Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/X1eDcfxhPJlEIYc9wH011t797CM.roa
File: X1eDcfxhPJlEIYc9wH011t797CM.roa (raw, json)
Hash identifier: pIsaxzqYYJwB9OrweOdBVBGECAJ2d2Xal724tjUKruM=
Subject key identifier: 5F:57:83:71:FC:61:3C:99:44:21:87:3D:C0:7D:35:D6:DE:FD:EC:23
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 39CE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/X1eDcfxhPJlEIYc9wH011t797CM.roa
Signing time: Fri 05 Apr 2024 15:52:29 +0000
ROA not before: Fri 05 Apr 2024 15:52:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14798 (0x39ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 15:52:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5F578371FC613C994421873DC07D35D6DEFDEC23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0d:96:21:e2:d1:4f:e4:c1:a7:a5:43:78:77:
42:58:92:a9:74:04:00:51:94:12:a8:61:6e:23:61:
af:ec:4e:2a:a3:4c:5f:38:d6:b6:47:6a:78:d3:bb:
5f:47:d7:06:ac:66:9d:48:d2:7a:b9:ab:f6:ab:51:
df:1b:9d:e1:a5:b9:c4:3f:ea:a4:71:b0:3c:b4:d4:
7b:5d:8d:3f:72:13:ea:4d:a7:a8:0f:01:ff:ea:fa:
58:bb:4a:8c:00:aa:0e:d1:ec:f6:a2:9b:c7:25:f9:
69:96:3d:9a:78:86:4a:7d:bf:e2:99:f3:fb:9e:24:
f1:01:b7:91:e9:50:97:fb:15:db:f1:02:b1:4b:30:
86:1f:00:bb:b3:65:a6:16:76:00:d5:66:86:48:1c:
90:3f:74:06:10:14:d0:22:13:25:0c:e0:2b:7a:7d:
62:d9:8c:8d:80:f3:2c:89:09:5d:e1:e3:df:c2:bd:
66:1b:ae:b4:60:90:f1:c8:b4:ee:6f:aa:01:ba:6d:
27:5a:72:6c:8b:b6:24:a5:30:c2:63:db:2b:97:d7:
7a:ea:a5:e9:52:5d:31:8e:aa:66:e6:b7:d9:5d:b6:
e5:de:e2:4d:bc:c9:3d:61:5d:79:e1:7f:7d:d0:70:
ca:71:c5:d9:11:4d:89:5c:b0:54:3f:50:14:88:b5:
22:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:57:83:71:FC:61:3C:99:44:21:87:3D:C0:7D:35:D6:DE:FD:EC:23
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/X1eDcfxhPJlEIYc9wH011t797CM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:48:7b:be:fe:f4:ef:e8:79:70:6e:fe:4e:bf:e8:fd:a3:30:
bc:c3:17:97:93:0a:75:99:76:c2:2e:01:e8:a7:d6:6c:b7:7d:
62:24:2a:30:f5:c8:3a:f7:95:cf:1e:c0:fe:cb:b1:fd:a6:d9:
f6:60:e3:14:07:e4:f1:db:ca:23:de:31:16:e0:43:e1:4d:de:
85:cb:e0:49:f0:9c:74:ac:87:9b:32:e4:d8:79:1b:4c:72:5b:
6c:c1:57:34:36:72:16:49:15:15:71:ba:63:54:cf:ef:6f:71:
a0:c7:d6:5f:98:28:de:ce:60:72:b2:21:10:5e:3b:d8:bb:cc:
3f:6a:00:45:14:a0:32:6e:98:7e:3b:91:b3:32:84:e1:30:c4:
c7:22:91:18:86:c4:69:fd:3a:63:78:c5:7c:ba:e8:61:19:fe:
3b:88:a9:54:ee:fd:7a:ce:c4:27:23:cd:92:b7:c7:f3:2a:e4:
9d:1c:e5:cc:b9:34:db:80:2f:1f:f1:b6:45:bd:f9:99:ed:52:
90:16:52:27:21:8d:75:4a:82:d3:00:ac:3c:c4:cd:83:36:68:
80:f3:a1:ed:7c:21:be:bd:02:72:4c:ff:f6:70:12:a7:ad:f7:
b1:34:4b:11:5e:e6:09:a4:99:52:83:e8:75:34:37:b3:b4:55:
63:8d:59:86
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOc4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUx
NTUyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVGNTc4MzcxRkM2MTND
OTk0NDIxODczREMwN0QzNUQ2REVGREVDMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQDZYh4tFP5MGnpUN4d0JYkql0BABRlBKoYW4jYa/sTiqjTF84
1rZHanjTu19H1wasZp1I0nq5q/arUd8bneGlucQ/6qRxsDy01HtdjT9yE+pNp6gP
Af/q+li7SowAqg7R7Paim8cl+WmWPZp4hkp9v+KZ8/ueJPEBt5HpUJf7FdvxArFL
MIYfALuzZaYWdgDVZoZIHJA/dAYQFNAiEyUM4Ct6fWLZjI2A8yyJCV3h49/CvWYb
rrRgkPHItO5vqgG6bSdacmyLtiSlMMJj2yuX13rqpelSXTGOqmbmt9ldtuXe4k28
yT1hXXnhf33QcMpxxdkRTYlcsFQ/UBSItSLnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUX1eDcfxhPJlEIYc9wH011t797CMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1gxZURjZnhoUEpsRUlZ
Yzl3SDAxMXQ3OTdDTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAGEh7vv707+h5cG7+Tr/o/aMwvMMXl5MK
dZl2wi4B6KfWbLd9YiQqMPXIOveVzx7A/sux/abZ9mDjFAfk8dvKI94xFuBD4U3e
hcvgSfCcdKyHmzLk2HkbTHJbbMFXNDZyFkkVFXG6Y1TP729xoMfWX5go3s5gcrIh
EF472LvMP2oARRSgMm6YfjuRszKE4TDExyKRGIbEaf06Y3jFfLroYRn+O4ipVO79
es7EJyPNkrfH8yrknRzlzLk024AvH/G2Rb35me1SkBZSJyGNdUqC0wCsPMTNgzZo
gPOh7Xwhvr0Cckz/9nASp633sTRLEV7mCaSZUoPodTQ3s7RVY41Zhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:48 2024 by rpki-client on console-ams.rpki-client.org