Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/IFhH4Hauo9WoMohnU8VW48Z6TuU.roa
File: IFhH4Hauo9WoMohnU8VW48Z6TuU.roa (raw, json)
Hash identifier: 0rjoI8Kky0fVge1au+rl6t1Beuqqc06Sh0hfWuNUDQ4=
Subject key identifier: 20:58:47:E0:76:AE:A3:D5:A8:32:88:67:53:C5:56:E3:C6:7A:4E:E5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B3A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IFhH4Hauo9WoMohnU8VW48Z6TuU.roa
Signing time: Sun 28 Apr 2024 21:23:30 +0000
ROA not before: Sun 28 Apr 2024 21:23:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19258 (0x4b3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 21:23:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=205847E076AEA3D5A832886753C556E3C67A4EE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d7:6f:2f:d9:63:41:85:75:03:32:c8:6a:9a:
fd:d0:da:5a:cb:a9:d8:24:67:e1:41:2a:63:ea:37:
a0:19:01:87:15:7e:83:17:db:42:10:cd:a2:69:6f:
71:43:b0:67:d4:0d:15:90:09:ec:eb:b4:11:81:3b:
59:4a:d9:38:d7:09:a6:56:6e:ea:2b:df:fa:9d:36:
81:41:fd:45:5b:d2:bf:b9:82:d9:44:8f:f0:7b:ba:
56:49:e5:f2:e8:5b:8d:4e:ac:93:2f:b0:af:53:09:
8b:a3:19:a9:58:28:10:58:b3:a5:70:72:a0:ca:71:
03:0d:c8:4c:51:cc:45:2a:8b:22:26:96:15:81:62:
3f:ec:4c:99:ab:1f:4e:e9:6a:9f:59:49:7c:f6:07:
3a:9f:bc:ec:d8:8d:e7:9e:cd:e2:f2:19:03:dd:f6:
33:0c:72:64:b4:92:95:17:d0:ea:90:67:2c:87:f2:
62:fa:eb:e8:fd:c5:59:07:df:1a:59:3d:e6:91:f7:
4f:49:78:76:5f:a8:75:e0:1e:99:f8:87:6f:94:9f:
64:ae:87:e0:69:d0:11:0f:39:f0:66:59:42:22:c1:
e9:15:e6:df:01:a1:79:2d:9e:3d:83:aa:ba:be:fa:
e8:ba:52:1f:b8:ab:34:4e:09:0e:62:1c:2d:bf:16:
db:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:58:47:E0:76:AE:A3:D5:A8:32:88:67:53:C5:56:E3:C6:7A:4E:E5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IFhH4Hauo9WoMohnU8VW48Z6TuU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:42:bc:19:7b:bb:0e:8d:26:f4:dd:5e:69:01:ad:a9:d1:f1:
82:fd:e1:04:44:2e:e8:a6:b5:48:16:2c:14:13:5c:d1:34:7e:
cd:a8:30:62:f2:50:0a:a8:33:41:b1:7a:98:ec:dd:25:eb:cc:
f9:1e:3f:36:db:46:ea:0b:fc:06:68:78:f6:96:25:08:0a:6a:
01:88:a5:9a:bf:d7:a9:0c:4d:3c:44:b8:01:72:24:da:2f:d2:
62:3b:cc:66:e4:ae:dd:53:c7:a6:40:a7:b6:28:d2:56:ed:b8:
03:38:28:2e:2d:b3:1d:9e:d6:e9:96:2f:de:21:75:d1:94:ca:
60:7a:2c:50:ed:bd:68:01:a8:26:8b:28:ee:36:3f:54:9b:2c:
71:f2:38:86:c7:e2:72:73:c6:1c:ab:bc:ec:c3:72:dd:7f:9b:
81:96:d7:26:3d:38:1d:33:c4:65:e6:f8:a0:49:98:9c:69:21:
82:f4:06:12:80:33:0f:17:c1:2f:79:f3:ca:a7:45:fc:31:f9:
e6:4d:85:12:4d:ce:e0:d1:c8:49:53:4f:f3:16:b8:f9:41:ad:
2d:03:b3:b1:18:b2:de:24:3d:a7:08:78:02:11:f2:44:a8:c5:
b4:16:00:af:09:4b:d7:34:28:96:4b:03:5b:bf:64:00:a1:f7:
1f:65:61:3e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSzowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgy
MTIzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIwNTg0N0UwNzZBRUEz
RDVBODMyODg2NzUzQzU1NkUzQzY3QTRFRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm128v2WNBhXUDMshqmv3Q2lrLqdgkZ+FBKmPqN6AZAYcVfoMX
20IQzaJpb3FDsGfUDRWQCezrtBGBO1lK2TjXCaZWbuor3/qdNoFB/UVb0r+5gtlE
j/B7ulZJ5fLoW41OrJMvsK9TCYujGalYKBBYs6VwcqDKcQMNyExRzEUqiyImlhWB
Yj/sTJmrH07pap9ZSXz2BzqfvOzYjeeezeLyGQPd9jMMcmS0kpUX0OqQZyyH8mL6
6+j9xVkH3xpZPeaR909JeHZfqHXgHpn4h2+Un2Suh+Bp0BEPOfBmWUIiwekV5t8B
oXktnj2Dqrq++ui6Uh+4qzROCQ5iHC2/Fts5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUIFhH4Hauo9WoMohnU8VW48Z6TuUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0lGaEg0SGF1bzlXb01v
aG5VOFZXNDhaNlR1VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAn0K8GXu7Do0m9N1eaQGtqdHxgv3hBEQu
6Ka1SBYsFBNc0TR+zagwYvJQCqgzQbF6mOzdJevM+R4/NttG6gv8Bmh49pYlCApq
AYilmr/XqQxNPES4AXIk2i/SYjvMZuSu3VPHpkCntijSVu24AzgoLi2zHZ7W6ZYv
3iF10ZTKYHosUO29aAGoJoso7jY/VJsscfI4hsficnPGHKu87MNy3X+bgZbXJj04
HTPEZeb4oEmYnGkhgvQGEoAzDxfBL3nzyqdF/DH55k2FEk3O4NHISVNP8xa4+UGt
LQOzsRiy3iQ9pwh4AhHyRKjFtBYArwlL1zQolksDW79kAKH3H2VhPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:17 2024 by rpki-client on console-fra.rpki-client.org