Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YHwkZSbN6WXlpWJL__khw_orklQ.roa
File: YHwkZSbN6WXlpWJL__khw_orklQ.roa (raw, json)
Hash identifier: GqCpnvTjjrfn3D6dHm9CwU8omzmvwwIJVPuEpGc7Bf4=
Subject key identifier: 60:7C:24:65:26:CD:E9:65:E5:A5:62:4B:FF:F9:21:C3:FA:2B:92:54
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DEE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YHwkZSbN6WXlpWJL__khw_orklQ.roa
Signing time: Thu 11 Apr 2024 03:52:46 +0000
ROA not before: Thu 11 Apr 2024 03:52:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15854 (0x3dee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 03:52:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=607C246526CDE965E5A5624BFFF921C3FA2B9254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0c:f8:54:39:0b:32:d2:ac:81:bc:f2:58:82:
2e:81:89:dd:cf:ef:6d:05:62:b9:1a:ff:c0:ec:36:
e5:54:15:48:f5:71:7c:ae:e6:9c:61:46:23:b8:56:
40:4c:22:36:87:5f:18:46:6f:72:c7:9f:ec:57:46:
cf:00:87:57:ff:b9:c6:a4:75:f2:72:36:d5:0a:77:
60:8d:57:38:a4:a4:b9:af:7c:8c:54:1c:d1:08:15:
6a:ab:af:b2:51:bb:82:a8:de:33:16:cf:5c:b5:c1:
6c:6a:bc:d6:3b:41:4b:76:76:b0:14:f3:76:be:74:
f3:1c:74:f0:a2:25:88:0c:7d:9a:c7:13:6e:5b:f7:
d9:9c:0d:2b:27:50:24:73:7e:d3:43:38:bb:fd:5e:
64:fa:66:a4:aa:66:66:4c:85:fb:bc:8a:4d:3f:61:
b3:db:14:20:72:1d:82:eb:15:57:a2:5b:d4:32:e6:
ef:d1:5a:90:17:79:bf:b4:7c:a3:f1:ee:9d:23:aa:
53:d5:30:6a:9a:fb:4c:a9:de:77:06:63:ce:e3:64:
0c:96:a6:2b:45:c0:8c:64:7e:3c:2b:fe:0c:f3:24:
b7:06:da:f6:7c:7c:8d:af:e3:c8:5f:e5:09:3f:3c:
e6:98:16:86:a6:d0:60:70:0f:1c:98:55:51:53:0f:
c9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:7C:24:65:26:CD:E9:65:E5:A5:62:4B:FF:F9:21:C3:FA:2B:92:54
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YHwkZSbN6WXlpWJL__khw_orklQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:01:f4:db:cf:4e:08:1b:cf:bd:f4:ef:6b:c4:cf:70:b4:9c:
06:b3:cd:25:c3:cb:98:fa:4b:cd:ff:20:be:7a:e6:83:6e:ca:
cd:f6:ab:e6:39:94:c9:16:64:0c:46:23:df:25:87:ee:8f:e3:
12:3c:a1:80:f5:6f:72:dd:d2:e6:39:81:c2:45:31:89:8f:ca:
b1:ff:ef:dd:2c:ae:f1:f7:93:d1:f8:ec:70:c1:3f:6c:25:78:
dc:7a:d9:ba:09:ea:96:b3:53:d8:3e:53:b1:b5:16:0a:00:d7:
c1:79:31:7a:38:f8:dd:fa:1a:41:c4:59:a9:c6:d6:ce:36:08:
ec:2b:e9:aa:f4:81:1e:ff:82:44:e8:a6:d2:ba:61:99:31:e0:
c3:d3:c9:a8:c3:0b:39:7f:17:f2:d7:3b:5c:31:a7:79:df:ca:
28:fd:4d:86:b2:10:39:6b:36:6d:89:9b:bb:28:27:71:96:d8:
2e:22:94:6b:00:45:c3:91:02:12:5a:b4:f4:7f:4b:a6:69:89:
de:30:0f:ae:7a:7d:11:17:df:ee:a7:9a:8a:5b:50:31:ec:bf:
dd:ce:ce:ac:ef:03:c0:6e:d6:5e:00:94:45:82:78:98:93:ea:
68:47:fb:81:38:66:78:0d:b0:59:96:e3:d0:6f:3f:54:08:95:
f2:0b:ad:24
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
MzUyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwN0MyNDY1MjZDREU5
NjVFNUE1NjI0QkZGRjkyMUMzRkEyQjkyNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHDPhUOQsy0qyBvPJYgi6Bid3P720FYrka/8DsNuVUFUj1cXyu
5pxhRiO4VkBMIjaHXxhGb3LHn+xXRs8Ah1f/ucakdfJyNtUKd2CNVzikpLmvfIxU
HNEIFWqrr7JRu4Ko3jMWz1y1wWxqvNY7QUt2drAU83a+dPMcdPCiJYgMfZrHE25b
99mcDSsnUCRzftNDOLv9XmT6ZqSqZmZMhfu8ik0/YbPbFCByHYLrFVeiW9Qy5u/R
WpAXeb+0fKPx7p0jqlPVMGqa+0yp3ncGY87jZAyWpitFwIxkfjwr/gzzJLcG2vZ8
fI2v48hf5Qk/POaYFoam0GBwDxyYVVFTD8n7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYHwkZSbN6WXlpWJL//khw/orklQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lId2taU2JONldYbHBX
SkxfX2tod19vcmtsUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEADwH0289OCBvPvfTva8TPcLScBrPNJcPL
mPpLzf8gvnrmg27Kzfar5jmUyRZkDEYj3yWH7o/jEjyhgPVvct3S5jmBwkUxiY/K
sf/v3Syu8feT0fjscME/bCV43HrZugnqlrNT2D5TsbUWCgDXwXkxejj43foaQcRZ
qcbWzjYI7CvpqvSBHv+CROim0rphmTHgw9PJqMMLOX8X8tc7XDGned/KKP1NhrIQ
OWs2bYmbuygncZbYLiKUawBFw5ECElq09H9LpmmJ3jAPrnp9ERff7qeailtQMey/
3c7OrO8DwG7WXgCURYJ4mJPqaEf7gThmeA2wWZbj0G8/VAiV8gutJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:50 2024 by rpki-client on console-ams.rpki-client.org