04:4c:3f:36:18:f4:de:bc:4d:52:a7:33:a4:dc:0a:
a0:fd:4f:c2:d8:19:b6:fe:41:d9:36:c1:ff:ad:db:
a6:6d:89:ae:74:c2:b3:84:34:cc:07:32:f2:d1:6a:
1f:18:0d:6d:6c:a1:d3:7b:45:99:bc:ed:c8:af:52:
92:40:ed:21:ad:a4:1c:94:08:e8:da:da:3a:c4:7c:
71:51:74:c5:87:72:77:d1:fe:5a:0d:b5:3f:93:31:
f9:9f:6b:b8:e7:81:97:d4:1f:7d:ad:f2:3e:25:20:
cd:91:08:0a:b7:3e:70:3d:a9:a4:d3:4c:6a:bf:a3:
a6:65:52:b5:0a:70:f5:48:79:94:6c:96:2c:50:9d:
83:fe:43:fc:f6:8a:00:d6:75:1b:85:41:0f:3b:07:
75:9c:bc:66:3f:ee:fb:f2:6f:b5:9b:64:31:c2:5a:
d2:d2:53:d3:79:97:74:6b:b6:38:95:37:84:b8:ee:
12:ae:47:de:89:b7:39:d6:5a:a8:a7:37:80:fb:6f:
8e:a0:fd:ce:46:f9:08:37:36:78:1f:4d:09:42:48:
94:81:80:6f:38:32:58:db:33:5b:54:07:6c:96:9e:
c0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BC:5D:5D:3C:C7:AC:3F:7A:E1:6C:CF:BF:4F:D8:B6:B5:EB:8F:F5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HLxdXTzHrD964WzPv0_YtrXrj_U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:03:0d:08:4d:cf:5c:b6:aa:0d:46:a1:2a:f1:8b:10:91:a5:
a1:9c:e7:0d:80:5c:b3:36:2e:ed:d5:58:3c:6b:1d:09:0b:84:
48:df:e1:52:21:ed:ca:c5:03:81:60:58:9e:39:23:18:94:73:
83:16:b8:fb:e6:45:25:bc:27:02:d0:e9:e9:90:5b:f1:90:38:
2c:6f:ee:13:91:63:1d:c0:3a:c3:c0:0a:e8:87:47:22:c2:50:
57:30:33:48:94:4f:2d:84:45:53:3c:01:82:da:f0:02:0c:d3:
c0:ea:71:76:50:bd:d5:4f:2a:2d:32:53:16:a4:dd:30:1e:13:
d0:d4:e2:e8:1e:a0:c5:4a:fa:10:8b:b8:3b:2f:79:6b:d1:46:
57:5c:b0:39:dc:14:35:09:21:45:e7:4d:2a:46:70:b7:54:6e:
ba:68:17:55:49:92:6c:34:1c:a8:5a:d8:0a:a8:33:41:2e:5e:
03:c9:e7:9f:72:cd:e1:4a:ab:d5:c4:b6:81:2b:cf:e8:df:15:
83:74:38:0c:79:18:54:d6:ed:27:59:00:86:e5:8f:51:bf:b9:
3e:6f:d8:35:64:7f:dc:06:c6:29:43:9d:a7:50:2b:f7:a9:cb:
e2:f2:55:31:09:9e:f9:f0:b0:b7:cf:7e:01:e4:df:25:57:8a:
40:b7:4b:60
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIx
NjU0MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFDQkM1RDVEM0NDN0FD
M0Y3QUUxNkNDRkJGNEZEOEI2QjVFQjhGRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDV6ejXur55WMPhEqEXnoVs8HCh/OukzGvLUQiOjQRMPzYY9N68
TVKnM6TcCqD9T8LYGbb+Qdk2wf+t26Ztia50wrOENMwHMvLRah8YDW1sodN7RZm8
7civUpJA7SGtpByUCOja2jrEfHFRdMWHcnfR/loNtT+TMfmfa7jngZfUH32t8j4l
IM2RCAq3PnA9qaTTTGq/o6ZlUrUKcPVIeZRslixQnYP+Q/z2igDWdRuFQQ87B3Wc
vGY/7vvyb7WbZDHCWtLSU9N5l3RrtjiVN4S47hKuR96JtznWWqinN4D7b46g/c5G
+Qg3NngfTQlCSJSBgG84MljbM1tUB2yWnsDlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHLxdXTzHrD964WzPv0/YtrXrj/UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0hMeGRYVHpIckQ5NjRX
elB2MF9ZdHJYcmpfVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAGAMNCE3PXLaqDUahKvGLEJGloZznDYBc
szYu7dVYPGsdCQuESN/hUiHtysUDgWBYnjkjGJRzgxa4++ZFJbwnAtDp6ZBb8ZA4
LG/uE5FjHcA6w8AK6IdHIsJQVzAzSJRPLYRFUzwBgtrwAgzTwOpxdlC91U8qLTJT
FqTdMB4T0NTi6B6gxUr6EIu4Oy95a9FGV1ywOdwUNQkhRedNKkZwt1RuumgXVUmS
bDQcqFrYCqgzQS5eA8nnn3LN4Uqr1cS2gSvP6N8Vg3Q4DHkYVNbtJ1kAhuWPUb+5
Pm/YNWR/3AbGKUOdp1Ar96nL4vJVMQme+fCwt89+AeTfJVeKQLdLYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:17 2024 by rpki-client on console-fra.rpki-client.org