Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/HvLWjAHgAAWgt8anrkUwQPuTLRU.roa
File: HvLWjAHgAAWgt8anrkUwQPuTLRU.roa (raw, json)
Hash identifier: 0TSdIOxxW7xutnxLEzn4dgdu4n4jrlQu8sYcUFrBWIw=
Subject key identifier: 1E:F2:D6:8C:01:E0:00:05:A0:B7:C6:A7:AE:45:30:40:FB:93:2D:15
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 362E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HvLWjAHgAAWgt8anrkUwQPuTLRU.roa
Signing time: Sun 31 Mar 2024 19:52:09 +0000
ROA not before: Sun 31 Mar 2024 19:52:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13870 (0x362e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 19:52:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1EF2D68C01E00005A0B7C6A7AE453040FB932D15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:10:33:d5:32:6c:63:d1:cc:b3:61:a1:95:cd:
5c:74:e6:81:97:01:d3:d4:99:0f:e8:90:9c:cf:3f:
fb:25:6b:2c:d2:aa:32:c0:2c:26:b7:13:11:23:a4:
81:06:ca:84:f2:4b:35:cb:28:06:24:98:da:43:59:
15:68:e5:7f:33:24:b0:ec:b9:5b:2d:6b:cf:b7:c3:
f2:88:f8:b6:9b:2b:50:07:81:4b:3b:df:05:ab:b2:
29:b0:8b:80:a8:06:62:55:c6:c9:45:d0:9e:84:59:
5a:ed:59:4b:56:11:97:32:60:6f:a4:bd:89:52:c2:
97:05:29:30:de:d7:a9:e9:dc:e6:cc:44:89:ac:dd:
b5:36:c6:cb:1d:2b:d4:7c:f2:cf:26:0a:9f:2b:6f:
09:11:c6:fb:41:39:8a:45:7f:b0:c9:2e:7e:b3:f3:
9a:70:9b:02:8d:a7:16:8b:f9:11:c8:34:53:bd:9a:
99:53:d2:5e:52:ab:78:ad:d6:01:27:8d:c2:f2:e7:
80:30:3b:0c:4d:95:de:4f:01:1a:04:24:3d:5b:bd:
f8:3b:6a:ee:47:92:cd:d5:07:dc:d3:c9:ba:51:fa:
5d:01:e2:aa:98:36:2d:2b:ac:56:02:37:98:4d:0b:
76:f2:ec:73:45:97:31:77:b4:5f:d9:41:ad:1a:0e:
56:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F2:D6:8C:01:E0:00:05:A0:B7:C6:A7:AE:45:30:40:FB:93:2D:15
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HvLWjAHgAAWgt8anrkUwQPuTLRU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:7c:aa:8e:9e:bc:40:71:44:c3:b9:0c:1a:ca:60:0b:07:4e:
0e:d9:b5:72:d5:db:e0:97:9a:b8:6a:be:4f:54:33:cf:04:eb:
03:48:dc:8c:de:57:5a:cf:62:61:e7:e5:d1:08:08:a0:5d:8d:
fe:8a:c2:f8:ba:eb:ad:60:3b:a5:19:6d:72:03:1b:f2:c3:0d:
0a:64:d3:55:c8:f7:63:9c:5b:46:09:40:bb:f3:5f:51:63:6e:
81:5e:29:8b:25:93:57:28:76:48:60:69:e2:6e:d5:a8:da:48:
50:eb:57:37:1c:7f:fa:4f:c6:cc:47:7c:09:b9:2f:89:17:74:
1e:f4:be:dd:9a:9a:59:f8:7d:a9:e1:eb:48:4a:66:67:b6:5f:
31:ca:67:75:da:da:ff:2c:3e:5c:29:94:38:4f:8f:c7:63:7b:
3f:6c:5c:a0:07:5a:91:9b:b8:90:44:88:2d:67:12:e9:05:c8:
fd:d8:d7:43:04:c6:34:dd:86:7e:9e:f7:28:6c:9c:17:b3:46:
15:d7:c8:fb:35:a0:83:08:ae:e0:69:99:4e:27:9c:78:3e:a1:
5b:5f:dd:13:25:d5:65:a8:5c:4a:2a:fc:a3:33:8c:5d:1b:06:
09:57:52:ff:a1:20:76:b4:50:2e:7a:b3:2a:9e:01:84:18:66:
8d:1f:b2:7f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNi4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
OTUyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFFRjJENjhDMDFFMDAw
MDVBMEI3QzZBN0FFNDUzMDQwRkI5MzJEMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGEDPVMmxj0cyzYaGVzVx05oGXAdPUmQ/okJzPP/slayzSqjLA
LCa3ExEjpIEGyoTySzXLKAYkmNpDWRVo5X8zJLDsuVsta8+3w/KI+LabK1AHgUs7
3wWrsimwi4CoBmJVxslF0J6EWVrtWUtWEZcyYG+kvYlSwpcFKTDe16np3ObMRIms
3bU2xssdK9R88s8mCp8rbwkRxvtBOYpFf7DJLn6z85pwmwKNpxaL+RHINFO9mplT
0l5Sq3it1gEnjcLy54AwOwxNld5PARoEJD1bvfg7au5Hks3VB9zTybpR+l0B4qqY
Ni0rrFYCN5hNC3by7HNFlzF3tF/ZQa0aDlarAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHvLWjAHgAAWgt8anrkUwQPuTLRUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0h2TFdqQUhnQUFXZ3Q4
YW5ya1V3UVB1VExSVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAoHyqjp68QHFEw7kMGspgCwdODtm1ctXb
4JeauGq+T1QzzwTrA0jcjN5XWs9iYefl0QgIoF2N/orC+LrrrWA7pRltcgMb8sMN
CmTTVcj3Y5xbRglAu/NfUWNugV4piyWTVyh2SGBp4m7VqNpIUOtXNxx/+k/GzEd8
CbkviRd0HvS+3ZqaWfh9qeHrSEpmZ7ZfMcpnddra/yw+XCmUOE+Px2N7P2xcoAda
kZu4kESILWcS6QXI/djXQwTGNN2Gfp73KGycF7NGFdfI+zWggwiu4GmZTieceD6h
W1/dEyXVZahcSir8ozOMXRsGCVdS/6EgdrRQLnqzKp4BhBhmjR+yfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:17 2024 by rpki-client on console-fra.rpki-client.org