Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/aleJMFLnqBI0C0ef2SX4CGSK6PU.roa
File: aleJMFLnqBI0C0ef2SX4CGSK6PU.roa (raw, json)
Hash identifier: N/mjLJGjrh0Bbt5KJ6B/x0KjjxzUU2+ZrbZtVecKh/g=
Subject key identifier: 6A:57:89:30:52:E7:A8:12:34:0B:47:9F:D9:25:F8:08:64:8A:E8:F5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 452A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aleJMFLnqBI0C0ef2SX4CGSK6PU.roa
Signing time: Sat 20 Apr 2024 19:23:05 +0000
ROA not before: Sat 20 Apr 2024 19:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17706 (0x452a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 19:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6A57893052E7A812340B479FD925F808648AE8F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:17:8f:54:12:30:fa:92:26:e2:03:52:82:4c:
30:3a:dd:f6:72:64:74:2f:3f:57:d4:c1:06:a3:aa:
e9:82:39:31:47:1a:23:7e:7b:27:6b:03:8b:88:2b:
1b:52:66:4f:fe:bf:ee:cb:72:dc:70:3b:aa:9a:9c:
3d:07:ca:62:73:8a:65:9a:19:e9:50:20:11:7c:b9:
2a:aa:e1:ee:32:dc:68:d3:44:4f:dd:a4:1c:5c:5c:
bf:33:c1:30:15:5f:41:f5:10:7f:1a:81:cc:91:3f:
2b:3e:09:45:ff:fb:a5:4d:84:cf:8f:d9:1f:5e:d7:
d1:d6:ac:dd:fa:b2:48:f8:9e:c8:bc:5f:34:80:bd:
f1:e7:e2:01:75:81:c4:1b:64:50:26:5b:c4:e7:9f:
69:eb:99:52:e0:3b:07:f8:9c:bc:75:5f:a8:bf:90:
dc:9c:f7:89:2e:98:96:52:3c:e4:5d:54:6b:56:06:
5b:0b:35:33:75:7e:24:2b:ef:85:95:50:a2:15:59:
38:26:39:61:b9:24:3b:cc:66:27:21:26:e0:ed:d4:
fc:1f:f8:aa:13:4f:00:b3:74:a7:40:9a:05:8c:68:
85:bc:59:5e:23:ff:55:56:0e:ff:34:3c:43:ce:d2:
68:26:56:12:09:e2:0b:e4:b0:59:64:5c:08:20:b1:
7a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:57:89:30:52:E7:A8:12:34:0B:47:9F:D9:25:F8:08:64:8A:E8:F5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aleJMFLnqBI0C0ef2SX4CGSK6PU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:74:b6:84:7f:82:44:ac:83:86:1b:a3:7d:51:d7:1c:7e:72:
1a:bd:60:ab:6f:09:3c:a6:45:24:9c:3a:30:54:be:b3:aa:66:
31:03:d2:c0:ce:03:bb:2a:22:1f:7c:4a:20:44:29:9e:ef:3b:
ec:5b:b8:64:cd:e4:ef:c5:5a:f9:71:78:7b:5d:88:e4:29:aa:
3f:32:d8:fb:f2:67:b2:8a:62:13:f5:60:a0:b6:8f:ac:9a:71:
54:26:59:9f:6e:2e:55:78:2c:42:72:d3:39:c9:e4:45:c0:17:
8a:7e:45:6b:5c:f7:2f:0f:d6:53:fb:b8:44:23:d5:05:3b:4c:
45:20:95:ee:3a:02:b1:4c:64:36:a2:e7:5c:85:9b:cf:61:e2:
f5:1a:af:e3:f4:50:7d:ba:91:0c:03:28:87:06:89:5f:de:c6:
d5:5e:cf:57:2e:60:43:3d:98:cf:25:77:a6:09:cf:5f:10:8d:
5f:ae:8c:51:4c:af:33:62:78:39:14:0d:d7:73:2b:88:36:40:
c5:59:63:87:cc:21:f3:10:2e:e7:1a:01:fe:f2:b3:56:d4:cb:
42:d7:a8:9e:f3:4a:a7:18:c5:15:0e:d9:ac:54:f6:6d:5a:bd:
ec:9f:76:2a:1f:e7:2e:8c:dc:44:91:ee:d3:bb:cf:e5:16:f8:
fa:00:95:d8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRSowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
OTIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBNTc4OTMwNTJFN0E4
MTIzNDBCNDc5RkQ5MjVGODA4NjQ4QUU4RjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0F49UEjD6kibiA1KCTDA63fZyZHQvP1fUwQajqumCOTFHGiN+
eydrA4uIKxtSZk/+v+7LctxwO6qanD0HymJzimWaGelQIBF8uSqq4e4y3GjTRE/d
pBxcXL8zwTAVX0H1EH8agcyRPys+CUX/+6VNhM+P2R9e19HWrN36skj4nsi8XzSA
vfHn4gF1gcQbZFAmW8Tnn2nrmVLgOwf4nLx1X6i/kNyc94kumJZSPORdVGtWBlsL
NTN1fiQr74WVUKIVWTgmOWG5JDvMZichJuDt1Pwf+KoTTwCzdKdAmgWMaIW8WV4j
/1VWDv80PEPO0mgmVhIJ4gvksFlkXAggsXr/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUaleJMFLnqBI0C0ef2SX4CGSK6PUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FsZUpNRkxucUJJMEMw
ZWYyU1g0Q0dTSzZQVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAf3S2hH+CRKyDhhujfVHXHH5yGr1gq28J
PKZFJJw6MFS+s6pmMQPSwM4DuyoiH3xKIEQpnu877Fu4ZM3k78Va+XF4e12I5Cmq
PzLY+/JnsopiE/VgoLaPrJpxVCZZn24uVXgsQnLTOcnkRcAXin5Fa1z3Lw/WU/u4
RCPVBTtMRSCV7joCsUxkNqLnXIWbz2Hi9Rqv4/RQfbqRDAMohwaJX97G1V7PVy5g
Qz2YzyV3pgnPXxCNX66MUUyvM2J4ORQN13MriDZAxVljh8wh8xAu5xoB/vKzVtTL
QteonvNKpxjFFQ7ZrFT2bVq97J92Kh/nLozcRJHu07vP5Rb4+gCV2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:54 2024 by rpki-client on console-ams.rpki-client.org