Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OXAxPeAdZjZFtqbuI1L4jc_k5yE.roa
File: OXAxPeAdZjZFtqbuI1L4jc_k5yE.roa (raw, json)
Hash identifier: MsIn/GE2/Bl2qeVfA34EhmBCF/BzsgarYrGQjdPTPgQ=
Subject key identifier: 39:70:31:3D:E0:1D:66:36:45:B6:A6:EE:23:52:F8:8D:CF:E4:E7:21
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 2C5A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OXAxPeAdZjZFtqbuI1L4jc_k5yE.roa
Signing time: Wed 24 May 2023 03:54:12 +0000
ROA not before: Wed 24 May 2023 03:54:12 +0000
ROA not after: Sat 17 Feb 2024 02:46:59 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11354 (0x2c5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 24 03:54:12 2023 GMT
Not After : Feb 17 02:46:59 2024 GMT
Subject: CN=3970313DE01D663645B6A6EE2352F88DCFE4E721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:11:28:a4:77:cd:a6:1b:78:ce:15:28:d9:d6:
e2:01:4d:0e:6a:89:2e:5d:93:ac:c4:eb:94:e9:69:
e2:87:62:e5:75:8a:5a:7a:ee:46:3e:78:86:e5:e2:
b8:68:c8:4b:18:2b:69:b9:83:48:b3:fe:69:ce:51:
52:92:ed:85:99:ee:76:dc:96:b3:43:3c:4e:51:58:
a3:30:21:f9:20:49:87:33:3e:d3:08:c2:34:39:dd:
79:fe:94:8e:5e:da:ac:57:8b:0c:4d:82:1e:82:88:
78:40:c4:bb:df:04:f6:4f:a2:52:aa:44:01:bb:aa:
ce:af:9f:9d:6a:b7:89:e6:fd:ce:aa:8e:ab:77:06:
79:2e:f0:c4:e9:c7:90:c7:1f:20:4d:2c:cd:81:14:
ae:e1:db:04:3f:51:fb:4d:e7:48:2d:2a:b2:32:f3:
52:ee:f2:ba:e1:34:82:d2:00:96:04:0f:01:89:c2:
58:00:44:13:83:54:50:83:dd:9f:28:f6:d8:50:86:
4c:d2:32:8d:26:a7:d1:d0:ca:48:97:83:ed:3e:37:
f8:24:11:6e:ea:89:d8:27:45:42:1a:cb:ff:89:e8:
8f:79:9f:cf:17:14:5c:22:f2:1b:aa:09:08:26:3d:
0d:ad:04:53:50:60:de:74:81:87:c8:bd:58:40:f7:
89:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:70:31:3D:E0:1D:66:36:45:B6:A6:EE:23:52:F8:8D:CF:E4:E7:21
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OXAxPeAdZjZFtqbuI1L4jc_k5yE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:5b:ce:9b:7a:29:c2:53:b0:2f:8d:5d:4d:57:34:2c:cc:ba:
27:0a:81:8c:71:52:35:a6:41:ac:42:b0:a6:a0:af:4c:44:34:
7c:94:ed:39:9d:06:5b:cb:f5:e4:c3:d4:33:55:4c:be:77:f2:
76:f4:da:0e:47:7a:5a:e6:79:44:43:63:e6:78:1d:df:ab:ec:
37:9d:81:b6:10:c4:e1:46:7d:24:aa:18:88:51:52:6f:d3:46:
36:86:f0:a5:03:76:1c:16:f4:b1:a7:90:07:af:2d:f8:e0:73:
c8:00:96:8c:e9:48:e2:40:9e:ca:43:c9:97:32:f1:f4:d3:6e:
e0:e8:c2:44:07:8c:39:54:b5:dc:e5:e7:2e:bb:52:f9:d1:9d:
d6:aa:93:61:38:26:c7:45:3a:2a:c2:7c:86:d2:cc:0f:cd:5f:
e5:52:ef:7a:58:5d:ec:30:80:64:53:29:05:e7:03:e5:fe:37:
ad:d9:f7:b6:ae:e2:c8:94:f4:f2:26:d5:2e:b5:d9:92:bd:b7:
f9:11:70:e9:0a:90:fa:79:9d:61:21:4f:e4:c7:d7:4e:8d:84:
cd:d9:6e:fe:bf:55:33:25:f3:b1:8d:b0:95:a9:de:82:52:a1:
31:53:e5:a8:84:39:36:35:46:59:21:20:f3:af:e3:c6:53:8a:
0b:59:67:72
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICLFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yMzA1MjQw
MzU0MTJaFw0yNDAyMTcwMjQ2NTlaMDMxMTAvBgNVBAMTKDM5NzAzMTNERTAxRDY2
MzY0NUI2QTZFRTIzNTJGODhEQ0ZFNEU3MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBESikd82mG3jOFSjZ1uIBTQ5qiS5dk6zE65TpaeKHYuV1ilp6
7kY+eIbl4rhoyEsYK2m5g0iz/mnOUVKS7YWZ7nbclrNDPE5RWKMwIfkgSYczPtMI
wjQ53Xn+lI5e2qxXiwxNgh6CiHhAxLvfBPZPolKqRAG7qs6vn51qt4nm/c6qjqt3
Bnku8MTpx5DHHyBNLM2BFK7h2wQ/UftN50gtKrIy81Lu8rrhNILSAJYEDwGJwlgA
RBODVFCD3Z8o9thQhkzSMo0mp9HQykiXg+0+N/gkEW7qidgnRUIay/+J6I95n88X
FFwi8huqCQgmPQ2tBFNQYN50gYfIvVhA94kNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUOXAxPeAdZjZFtqbuI1L4jc/k5yEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09YQXhQZUFkWmpaRnRx
YnVJMUw0amNfazV5RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAUlvOm3opwlOwL41dTVc0LMy6JwqBjHFS
NaZBrEKwpqCvTEQ0fJTtOZ0GW8v15MPUM1VMvnfydvTaDkd6WuZ5RENj5ngd36vs
N52BthDE4UZ9JKoYiFFSb9NGNobwpQN2HBb0saeQB68t+OBzyACWjOlI4kCeykPJ
lzLx9NNu4OjCRAeMOVS13OXnLrtS+dGd1qqTYTgmx0U6KsJ8htLMD81f5VLvelhd
7DCAZFMpBecD5f43rdn3tq7iyJT08ibVLrXZkr23+RFw6QqQ+nmdYSFP5MfXTo2E
zdlu/r9VMyXzsY2wlaneglKhMVPlqIQ5NjVGWSEg86/jxlOKC1lncg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:37 2024 by rpki-client on console-ams.rpki-client.org