Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QslphxXfd_4Uj84DivpVGrq1vis.roa
File: QslphxXfd_4Uj84DivpVGrq1vis.roa (raw, json)
Hash identifier: Hyfck64DwAN/n7SRXnwE2YNa0ahFn7+qoM4b8S5k1Q4=
Subject key identifier: 42:C9:69:87:15:DF:77:FE:14:8F:CE:03:8A:FA:55:1A:BA:B5:BE:2B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37AE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QslphxXfd_4Uj84DivpVGrq1vis.roa
Signing time: Tue 02 Apr 2024 19:52:18 +0000
ROA not before: Tue 02 Apr 2024 19:52:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14254 (0x37ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 19:52:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=42C9698715DF77FE148FCE038AFA551ABAB5BE2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:91:53:47:dc:88:c5:a8:dc:11:cb:e4:de:13:
76:49:59:fb:f4:73:cc:d0:9d:f9:35:fb:b1:83:4b:
4f:ee:c0:3c:a3:5a:02:b9:bd:d0:f0:06:4f:46:ee:
56:a1:98:6e:c9:74:47:e1:a4:b9:be:36:62:3b:9b:
c9:7e:a0:db:17:78:bf:f5:74:9f:a0:22:20:4e:f1:
c5:66:d4:fb:45:aa:58:cc:c0:a0:6e:cc:42:89:32:
63:f9:67:cd:90:f3:ff:1a:52:02:65:7e:6d:2a:8d:
fc:e4:85:0d:d1:44:6d:50:5a:42:0b:ca:83:e5:1c:
18:4f:37:11:f4:31:6b:d8:7a:d0:27:e3:be:94:dd:
59:cc:9a:e6:a7:ba:25:a8:79:33:2e:56:75:85:eb:
b6:3a:34:9a:e2:b3:f1:46:00:dd:dd:38:70:25:30:
c2:6c:32:83:c8:5f:56:c2:b0:d3:5a:cf:fa:83:b0:
19:34:1b:ec:96:0f:ca:ec:82:57:45:87:13:92:ea:
c7:70:ec:ab:bc:2d:81:a7:63:8a:ed:f1:71:3e:13:
81:89:8a:ff:60:ee:0a:85:e3:f0:85:68:3f:33:68:
cb:78:25:de:1e:72:5a:48:cd:6b:35:9e:59:76:dd:
7d:70:ea:e6:85:6a:b2:04:51:80:0c:53:55:aa:80:
0d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C9:69:87:15:DF:77:FE:14:8F:CE:03:8A:FA:55:1A:BA:B5:BE:2B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QslphxXfd_4Uj84DivpVGrq1vis.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:17:dc:1e:6e:ef:0c:a5:cc:f8:67:3b:78:fa:08:5f:a6:1d:
29:99:8a:bd:2c:88:f0:54:b8:c8:5b:18:54:67:cc:ad:1b:a0:
66:e1:53:59:41:40:9d:2e:4a:0e:eb:eb:b6:c7:44:fe:09:40:
d1:49:cc:6a:a7:df:16:5f:e5:5b:40:06:e0:57:fe:bf:2c:e8:
cd:99:ac:27:83:51:7f:dc:fe:de:8e:5b:04:14:4d:91:a2:c1:
e1:fa:d0:90:b1:83:a4:60:19:90:f1:85:2b:9e:fa:a2:c1:ba:
64:32:50:2e:40:9b:a1:d1:e2:ad:68:b2:c8:2b:a2:77:f8:0c:
2c:d8:82:ea:a6:eb:12:7f:a6:57:0e:23:8e:7e:1e:ab:db:0e:
c3:d6:a9:8e:01:88:a3:46:72:bc:9a:1c:bd:2f:50:f0:7d:c2:
e7:ba:43:e7:66:0f:df:7f:09:bc:fb:ac:ef:8e:89:4d:12:09:
0b:e4:8d:be:59:56:c0:0d:25:32:b6:06:71:5f:9a:0e:4e:40:
e7:54:31:86:60:27:2a:cd:45:ea:ac:88:09:11:96:20:95:03:
bc:4f:61:37:11:b4:fd:06:80:4b:74:b0:ed:8e:68:43:d9:61:
89:4d:3d:28:48:70:af:b2:8a:4b:9a:47:6b:e0:cd:f6:cd:a8:
3e:c1:de:40
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICN64wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIx
OTUyMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQyQzk2OTg3MTVERjc3
RkUxNDhGQ0UwMzhBRkE1NTFBQkFCNUJFMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIkVNH3IjFqNwRy+TeE3ZJWfv0c8zQnfk1+7GDS0/uwDyjWgK5
vdDwBk9G7lahmG7JdEfhpLm+NmI7m8l+oNsXeL/1dJ+gIiBO8cVm1PtFqljMwKBu
zEKJMmP5Z82Q8/8aUgJlfm0qjfzkhQ3RRG1QWkILyoPlHBhPNxH0MWvYetAn476U
3VnMmuanuiWoeTMuVnWF67Y6NJris/FGAN3dOHAlMMJsMoPIX1bCsNNaz/qDsBk0
G+yWD8rsgldFhxOS6sdw7Ku8LYGnY4rt8XE+E4GJiv9g7gqF4/CFaD8zaMt4Jd4e
clpIzWs1nll23X1w6uaFarIEUYAMU1WqgA0tAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQslphxXfd/4Uj84DivpVGrq1viswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FzbHBoeFhmZF80VWo4
NERpdnBWR3JxMXZpcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKRfcHm7vDKXM+Gc7ePoIX6YdKZmKvSyI
8FS4yFsYVGfMrRugZuFTWUFAnS5KDuvrtsdE/glA0UnMaqffFl/lW0AG4Ff+vyzo
zZmsJ4NRf9z+3o5bBBRNkaLB4frQkLGDpGAZkPGFK576osG6ZDJQLkCbodHirWiy
yCuid/gMLNiC6qbrEn+mVw4jjn4eq9sOw9apjgGIo0ZyvJocvS9Q8H3C57pD52YP
338JvPus746JTRIJC+SNvllWwA0lMrYGcV+aDk5A51QxhmAnKs1F6qyICRGWIJUD
vE9hNxG0/QaAS3Sw7Y5oQ9lhiU09KEhwr7KKS5pHa+DN9s2oPsHeQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:25 2024 by rpki-client on console-fra.rpki-client.org