Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/U5RWnheRi9Ziu_M4KJKaqM0gaJ0.roa
File: U5RWnheRi9Ziu_M4KJKaqM0gaJ0.roa (raw, json)
Hash identifier: JjXXB/MHOcBjiCk9IeISS8fRVIN9x30bw3Ho+yH+UCI=
Subject key identifier: 53:94:56:9E:17:91:8B:D6:62:BB:F3:38:28:92:9A:A8:CD:20:68:9D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3446
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/U5RWnheRi9Ziu_M4KJKaqM0gaJ0.roa
Signing time: Fri 29 Mar 2024 06:52:05 +0000
ROA not before: Fri 29 Mar 2024 06:52:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13382 (0x3446)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 06:52:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5394569E17918BD662BBF33828929AA8CD20689D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:62:23:a5:4c:24:b0:37:95:a7:bd:db:ef:3f:
62:f9:ce:6e:8b:1c:5d:dc:f9:4a:cd:86:aa:dc:5c:
3d:48:eb:f0:57:e5:05:d4:83:aa:8e:e3:3d:0e:5e:
ee:f9:f2:15:43:37:3a:82:27:a7:74:2b:ad:fe:ba:
69:e8:9e:53:48:7d:fe:83:13:75:27:ec:59:76:b7:
fe:05:ba:bc:cd:ef:53:d0:03:f4:51:b2:c8:ef:66:
76:7e:b2:1c:a6:ea:07:ca:24:39:87:cd:38:49:0d:
e3:44:a1:96:f5:1c:fb:9f:ec:87:d2:d7:75:7e:6f:
1c:47:04:8f:cc:2e:34:7e:81:38:82:e7:80:a1:92:
76:d0:f4:bc:50:dc:41:2f:2a:8b:40:d3:58:32:15:
b0:89:55:4e:35:8c:7f:9d:b5:fe:34:d4:ea:fd:74:
f8:3c:2d:32:57:58:3d:b0:25:d6:5b:5f:02:48:94:
07:f3:9b:b6:12:e0:1a:51:05:90:65:d6:15:79:d1:
bd:f4:5b:21:da:31:36:db:bd:9f:d2:54:95:0b:9c:
8f:b0:89:64:74:ab:69:36:3f:60:48:65:e5:8a:3c:
01:9b:7a:22:80:26:c9:00:1a:4d:3c:c5:d4:7f:40:
1c:de:69:b5:1a:89:ab:4d:62:83:5b:e3:55:c4:ba:
77:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:94:56:9E:17:91:8B:D6:62:BB:F3:38:28:92:9A:A8:CD:20:68:9D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/U5RWnheRi9Ziu_M4KJKaqM0gaJ0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b6:17:60:8b:24:b5:a6:f4:37:4f:30:e8:a7:b2:e4:35:ed:f9:
12:50:22:89:0f:a6:c9:35:d2:15:1d:8b:20:21:a6:ff:7d:4f:
d1:a7:9a:62:1e:8f:31:86:06:21:b0:91:ff:91:22:3a:77:ce:
25:c2:6e:84:70:f9:5d:1f:e8:94:ce:93:7c:a7:a3:9f:fc:78:
b5:c4:49:b0:36:c8:5b:55:c5:75:76:07:98:ed:8b:20:60:8a:
2b:30:b7:b5:da:7e:a4:e7:e4:e8:2f:ca:09:0d:c8:9d:2f:56:
f2:b0:35:6e:ed:84:27:6a:2a:eb:d0:01:6a:b0:5d:8f:98:e7:
62:84:75:2f:75:0b:4b:09:61:e3:64:ae:7a:11:2d:11:cf:f1:
7f:9a:88:aa:b9:8a:f0:f2:42:7c:a5:bc:80:30:9f:40:61:b3:
76:94:4a:39:56:a2:f2:da:4b:53:6c:06:f1:87:db:66:96:ad:
a0:6a:d9:e8:60:b6:2d:4f:21:5e:23:27:fe:1e:f1:c4:67:d8:
3b:2d:49:f3:f8:a1:a2:76:a1:05:a9:80:2d:67:33:59:a2:73:
d4:73:df:98:f9:00:41:06:5f:cd:48:21:9f:63:9a:67:de:7a:
e6:25:28:5e:20:8f:7a:5d:48:14:d6:27:5b:a9:6d:42:9b:9d:
f5:3d:bc:d6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNEYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
NjUyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzOTQ1NjlFMTc5MThC
RDY2MkJCRjMzODI4OTI5QUE4Q0QyMDY4OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsYiOlTCSwN5WnvdvvP2L5zm6LHF3c+UrNhqrcXD1I6/BX5QXU
g6qO4z0OXu758hVDNzqCJ6d0K63+umnonlNIff6DE3Un7Fl2t/4FurzN71PQA/RR
ssjvZnZ+shym6gfKJDmHzThJDeNEoZb1HPuf7IfS13V+bxxHBI/MLjR+gTiC54Ch
knbQ9LxQ3EEvKotA01gyFbCJVU41jH+dtf401Or9dPg8LTJXWD2wJdZbXwJIlAfz
m7YS4BpRBZBl1hV50b30WyHaMTbbvZ/SVJULnI+wiWR0q2k2P2BIZeWKPAGbeiKA
JskAGk08xdR/QBzeabUaiatNYoNb41XEune/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUU5RWnheRi9Ziu/M4KJKaqM0gaJ0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1U1UlduaGVSaTlaaXVf
TTRLSkthcU0wZ2FKMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAthdgiyS1pvQ3TzDop7LkNe35ElAiiQ+m
yTXSFR2LICGm/31P0aeaYh6PMYYGIbCR/5EiOnfOJcJuhHD5XR/olM6TfKejn/x4
tcRJsDbIW1XFdXYHmO2LIGCKKzC3tdp+pOfk6C/KCQ3InS9W8rA1bu2EJ2oq69AB
arBdj5jnYoR1L3ULSwlh42SuehEtEc/xf5qIqrmK8PJCfKW8gDCfQGGzdpRKOVai
8tpLU2wG8YfbZpatoGrZ6GC2LU8hXiMn/h7xxGfYOy1J8/ihonahBamALWczWaJz
1HPfmPkAQQZfzUghn2OaZ9565iUoXiCPel1IFNYnW6ltQpud9T281g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:27 2024 by rpki-client on console-fra.rpki-client.org