Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OA5BwjGvVbcYlTUG8wwDvybEiQo.roa
File: OA5BwjGvVbcYlTUG8wwDvybEiQo.roa (raw, json)
Hash identifier: ERLFOJuQwMYXTbvigGKrRGOM76FrUlnn/ip1llC7NM0=
Subject key identifier: 38:0E:41:C2:31:AF:55:B7:18:95:35:06:F3:0C:03:BF:26:C4:89:0A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 522E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OA5BwjGvVbcYlTUG8wwDvybEiQo.roa
Signing time: Wed 08 May 2024 03:53:56 +0000
ROA not before: Wed 08 May 2024 03:53:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21038 (0x522e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 03:53:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=380E41C231AF55B718953506F30C03BF26C4890A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4c:a1:4e:b9:e4:a1:61:98:81:95:70:c3:c4:
80:89:13:05:25:2f:d0:f4:7f:e6:56:81:99:3f:f7:
51:7b:61:1a:09:f4:37:47:ed:24:cf:af:9b:7a:6f:
ee:45:dd:f0:47:62:8a:f6:64:71:4f:ac:5f:b7:70:
b5:17:59:ef:a3:8f:9e:42:03:71:f6:b5:ce:05:b3:
47:f1:91:35:d9:d1:83:3a:58:cf:40:94:94:91:dc:
a0:0e:f8:f3:97:f1:12:5f:e3:a3:b2:75:fb:41:93:
f3:68:10:f3:c3:10:0b:30:35:fc:7b:b9:bb:62:97:
05:5a:be:32:0c:db:fe:c9:b5:2d:f2:ea:c9:71:1e:
41:0f:9b:b7:d9:91:0f:20:fe:a4:9e:ba:eb:48:44:
cd:b5:e1:43:8e:ac:5b:d3:ea:6c:dc:c3:e6:98:6a:
21:01:ef:ab:29:16:8d:1c:fa:56:24:6b:18:42:73:
05:7d:81:a7:02:c8:b5:cc:c3:ed:66:df:62:7b:67:
e0:bb:7f:88:5e:cc:d5:16:7f:ed:49:89:f7:3e:02:
8d:cd:a2:f6:a0:77:7e:62:33:c0:c8:e1:10:40:44:
f1:fb:e9:df:15:35:cf:ef:d4:9a:f5:e9:56:5f:a5:
f0:2c:a4:04:36:95:04:c0:47:99:12:0e:2a:52:cc:
b9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0E:41:C2:31:AF:55:B7:18:95:35:06:F3:0C:03:BF:26:C4:89:0A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OA5BwjGvVbcYlTUG8wwDvybEiQo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:d1:66:bc:c6:15:d3:c4:87:e8:2c:fe:1c:1c:23:57:4d:d4:
d3:c4:21:85:f4:59:27:0b:71:88:18:d4:24:a1:f6:6e:4e:f0:
ad:62:37:7d:ae:a5:38:bc:2a:d9:0a:61:b4:dd:a0:1b:82:d0:
16:1e:9e:d6:9c:37:1c:23:f2:10:6a:07:d7:41:b9:c0:aa:af:
56:08:0b:8a:68:ad:61:34:b6:55:e3:69:f2:e2:d8:8f:b0:c7:
f3:52:56:ab:41:dd:e5:31:d3:f0:85:7a:8e:c4:9d:83:68:a6:
e0:04:b3:45:e5:e5:38:a4:36:c0:a3:77:03:6d:0f:60:2d:2c:
51:f1:06:09:eb:31:6e:91:76:ee:86:be:1b:64:61:d2:6f:ad:
45:1f:4f:0a:3e:f6:00:db:06:42:b7:83:a9:59:dc:14:e7:07:
32:1a:b5:23:72:b1:50:1c:c9:aa:f3:38:30:c2:63:df:34:94:
60:eb:7e:c4:69:ce:5f:28:82:73:66:2d:69:50:d7:a4:4e:61:
31:a6:3a:c2:ee:72:3b:7f:1f:ca:0b:13:b2:66:fd:a0:b6:36:
ac:9e:0d:31:9e:35:12:97:1c:8d:5b:e2:92:10:d8:8d:28:21:
7f:ed:30:00:74:7a:cd:3b:3e:65:0f:86:56:e2:e3:99:6b:b4:
7f:28:8c:3c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUi4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw
MzUzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM4MEU0MUMyMzFBRjU1
QjcxODk1MzUwNkYzMEMwM0JGMjZDNDg5MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChTKFOueShYZiBlXDDxICJEwUlL9D0f+ZWgZk/91F7YRoJ9DdH
7STPr5t6b+5F3fBHYor2ZHFPrF+3cLUXWe+jj55CA3H2tc4Fs0fxkTXZ0YM6WM9A
lJSR3KAO+POX8RJf46OydftBk/NoEPPDEAswNfx7ubtilwVavjIM2/7JtS3y6slx
HkEPm7fZkQ8g/qSeuutIRM214UOOrFvT6mzcw+aYaiEB76spFo0c+lYkaxhCcwV9
gacCyLXMw+1m32J7Z+C7f4hezNUWf+1Jifc+Ao3Novagd35iM8DI4RBARPH76d8V
Nc/v1Jr16VZfpfAspAQ2lQTAR5kSDipSzLlpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUOA5BwjGvVbcYlTUG8wwDvybEiQowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09BNUJ3akd2VmJjWWxU
VUc4d3dEdnliRWlRby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAfNFmvMYV08SH6Cz+HBwjV03U08QhhfRZ
JwtxiBjUJKH2bk7wrWI3fa6lOLwq2QphtN2gG4LQFh6e1pw3HCPyEGoH10G5wKqv
VggLimitYTS2VeNp8uLYj7DH81JWq0Hd5THT8IV6jsSdg2im4ASzReXlOKQ2wKN3
A20PYC0sUfEGCesxbpF27oa+G2Rh0m+tRR9PCj72ANsGQreDqVncFOcHMhq1I3Kx
UBzJqvM4MMJj3zSUYOt+xGnOXyiCc2YtaVDXpE5hMaY6wu5yO38fygsTsmb9oLY2
rJ4NMZ41EpccjVvikhDYjSghf+0wAHR6zTs+ZQ+GVuLjmWu0fyiMPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:36 2024 by rpki-client on console-ams.rpki-client.org