Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Qmm_nEnnD1xUBqWLPW5WnFo1cUU.roa
File: Qmm_nEnnD1xUBqWLPW5WnFo1cUU.roa (raw, json)
Hash identifier: ghKXxe2qVeua2hJDzgd+yqu7mIEvuihpqSv0VlFhgoc=
Subject key identifier: 42:69:BF:9C:49:E7:0F:5C:54:06:A5:8B:3D:6E:56:9C:5A:35:71:45
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 545E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Qmm_nEnnD1xUBqWLPW5WnFo1cUU.roa
Signing time: Sat 11 May 2024 01:54:08 +0000
ROA not before: Sat 11 May 2024 01:54:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21598 (0x545e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 01:54:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4269BF9C49E70F5C5406A58B3D6E569C5A357145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c4:b4:23:7e:87:66:45:54:6c:ae:94:98:f0:
4f:af:0b:df:0b:cd:72:34:23:a6:c6:1a:ca:a5:65:
fa:42:b0:bc:ac:66:ef:55:4d:db:c0:ae:01:1d:0f:
80:fa:a5:90:ac:f8:c7:79:e5:4c:25:a5:9a:fa:da:
0d:5b:16:d5:41:26:74:07:29:20:e8:88:1b:15:f2:
48:6c:3b:66:55:a8:ce:d1:a5:ad:83:b4:55:fb:11:
01:2f:ce:bd:c0:b0:f4:ca:c0:53:b7:75:e1:f3:80:
81:6c:01:e8:1e:eb:c4:ce:75:2b:28:25:5e:ba:d3:
cf:c2:c9:f3:59:d9:24:df:85:a6:3f:04:c0:8b:e7:
1b:a8:20:ed:51:22:b0:6c:41:ab:7a:e0:e8:16:2b:
48:5c:48:a1:27:bf:a7:9a:12:dd:ac:77:4d:a1:71:
8b:8a:f4:83:42:93:6b:4f:3b:ca:5f:f8:c5:65:92:
a0:88:ae:3f:e4:74:f4:aa:ff:b4:16:e7:c6:f2:86:
71:21:15:75:d5:73:87:2e:e5:e5:9e:6f:5f:17:60:
b6:15:03:a0:3b:95:d8:a8:83:8f:4e:23:83:2f:df:
1d:77:42:ab:91:92:9f:cf:22:29:bc:3d:ca:ff:00:
00:79:8a:b5:d3:42:49:ad:75:05:a0:44:4a:f2:29:
a9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:69:BF:9C:49:E7:0F:5C:54:06:A5:8B:3D:6E:56:9C:5A:35:71:45
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Qmm_nEnnD1xUBqWLPW5WnFo1cUU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:f9:fa:f6:25:c9:c0:3e:f6:17:c0:1c:d9:a9:d0:eb:01:0a:
aa:c9:1f:b2:fe:5f:dc:6d:7f:55:2e:61:e6:5a:6a:75:d6:85:
c8:55:29:2c:27:72:60:3b:f9:a5:32:3a:f1:00:5f:67:c4:e7:
3b:3e:4e:8d:7c:bf:c6:8f:b1:05:c1:32:cb:e0:0c:26:06:85:
bb:fd:0b:54:5c:a2:fa:b3:66:2c:71:10:dd:6c:e1:7c:dd:98:
cd:f6:8e:39:e6:4f:03:c7:47:30:b6:78:96:9b:30:c4:4b:7a:
b7:16:18:4a:26:17:bc:7c:9b:02:cc:ff:fa:8d:6f:ee:c9:3c:
5e:b4:b1:03:c2:87:75:ec:9e:f1:80:c1:59:b7:05:37:b4:34:
ff:9a:dd:3a:2c:75:a2:71:93:83:a6:b4:5d:8d:95:e5:e2:4e:
e3:de:20:5f:88:a3:b8:95:8c:85:8b:44:c6:52:72:5b:52:b5:
56:c3:9f:3e:4d:f2:97:86:11:73:39:4d:54:7e:04:13:1d:27:
d3:22:a4:41:33:ff:77:b8:d3:0e:08:75:29:d3:90:d7:cc:37:
18:a4:9d:58:39:5f:b7:b0:76:55:96:28:2d:f6:ba:75:51:9e:
d9:79:9f:75:ba:b1:bb:47:5b:34:c6:33:7e:fe:e0:a6:87:9a:
c9:19:cc:16
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEw
MTU0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQyNjlCRjlDNDlFNzBG
NUM1NDA2QTU4QjNENkU1NjlDNUEzNTcxNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdxLQjfodmRVRsrpSY8E+vC98LzXI0I6bGGsqlZfpCsLysZu9V
TdvArgEdD4D6pZCs+Md55UwlpZr62g1bFtVBJnQHKSDoiBsV8khsO2ZVqM7Rpa2D
tFX7EQEvzr3AsPTKwFO3deHzgIFsAege68TOdSsoJV6608/CyfNZ2STfhaY/BMCL
5xuoIO1RIrBsQat64OgWK0hcSKEnv6eaEt2sd02hcYuK9INCk2tPO8pf+MVlkqCI
rj/kdPSq/7QW58byhnEhFXXVc4cu5eWeb18XYLYVA6A7ldiog49OI4Mv3x13QquR
kp/PIim8Pcr/AAB5irXTQkmtdQWgREryKalVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQmm/nEnnD1xUBqWLPW5WnFo1cUUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FtbV9uRW5uRDF4VUJx
V0xQVzVXbkZvMWNVVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAN/n69iXJwD72F8Ac2anQ6wEKqskfsv5f
3G1/VS5h5lpqddaFyFUpLCdyYDv5pTI68QBfZ8TnOz5OjXy/xo+xBcEyy+AMJgaF
u/0LVFyi+rNmLHEQ3WzhfN2YzfaOOeZPA8dHMLZ4lpswxEt6txYYSiYXvHybAsz/
+o1v7sk8XrSxA8KHdeye8YDBWbcFN7Q0/5rdOix1onGTg6a0XY2V5eJO494gX4ij
uJWMhYtExlJyW1K1VsOfPk3yl4YRczlNVH4EEx0n0yKkQTP/d7jTDgh1KdOQ18w3
GKSdWDlft7B2VZYoLfa6dVGe2Xmfdbqxu0dbNMYzfv7gpoeayRnMFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:40 2024 by rpki-client on console-ams.rpki-client.org