Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/THBrTtXtvlYbgOb_JSuc35q1tFI.roa
File: THBrTtXtvlYbgOb_JSuc35q1tFI.roa (raw, json)
Hash identifier: yoV0TN8teX59cTHSk7fGAmYrj6liM/kgtmCebVRnhxw=
Subject key identifier: 4C:70:6B:4E:D5:ED:BE:56:1B:80:E6:FF:25:2B:9C:DF:9A:B5:B4:52
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53FE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/THBrTtXtvlYbgOb_JSuc35q1tFI.roa
Signing time: Fri 10 May 2024 13:54:01 +0000
ROA not before: Fri 10 May 2024 13:54:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21502 (0x53fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 13:54:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4C706B4ED5EDBE561B80E6FF252B9CDF9AB5B452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:02:98:d5:f1:25:67:4a:95:d6:02:c3:23:cb:
72:7f:73:3c:28:1a:c3:d5:42:77:51:a6:0a:b0:ff:
c3:68:ce:1e:35:7d:15:35:2e:93:e9:42:ec:f6:6e:
1e:fa:08:9d:17:a4:c0:ba:4b:1b:24:a0:9e:4e:a8:
75:f8:aa:b8:b9:8a:15:c1:22:4b:7c:f8:53:53:08:
7d:1b:fe:7c:34:0e:71:8e:b0:f3:3b:c7:39:74:b9:
e3:c1:6d:55:e3:8f:e8:06:16:0d:bf:64:e9:78:eb:
e2:7f:d2:0e:42:ae:8f:3b:b1:4e:d2:03:0d:b0:82:
b9:77:e2:22:1d:ab:e8:f6:d2:39:01:94:90:1b:16:
80:0a:e4:ad:f6:9e:14:95:db:d8:97:67:fc:8f:5c:
62:91:ba:fe:7b:8b:0e:5a:49:ff:88:d1:8e:65:2f:
f0:46:ed:b3:ce:5b:80:e4:b4:95:64:34:0d:97:18:
90:78:a0:a7:5d:3a:0d:d6:59:f2:57:b9:47:ff:92:
46:43:95:b4:24:48:d4:93:99:50:1a:03:51:fc:9b:
b2:8c:0e:ed:5c:42:d9:b9:43:12:59:c6:5b:71:7f:
cd:ca:ac:bf:2a:1f:58:cb:fc:4a:6e:51:5d:a3:08:
51:a7:68:0b:bb:48:d9:48:73:40:c7:c4:af:be:fd:
40:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:70:6B:4E:D5:ED:BE:56:1B:80:E6:FF:25:2B:9C:DF:9A:B5:B4:52
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/THBrTtXtvlYbgOb_JSuc35q1tFI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:ee:74:18:07:0f:ac:1f:91:69:3b:7b:91:a5:1b:52:8f:d7:
f9:72:3d:21:da:15:c3:bb:34:e4:f2:78:78:30:23:13:ac:60:
ac:c0:d7:39:2e:b4:2c:47:29:14:a4:9b:86:bc:17:2b:83:75:
41:38:9d:ce:02:c3:35:bd:a3:f7:26:0b:bc:ec:fc:2b:20:70:
34:97:9e:fe:0b:50:4d:48:1a:54:5c:d5:63:d0:ae:fc:4d:75:
ca:02:77:7b:e7:f6:b9:da:84:89:3e:09:ea:a9:cb:27:d7:2e:
a7:21:72:63:45:65:40:e3:46:b1:4d:00:20:29:bd:95:79:85:
4e:97:98:7c:14:15:6e:2b:dc:65:c5:fb:a4:44:d2:b8:b0:a9:
39:af:46:b2:da:25:dd:cb:f4:f8:1e:d0:7f:55:b2:bd:f0:cc:
dd:cb:dd:5c:1c:fb:c5:1d:aa:50:f1:bc:a1:f6:ad:ae:e7:de:
66:78:ee:70:81:f6:64:76:87:47:d6:7b:e1:fd:8c:af:3d:c1:
9a:24:42:ef:e4:73:bb:fd:a7:82:f7:d0:bc:68:44:3a:55:5f:
bd:d0:0e:50:e1:c8:4c:bf:5b:13:cf:fa:f7:20:a7:2a:5f:4d:
93:19:a6:d5:b6:68:1b:8e:4b:95:88:51:a3:dc:8c:4b:74:cb:
b5:27:77:bc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAx
MzU0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRDNzA2QjRFRDVFREJF
NTYxQjgwRTZGRjI1MkI5Q0RGOUFCNUI0NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGApjV8SVnSpXWAsMjy3J/czwoGsPVQndRpgqw/8Nozh41fRU1
LpPpQuz2bh76CJ0XpMC6SxskoJ5OqHX4qri5ihXBIkt8+FNTCH0b/nw0DnGOsPM7
xzl0uePBbVXjj+gGFg2/ZOl46+J/0g5Cro87sU7SAw2wgrl34iIdq+j20jkBlJAb
FoAK5K32nhSV29iXZ/yPXGKRuv57iw5aSf+I0Y5lL/BG7bPOW4DktJVkNA2XGJB4
oKddOg3WWfJXuUf/kkZDlbQkSNSTmVAaA1H8m7KMDu1cQtm5QxJZxltxf83KrL8q
H1jL/EpuUV2jCFGnaAu7SNlIc0DHxK++/UDbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUTHBrTtXtvlYbgOb/JSuc35q1tFIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RIQnJUdFh0dmxZYmdP
Yl9KU3VjMzVxMXRGSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAOO50GAcPrB+RaTt7kaUbUo/X+XI9IdoV
w7s05PJ4eDAjE6xgrMDXOS60LEcpFKSbhrwXK4N1QTidzgLDNb2j9yYLvOz8KyBw
NJee/gtQTUgaVFzVY9Cu/E11ygJ3e+f2udqEiT4J6qnLJ9cupyFyY0VlQONGsU0A
ICm9lXmFTpeYfBQVbivcZcX7pETSuLCpOa9Gstol3cv0+B7Qf1WyvfDM3cvdXBz7
xR2qUPG8ofatrufeZnjucIH2ZHaHR9Z74f2Mrz3BmiRC7+Rzu/2ngvfQvGhEOlVf
vdAOUOHITL9bE8/69yCnKl9Nkxmm1bZoG45LlYhRo9yMS3TLtSd3vA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:27 2024 by rpki-client on console-fra.rpki-client.org