Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MN65UIMA7R5nx7v_OVcG6xqrdgE.roa
File: MN65UIMA7R5nx7v_OVcG6xqrdgE.roa (raw, json)
Hash identifier: 0H5wQkVUisxZFAu3TnYOIUANbGteGIIdUY0QbebiZRo=
Subject key identifier: 30:DE:B9:50:83:00:ED:1E:67:C7:BB:FF:39:57:06:EB:1A:AB:76:01
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 52F2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MN65UIMA7R5nx7v_OVcG6xqrdgE.roa
Signing time: Thu 09 May 2024 04:24:01 +0000
ROA not before: Thu 09 May 2024 04:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21234 (0x52f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 04:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=30DEB9508300ED1E67C7BBFF395706EB1AAB7601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b7:b0:2f:85:99:e9:99:cb:8a:96:bb:9c:f7:
a3:07:24:53:d8:08:d4:24:84:e0:3a:ca:44:8e:49:
f7:a4:eb:25:13:f1:a5:16:de:35:27:4a:22:52:8f:
9a:f4:af:82:db:dd:d4:17:37:03:16:a5:80:91:bc:
11:65:6b:0f:62:9f:25:7b:6d:b3:3e:b0:97:64:e8:
98:39:c9:c7:79:7d:a9:2a:a8:d1:64:32:69:1c:f7:
04:7f:bf:1a:b0:fa:e5:d2:12:c9:13:cb:5f:1c:93:
41:10:0e:7c:bc:ac:69:13:7e:d3:3b:fc:ce:88:f4:
2a:32:7f:fb:54:00:7d:ea:ce:f4:86:9d:70:34:96:
7a:73:ca:d0:30:d4:9d:20:d9:37:9a:04:bf:ab:4e:
7e:ea:f0:f2:f1:d3:9e:b6:75:81:4c:e9:aa:e9:1f:
70:66:af:41:9c:08:41:ed:da:f7:d6:28:3a:e0:45:
fa:56:10:1a:65:a7:4a:b2:a0:ec:71:15:f8:16:33:
f3:ae:97:da:6b:9f:1b:c9:ba:3c:ef:de:a5:ae:44:
75:00:ba:59:5d:d4:84:92:68:c2:24:fe:97:ab:04:
c7:52:7c:26:b5:5e:64:af:03:93:2a:95:08:4c:b1:
8a:b2:5e:ea:6d:ff:c7:d8:ed:37:7a:31:25:bf:46:
59:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:DE:B9:50:83:00:ED:1E:67:C7:BB:FF:39:57:06:EB:1A:AB:76:01
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MN65UIMA7R5nx7v_OVcG6xqrdgE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:d7:14:95:3e:03:42:d7:23:e7:d7:9b:e0:96:bf:65:18:4d:
0a:93:36:19:63:9e:d1:26:61:22:bc:ab:d9:c1:e4:4c:81:ad:
03:78:40:79:37:7e:e0:9e:13:04:13:96:f1:d9:f9:84:43:79:
7e:9d:e0:f0:f6:a4:7a:06:07:3d:53:f3:75:5c:c2:58:fc:b8:
7b:46:bc:ae:96:d6:89:26:14:85:b2:9d:17:38:cf:7b:ce:29:
c6:09:4e:8c:19:55:8e:98:be:ff:a0:c9:72:3e:5d:78:a3:10:
9f:67:8d:bb:80:e2:73:fe:12:a7:a1:44:86:9f:3b:7f:7f:e5:
97:da:93:43:f0:7e:52:69:5f:de:36:e0:29:2a:b6:42:00:a4:
a2:12:0b:2e:7f:77:d2:3f:79:57:ba:90:9a:0b:50:99:42:f2:
b9:c0:78:a8:88:30:9b:7e:e2:b0:b6:c7:6c:9c:f4:91:4d:67:
ef:1c:23:a4:d6:e2:2c:ec:81:ee:5a:e5:7e:79:1e:38:2e:a9:
93:31:4f:ec:52:39:68:04:5f:32:f8:8e:67:58:c8:c7:92:ab:
76:e7:15:65:26:df:4b:52:90:58:81:94:d2:8b:ea:a8:91:37:
15:9c:fe:bf:53:f0:95:86:b1:4e:63:ed:aa:ef:f4:e5:80:0a:
b0:30:d3:b3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUvIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkw
NDI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMwREVCOTUwODMwMEVE
MUU2N0M3QkJGRjM5NTcwNkVCMUFBQjc2MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4t7AvhZnpmcuKlruc96MHJFPYCNQkhOA6ykSOSfek6yUT8aUW
3jUnSiJSj5r0r4Lb3dQXNwMWpYCRvBFlaw9inyV7bbM+sJdk6Jg5ycd5fakqqNFk
Mmkc9wR/vxqw+uXSEskTy18ck0EQDny8rGkTftM7/M6I9Coyf/tUAH3qzvSGnXA0
lnpzytAw1J0g2TeaBL+rTn7q8PLx0562dYFM6arpH3Bmr0GcCEHt2vfWKDrgRfpW
EBplp0qyoOxxFfgWM/Oul9prnxvJujzv3qWuRHUAulld1ISSaMIk/perBMdSfCa1
XmSvA5MqlQhMsYqyXupt/8fY7Td6MSW/RlkzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUMN65UIMA7R5nx7v/OVcG6xqrdgEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01ONjVVSU1BN1I1bng3
dl9PVmNHNnhxcmRnRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAXNcUlT4DQtcj59eb4Ja/ZRhNCpM2GWOe
0SZhIryr2cHkTIGtA3hAeTd+4J4TBBOW8dn5hEN5fp3g8PakegYHPVPzdVzCWPy4
e0a8rpbWiSYUhbKdFzjPe84pxglOjBlVjpi+/6DJcj5deKMQn2eNu4Dic/4Sp6FE
hp87f3/ll9qTQ/B+Umlf3jbgKSq2QgCkohILLn930j95V7qQmgtQmULyucB4qIgw
m37isLbHbJz0kU1n7xwjpNbiLOyB7lrlfnkeOC6pkzFP7FI5aARfMviOZ1jIx5Kr
ducVZSbfS1KQWIGU0ovqqJE3FZz+v1PwlYaxTmPtqu/05YAKsDDTsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:34 2024 by rpki-client on console-ams.rpki-client.org