Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Hhxer9eVjPXyKRF0mn3ZNVDQBjY.roa
File: Hhxer9eVjPXyKRF0mn3ZNVDQBjY.roa (raw, json)
Hash identifier: /qBgnuorgk5HRH0MJIVufEC3Gr2JiVIfeUkfCZNQxcM=
Subject key identifier: 1E:1C:5E:AF:D7:95:8C:F5:F2:29:11:74:9A:7D:D9:35:50:D0:06:36
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37B2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Hhxer9eVjPXyKRF0mn3ZNVDQBjY.roa
Signing time: Tue 02 Apr 2024 20:22:15 +0000
ROA not before: Tue 02 Apr 2024 20:22:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14258 (0x37b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 20:22:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1E1C5EAFD7958CF5F22911749A7DD93550D00636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6b:37:4d:69:48:68:17:cf:6e:8e:53:56:06:
11:dd:a6:94:99:78:0e:53:01:1b:8b:93:1a:48:8b:
be:bd:6a:ca:b5:0a:e4:f2:7a:f3:56:d3:b9:17:5e:
42:a6:11:ea:af:01:c8:79:d8:ba:a2:99:78:06:27:
f0:c8:f7:87:1b:a2:7e:01:8f:32:d5:64:13:16:58:
93:b1:57:6f:04:3c:2e:26:ef:7b:6a:fa:2a:7b:8c:
9a:95:88:f1:8f:ba:86:b7:53:7f:b9:bb:bb:7e:0f:
6d:e9:39:71:c8:f5:27:35:c7:b4:25:66:4f:74:de:
91:3f:ed:23:57:7f:21:46:c9:a1:ba:55:66:51:92:
4c:91:6b:27:e2:66:fd:82:a1:e2:41:45:f2:99:11:
3c:10:82:9c:ef:8b:21:d6:4f:43:ab:37:74:e4:f3:
65:8c:60:73:3d:4a:5b:b5:f8:15:4b:bc:43:9c:b3:
45:e4:41:ac:76:5c:c3:4a:fd:03:91:b7:63:89:ac:
3a:0e:88:de:9c:9c:58:4a:4b:89:7e:14:c2:58:34:
21:fa:bf:f4:fc:81:38:bb:1c:55:e9:c8:3a:28:ae:
db:ea:fd:5e:a1:12:f1:63:6f:0b:eb:c4:d7:c5:cf:
32:1c:ac:47:f6:ce:5b:37:e5:b9:20:10:50:90:cc:
c5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:1C:5E:AF:D7:95:8C:F5:F2:29:11:74:9A:7D:D9:35:50:D0:06:36
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Hhxer9eVjPXyKRF0mn3ZNVDQBjY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:a1:8c:ff:c8:1d:54:18:67:06:eb:38:5a:e8:e1:c9:10:88:
65:5c:a0:b4:af:e4:b9:ed:0c:3c:21:af:36:de:5f:98:e0:f0:
0f:de:51:d2:8d:77:43:7f:6f:36:17:d8:c3:1f:ca:43:f7:a5:
6a:3e:fa:45:34:96:d7:44:9c:38:bb:85:d9:d4:eb:29:40:1d:
7c:70:c2:66:0f:c5:75:65:fe:3f:98:ae:be:c6:cc:54:43:11:
93:da:04:60:29:77:69:2a:68:16:76:3b:11:78:9e:ba:57:5c:
41:82:03:f5:a3:19:4f:98:6f:b3:35:3d:04:75:f8:69:4f:f8:
36:3c:0a:08:f8:fc:69:10:a1:a2:1f:aa:48:45:b1:40:cd:9c:
e4:cb:32:15:e9:5f:50:ad:ac:ff:16:33:5e:56:28:67:d7:60:
b5:10:e7:45:03:5e:69:c4:75:99:4d:f4:87:72:5e:d8:2e:61:
5b:7a:8a:d8:e6:f2:63:c6:40:7c:07:1f:e8:2e:d1:53:bb:c4:
c4:5d:30:8b:42:ca:5a:a7:2b:a1:30:ba:1d:48:8a:71:45:2d:
1d:c9:c9:8c:83:4d:6f:f6:19:0b:df:f4:ee:01:78:99:39:f4:
47:50:c5:fa:92:44:33:85:69:83:1a:db:83:57:c2:81:32:59:
71:b4:ef:78
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICN7IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIy
MDIyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFFMUM1RUFGRDc5NThD
RjVGMjI5MTE3NDlBN0REOTM1NTBEMDA2MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmazdNaUhoF89ujlNWBhHdppSZeA5TARuLkxpIi769asq1CuTy
evNW07kXXkKmEeqvAch52LqimXgGJ/DI94cbon4BjzLVZBMWWJOxV28EPC4m73tq
+ip7jJqViPGPuoa3U3+5u7t+D23pOXHI9Sc1x7QlZk903pE/7SNXfyFGyaG6VWZR
kkyRayfiZv2CoeJBRfKZETwQgpzviyHWT0OrN3Tk82WMYHM9Slu1+BVLvEOcs0Xk
Qax2XMNK/QORt2OJrDoOiN6cnFhKS4l+FMJYNCH6v/T8gTi7HFXpyDoortvq/V6h
EvFjbwvrxNfFzzIcrEf2zls35bkgEFCQzMW5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHhxer9eVjPXyKRF0mn3ZNVDQBjYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0hoeGVyOWVWalBYeUtS
RjBtbjNaTlZEUUJqWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAkKGM/8gdVBhnBus4WujhyRCIZVygtK/k
ue0MPCGvNt5fmODwD95R0o13Q39vNhfYwx/KQ/elaj76RTSW10ScOLuF2dTrKUAd
fHDCZg/FdWX+P5iuvsbMVEMRk9oEYCl3aSpoFnY7EXieuldcQYID9aMZT5hvszU9
BHX4aU/4NjwKCPj8aRChoh+qSEWxQM2c5MsyFelfUK2s/xYzXlYoZ9dgtRDnRQNe
acR1mU30h3Je2C5hW3qK2ObyY8ZAfAcf6C7RU7vExF0wi0LKWqcroTC6HUiKcUUt
HcnJjINNb/YZC9/07gF4mTn0R1DF+pJEM4Vpgxrbg1fCgTJZcbTveA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:56 2025 by rpki-client