Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/HgsgaaQwhkuUY6fMKJlZN1O7AHA.roa
File: HgsgaaQwhkuUY6fMKJlZN1O7AHA.roa (raw, json)
Hash identifier: y7GDFZD1/fCX8oZdoK21jxGkwP6vpamTh+oY48LdM4g=
Subject key identifier: 1E:0B:20:69:A4:30:86:4B:94:63:A7:CC:28:99:59:37:53:BB:00:70
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34CA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HgsgaaQwhkuUY6fMKJlZN1O7AHA.roa
Signing time: Fri 29 Mar 2024 23:22:07 +0000
ROA not before: Fri 29 Mar 2024 23:22:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13514 (0x34ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 23:22:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1E0B2069A430864B9463A7CC2899593753BB0070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6a:5b:a6:22:b8:ed:26:c8:3b:64:b0:1d:8f:
c3:37:d9:a9:73:db:91:53:12:ce:4d:19:88:81:18:
9e:04:b9:88:da:83:be:1e:78:fc:98:84:0e:76:92:
d4:76:51:24:44:f9:00:7d:9e:06:76:10:4f:a2:a0:
6e:46:39:b9:94:fe:ae:dd:72:0d:8a:9f:58:e5:78:
12:3e:48:93:f4:50:33:cc:e3:bd:ab:55:f7:0c:9a:
e3:1c:3b:f8:65:de:61:8b:3e:2f:60:e8:6f:21:03:
86:ae:c7:a7:e2:70:d2:33:bb:ee:63:ec:f7:4f:26:
27:5d:29:ce:75:10:61:b1:a1:97:11:b5:7c:9d:c7:
4a:95:90:28:61:f0:46:29:b2:9c:b6:73:c0:d1:ff:
aa:31:cf:ec:6a:84:ba:18:33:95:67:0b:5e:c1:d7:
7b:5a:cf:08:a1:92:93:6a:9d:39:00:62:94:70:fa:
28:18:3d:7e:1b:de:d7:1f:c2:04:ad:82:cd:1d:de:
2f:d2:25:c2:57:4b:82:2e:dc:cc:87:f9:bd:ce:99:
dd:26:8b:34:24:f8:29:f1:ac:57:18:d4:08:0b:d1:
ec:58:3a:a0:1e:55:6e:2c:ac:69:f7:ac:37:ff:ed:
15:cc:bc:85:fc:6b:78:22:a2:f5:e1:ff:58:d7:a5:
5d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:0B:20:69:A4:30:86:4B:94:63:A7:CC:28:99:59:37:53:BB:00:70
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HgsgaaQwhkuUY6fMKJlZN1O7AHA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:c7:5a:ba:7e:ea:5b:54:5e:45:b7:36:80:c9:03:44:15:e0:
7f:8d:47:f8:b9:fd:d2:5d:77:9c:45:fc:31:8b:a7:d1:a8:d7:
13:76:2c:cf:bb:c5:12:50:20:6e:38:30:9c:22:d4:19:e6:e3:
e5:46:35:d0:8f:e2:4f:ef:ff:81:bb:62:31:5c:91:5e:e4:82:
f0:a0:5c:a4:ca:8c:34:4b:31:98:f7:d5:78:a1:91:d4:6b:b5:
1c:35:04:ab:26:29:7f:f2:0c:e3:ed:72:eb:a1:03:f4:ea:ba:
df:20:e7:4d:8e:88:23:61:3c:e2:cd:61:cd:41:e6:15:4d:ad:
3d:e9:35:8b:06:25:c4:66:6d:57:18:1f:86:0e:26:5d:f4:3c:
e8:c5:dd:32:d9:4a:e3:09:44:cb:ad:6e:a3:49:7f:3e:8b:27:
93:9b:57:68:fb:14:0c:f7:4f:3c:5f:c9:ff:c8:ff:c3:69:a6:
1b:cc:d9:12:c6:75:e2:64:7d:d1:a3:0f:4a:77:87:a4:5e:8c:
8e:b3:29:03:6c:07:91:74:d6:86:86:d9:98:88:80:71:97:74:
94:1c:c3:68:14:58:a2:98:04:77:94:eb:60:43:c0:d5:8e:98:
aa:26:b9:e9:f4:2a:ee:30:ea:b8:06:7d:70:44:f8:9f:4b:95:
90:10:29:0a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNMowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjky
MzIyMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFFMEIyMDY5QTQzMDg2
NEI5NDYzQTdDQzI4OTk1OTM3NTNCQjAwNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkalumIrjtJsg7ZLAdj8M32alz25FTEs5NGYiBGJ4EuYjag74e
ePyYhA52ktR2USRE+QB9ngZ2EE+ioG5GObmU/q7dcg2Kn1jleBI+SJP0UDPM472r
VfcMmuMcO/hl3mGLPi9g6G8hA4aux6ficNIzu+5j7PdPJiddKc51EGGxoZcRtXyd
x0qVkChh8EYpspy2c8DR/6oxz+xqhLoYM5VnC17B13tazwihkpNqnTkAYpRw+igY
PX4b3tcfwgStgs0d3i/SJcJXS4Iu3MyH+b3Omd0mizQk+CnxrFcY1AgL0exYOqAe
VW4srGn3rDf/7RXMvIX8a3giovXh/1jXpV3LAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHgsgaaQwhkuUY6fMKJlZN1O7AHAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0hnc2dhYVF3aGt1VVk2
Zk1LSmxaTjFPN0FIQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAjsdaun7qW1ReRbc2gMkDRBXgf41H+Ln9
0l13nEX8MYun0ajXE3Ysz7vFElAgbjgwnCLUGebj5UY10I/iT+//gbtiMVyRXuSC
8KBcpMqMNEsxmPfVeKGR1Gu1HDUEqyYpf/IM4+1y66ED9Oq63yDnTY6II2E84s1h
zUHmFU2tPek1iwYlxGZtVxgfhg4mXfQ86MXdMtlK4wlEy61uo0l/Posnk5tXaPsU
DPdPPF/J/8j/w2mmG8zZEsZ14mR90aMPSneHpF6MjrMpA2wHkXTWhobZmIiAcZd0
lBzDaBRYopgEd5TrYEPA1Y6Yqia56fQq7jDquAZ9cET4n0uVkBApCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:17 2024 by rpki-client on console-fra.rpki-client.org