Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OY-hPDKAXKH_2ZwRnEdt5cBLBCA.roa
File: OY-hPDKAXKH_2ZwRnEdt5cBLBCA.roa (raw, json)
Hash identifier: 7GIUtVF3MsPCBeWX58hVnDZFmvNliveidp4YbHNc+R0=
Subject key identifier: 39:8F:A1:3C:32:80:5C:A1:FF:D9:9C:11:9C:47:6D:E5:C0:4B:04:20
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 32CA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OY-hPDKAXKH_2ZwRnEdt5cBLBCA.roa
Signing time: Wed 27 Mar 2024 07:28:09 +0000
ROA not before: Wed 27 Mar 2024 07:28:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13002 (0x32ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 07:28:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=398FA13C32805CA1FFD99C119C476DE5C04B0420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ae:12:b0:3b:b8:84:b2:8a:f0:14:09:82:b5:
50:04:77:2a:97:ea:fd:34:59:01:16:9a:c6:ac:ab:
81:db:83:00:fb:dd:e3:4e:cf:59:94:45:37:93:2e:
de:8a:14:3e:79:e7:45:a8:12:3f:94:62:8d:7b:87:
64:45:3f:01:1c:a9:f8:64:80:b6:cb:92:dd:85:ea:
f6:11:80:c9:6a:39:c7:8f:05:a5:f4:ee:09:fe:bd:
73:cc:57:b0:05:84:ec:31:27:9e:8e:57:f8:ee:e7:
20:5f:e0:2a:b3:28:16:04:d7:8f:eb:32:0b:4d:88:
68:87:ae:4d:62:a9:2c:42:4f:02:33:58:73:18:e9:
5b:6a:fa:2d:12:38:b3:9c:ae:d9:97:31:af:43:10:
d0:b7:e0:1d:7e:ea:d5:b8:68:a3:14:0f:ff:fd:82:
7d:c8:52:bf:9f:e5:fe:d7:ae:49:5b:61:95:81:6b:
a6:2a:48:39:a7:32:cd:7b:52:75:81:09:d7:07:99:
c7:a1:25:31:5d:3a:6c:a6:70:1f:30:74:ce:ea:dd:
d9:62:27:2c:75:3e:f0:cb:96:9d:28:24:43:78:06:
b9:0b:e6:14:00:7f:63:48:e3:a4:2e:49:58:f9:42:
0e:7c:76:23:b2:9e:04:59:0f:c5:31:0b:7d:92:fe:
28:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8F:A1:3C:32:80:5C:A1:FF:D9:9C:11:9C:47:6D:E5:C0:4B:04:20
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OY-hPDKAXKH_2ZwRnEdt5cBLBCA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:93:b9:20:19:d9:84:5a:63:e0:05:74:83:a0:54:a4:e9:ba:
f6:b3:35:a0:1a:a2:00:9f:be:c4:f1:66:fe:9f:f5:4d:7f:df:
b7:ea:51:ae:c2:83:62:01:8c:b3:fa:00:8b:cd:b7:68:c1:8e:
98:f4:e1:1a:b3:16:28:27:5f:d4:65:a3:0e:eb:d1:5d:9f:7a:
df:60:05:88:af:40:26:e1:d1:23:1d:99:ac:e3:e4:62:9e:ac:
5e:f6:a0:08:fb:d0:04:9a:dd:3c:1c:24:06:cb:18:a1:11:77:
e8:ff:62:25:a5:e4:ec:d0:7d:67:86:3f:70:79:54:69:87:9a:
6d:fa:c3:aa:7d:59:25:af:15:0a:cd:5f:f6:f4:64:0b:3f:b1:
cb:7a:a9:ea:92:2d:e2:20:9d:b2:aa:32:a8:1d:e0:d5:2c:39:
a7:32:80:d2:da:3e:eb:7c:bb:12:39:c1:54:9f:d2:3e:2d:65:
0a:9f:65:42:2a:18:01:a0:fd:a5:80:de:9c:42:7c:14:ca:c7:
65:0e:db:0c:04:bf:4f:d2:d7:d3:e3:6d:12:cc:63:b1:dd:d5:
13:50:7d:92:ed:0b:8c:c8:88:de:3c:01:94:8e:73:33:50:33:
69:85:3a:b3:93:4d:10:8f:ed:28:f1:a2:2d:18:5a:ae:e0:76:
eb:68:1a:3b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICMsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcw
NzI4MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM5OEZBMTNDMzI4MDVD
QTFGRkQ5OUMxMTlDNDc2REU1QzA0QjA0MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnrhKwO7iEsorwFAmCtVAEdyqX6v00WQEWmsasq4HbgwD73eNO
z1mURTeTLt6KFD5550WoEj+UYo17h2RFPwEcqfhkgLbLkt2F6vYRgMlqOcePBaX0
7gn+vXPMV7AFhOwxJ56OV/ju5yBf4CqzKBYE14/rMgtNiGiHrk1iqSxCTwIzWHMY
6Vtq+i0SOLOcrtmXMa9DENC34B1+6tW4aKMUD//9gn3IUr+f5f7XrklbYZWBa6Yq
SDmnMs17UnWBCdcHmcehJTFdOmymcB8wdM7q3dliJyx1PvDLlp0oJEN4BrkL5hQA
f2NI46QuSVj5Qg58diOyngRZD8UxC32S/ijlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUOY+hPDKAXKH/2ZwRnEdt5cBLBCAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09ZLWhQREtBWEtIXzJa
d1JuRWR0NWNCTEJDQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAc5O5IBnZhFpj4AV0g6BUpOm69rM1oBqi
AJ++xPFm/p/1TX/ft+pRrsKDYgGMs/oAi823aMGOmPThGrMWKCdf1GWjDuvRXZ96
32AFiK9AJuHRIx2ZrOPkYp6sXvagCPvQBJrdPBwkBssYoRF36P9iJaXk7NB9Z4Y/
cHlUaYeabfrDqn1ZJa8VCs1f9vRkCz+xy3qp6pIt4iCdsqoyqB3g1Sw5pzKA0to+
63y7EjnBVJ/SPi1lCp9lQioYAaD9pYDenEJ8FMrHZQ7bDAS/T9LX0+NtEsxjsd3V
E1B9ku0LjMiI3jwBlI5zM1AzaYU6s5NNEI/tKPGiLRharuB262gaOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:37 2024 by rpki-client on console-ams.rpki-client.org