Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/HvwY2yXEJ8QMMvwtCYnENW0ShYM.roa
File: HvwY2yXEJ8QMMvwtCYnENW0ShYM.roa (raw, json)
Hash identifier: FI3y1WaoI5dqQdb04CCFXEICpGIdXkwmUbfnybNg3ow=
Subject key identifier: 1E:FC:18:DB:25:C4:27:C4:0C:32:FC:2D:09:89:C4:35:6D:12:85:83
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 48FE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HvwY2yXEJ8QMMvwtCYnENW0ShYM.roa
Signing time: Thu 25 Apr 2024 21:53:43 +0000
ROA not before: Thu 25 Apr 2024 21:53:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18686 (0x48fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 21:53:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1EFC18DB25C427C40C32FC2D0989C4356D128583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ea:48:15:69:dc:98:12:a5:20:98:29:cb:03:
b8:e3:8c:13:60:14:18:22:d3:42:f2:5e:61:67:40:
aa:13:ea:bf:ff:51:f4:9f:e2:ef:e5:02:1e:2f:d2:
c7:be:1a:ed:00:91:97:d0:76:9a:3c:72:5c:c2:a1:
1e:21:92:1b:35:84:62:2f:0c:30:87:73:a2:0e:98:
bb:25:aa:13:ff:4c:56:0b:e1:13:64:02:10:9c:59:
f4:d7:68:fa:5f:9f:a0:0a:d3:6c:de:63:d2:bd:1a:
c8:a0:0e:47:e5:d4:0a:6a:66:25:e9:5f:f1:ca:b8:
cd:11:29:f0:7e:4d:93:91:1e:6f:e5:51:77:8c:af:
74:51:e5:1c:23:ea:26:33:4c:b1:d1:cd:3a:82:6e:
9a:1e:c1:87:15:69:08:da:50:ff:22:20:63:1c:d2:
93:51:03:85:37:b0:f6:aa:d4:05:f6:6b:57:13:42:
95:25:9e:90:a5:b6:c3:af:b0:7c:7b:15:4c:0f:10:
1a:54:15:55:47:29:3e:e3:e2:05:a6:7b:5e:91:dc:
4f:c6:be:55:5c:86:23:86:67:31:8e:f6:ec:19:8a:
0e:d3:59:a9:ec:75:9b:95:ed:50:f7:23:de:3b:3e:
1c:43:50:bc:04:cb:18:5d:6b:33:48:8b:08:af:c3:
e9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FC:18:DB:25:C4:27:C4:0C:32:FC:2D:09:89:C4:35:6D:12:85:83
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HvwY2yXEJ8QMMvwtCYnENW0ShYM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:bf:f0:db:d1:84:d3:81:d7:ad:55:f4:a4:58:5d:17:01:ff:
f5:ea:f1:f3:14:1c:5e:c5:10:d8:e8:b2:1f:5b:fe:c4:be:e1:
9a:09:26:9b:4c:96:d6:4d:29:b5:91:b1:b6:bd:f4:07:2d:72:
93:1a:8b:ad:46:71:87:e1:be:40:8a:eb:28:b2:62:59:01:2d:
2e:0e:c2:b6:0b:66:ad:a1:a4:ad:0e:d7:eb:af:28:8f:6d:e0:
e8:48:1b:1f:23:42:ce:e4:89:fe:28:09:95:88:e6:3f:fb:55:
84:53:15:8c:84:21:2c:25:fc:9d:17:32:8e:87:ac:ad:99:10:
8d:0a:2c:46:f9:07:2d:da:ea:12:b8:fd:70:7c:17:ec:ad:c6:
32:f9:e5:06:9b:80:19:b9:49:b3:4e:ad:65:98:d8:e3:ef:76:
d2:ac:ec:2e:30:54:db:ab:10:8a:f6:44:84:79:ee:74:a7:6e:
81:97:c9:ab:71:7d:5e:14:09:be:52:e6:76:0d:00:62:44:13:
ae:d7:d4:43:f9:44:33:34:1c:83:be:07:4e:1a:b6:ee:88:9b:
39:43:a2:f5:da:3a:48:eb:df:dd:81:d0:4e:a2:9c:a2:7e:8c:
14:7b:85:9e:e5:6f:43:a8:b7:47:e8:79:eb:54:8f:f1:cb:49:
f3:a3:bd:7a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUy
MTUzNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFFRkMxOERCMjVDNDI3
QzQwQzMyRkMyRDA5ODlDNDM1NkQxMjg1ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDC6kgVadyYEqUgmCnLA7jjjBNgFBgi00LyXmFnQKoT6r//UfSf
4u/lAh4v0se+Gu0AkZfQdpo8clzCoR4hkhs1hGIvDDCHc6IOmLslqhP/TFYL4RNk
AhCcWfTXaPpfn6AK02zeY9K9GsigDkfl1ApqZiXpX/HKuM0RKfB+TZORHm/lUXeM
r3RR5Rwj6iYzTLHRzTqCbpoewYcVaQjaUP8iIGMc0pNRA4U3sPaq1AX2a1cTQpUl
npCltsOvsHx7FUwPEBpUFVVHKT7j4gWme16R3E/GvlVchiOGZzGO9uwZig7TWans
dZuV7VD3I947PhxDULwEyxhdazNIiwivw+nnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHvwY2yXEJ8QMMvwtCYnENW0ShYMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0h2d1kyeVhFSjhRTU12
d3RDWW5FTlcwU2hZTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAE7/w29GE04HXrVX0pFhdFwH/9erx8xQc
XsUQ2OiyH1v+xL7hmgkmm0yW1k0ptZGxtr30By1ykxqLrUZxh+G+QIrrKLJiWQEt
Lg7CtgtmraGkrQ7X668oj23g6EgbHyNCzuSJ/igJlYjmP/tVhFMVjIQhLCX8nRcy
joesrZkQjQosRvkHLdrqErj9cHwX7K3GMvnlBpuAGblJs06tZZjY4+920qzsLjBU
26sQivZEhHnudKdugZfJq3F9XhQJvlLmdg0AYkQTrtfUQ/lEMzQcg74HThq27oib
OUOi9do6SOvf3YHQTqKcon6MFHuFnuVvQ6i3R+h561SP8ctJ86O9eg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:17 2024 by rpki-client on console-fra.rpki-client.org