Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MHFjbwYe5Ws50cCqpRDnRDt9qSI.roa
File: MHFjbwYe5Ws50cCqpRDnRDt9qSI.roa (raw, json)
Hash identifier: GGHyHmgUWcSSTF5QD0qxKAY6vkdPEaN7DiVlMbHbxe0=
Subject key identifier: 30:71:63:6F:06:1E:E5:6B:39:D1:C0:AA:A5:10:E7:44:3B:7D:A9:22
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5546
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MHFjbwYe5Ws50cCqpRDnRDt9qSI.roa
Signing time: Sun 12 May 2024 06:54:12 +0000
ROA not before: Sun 12 May 2024 06:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21830 (0x5546)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 06:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3071636F061EE56B39D1C0AAA510E7443B7DA922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7f:7e:fd:b9:25:6c:d1:e2:f6:d5:7f:3d:de:
6f:9f:a7:ea:90:7c:4c:f3:45:53:70:70:53:11:97:
4a:db:16:0f:1e:11:93:ee:a4:5d:67:35:58:c8:33:
47:7a:ce:bb:2d:bd:03:76:a7:0b:ac:d2:5a:32:80:
d3:e3:65:d7:47:1d:ee:84:ef:d5:2d:42:d7:58:61:
26:2c:e3:d8:f5:f2:f7:86:fb:9e:76:a9:84:c3:9b:
4c:97:01:e4:0a:cc:13:66:4c:eb:3b:7f:3d:cf:ca:
2c:0d:ba:f1:09:b9:cf:45:0f:9d:6a:dc:0e:f8:a9:
04:ca:72:c4:b3:56:22:24:11:f0:51:fd:a7:db:09:
eb:b8:d8:06:08:46:b4:71:64:42:de:4b:11:e9:da:
ad:0c:cd:65:7a:49:ef:84:a8:65:25:75:41:ea:1a:
07:31:15:7c:0f:eb:55:52:08:08:71:30:33:b2:1f:
30:91:0b:c5:e9:42:2a:95:80:e3:55:7e:cb:46:9f:
4d:3e:19:c9:6e:14:c2:a2:2e:a1:75:89:9b:9f:2c:
fc:ad:ed:40:53:b7:af:77:f4:8b:88:59:8e:af:02:
ca:cd:df:fb:97:61:2c:5e:f7:fd:39:fa:1b:35:ce:
67:6e:c6:57:3c:39:4f:7f:bf:fe:30:8f:9e:e8:ec:
90:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:71:63:6F:06:1E:E5:6B:39:D1:C0:AA:A5:10:E7:44:3B:7D:A9:22
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MHFjbwYe5Ws50cCqpRDnRDt9qSI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:2d:8c:61:ba:e6:3e:43:0b:69:a3:dd:27:4e:88:84:71:05:
92:61:0c:25:95:33:e2:ce:ba:2f:b9:d4:92:da:ab:72:1f:8a:
81:60:fa:b4:86:8b:6a:34:20:19:5a:11:d5:5a:25:05:1e:1d:
73:dc:12:99:85:47:eb:e5:7f:70:34:a5:3d:ac:4e:1c:6e:61:
1a:12:fe:d0:de:3f:b3:dc:f7:22:cf:61:97:b8:1c:e4:cd:07:
62:4c:cc:b4:a0:e8:c2:c7:e5:68:2c:3f:ab:59:92:8a:98:e1:
fd:1e:bc:47:08:da:93:16:63:79:8d:7b:49:c0:12:b6:ea:e8:
2b:7a:b7:f1:7c:38:3a:d5:de:6d:c0:a2:97:e1:63:e8:e4:94:
3d:9f:b5:79:75:e5:bd:f9:24:8a:a8:68:59:4f:80:fd:92:2f:
f3:dc:06:38:13:3f:95:62:fe:b2:28:36:c6:c9:3a:fe:f6:95:
d4:aa:47:5f:26:35:52:5d:f6:9c:c0:87:6e:5f:03:9f:ea:83:
a4:a4:9b:43:bb:6e:d8:0e:10:cf:b2:ae:59:09:e6:8d:1a:1e:
eb:a6:2d:bb:e8:14:d0:e3:82:2d:7b:3e:08:dd:1b:87:3b:5a:
f7:c3:31:fd:02:b1:5c:08:50:26:6a:6d:ef:f7:63:13:8d:7c:
09:65:9d:e5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVUYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIw
NjU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMwNzE2MzZGMDYxRUU1
NkIzOUQxQzBBQUE1MTBFNzQ0M0I3REE5MjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmf379uSVs0eL21X893m+fp+qQfEzzRVNwcFMRl0rbFg8eEZPu
pF1nNVjIM0d6zrstvQN2pwus0loygNPjZddHHe6E79UtQtdYYSYs49j18veG+552
qYTDm0yXAeQKzBNmTOs7fz3PyiwNuvEJuc9FD51q3A74qQTKcsSzViIkEfBR/afb
Ceu42AYIRrRxZELeSxHp2q0MzWV6Se+EqGUldUHqGgcxFXwP61VSCAhxMDOyHzCR
C8XpQiqVgONVfstGn00+GcluFMKiLqF1iZufLPyt7UBTt6939IuIWY6vAsrN3/uX
YSxe9/05+hs1zmduxlc8OU9/v/4wj57o7JAPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUMHFjbwYe5Ws50cCqpRDnRDt9qSIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01IRmpid1llNVdzNTBj
Q3FwUkRuUkR0OXFTSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEARS2MYbrmPkMLaaPdJ06IhHEFkmEMJZUz
4s66L7nUktqrch+KgWD6tIaLajQgGVoR1VolBR4dc9wSmYVH6+V/cDSlPaxOHG5h
GhL+0N4/s9z3Is9hl7gc5M0HYkzMtKDowsflaCw/q1mSipjh/R68RwjakxZjeY17
ScASturoK3q38Xw4OtXebcCil+Fj6OSUPZ+1eXXlvfkkiqhoWU+A/ZIv89wGOBM/
lWL+sig2xsk6/vaV1KpHXyY1Ul32nMCHbl8Dn+qDpKSbQ7tu2A4Qz7KuWQnmjRoe
66Ytu+gU0OOCLXs+CN0bhzta98Mx/QKxXAhQJmpt7/djE418CWWd5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:20 2024 by rpki-client on console-fra.rpki-client.org