Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dhj_ye9sExeVU0p6VDdSgmU5-5w.roa
File: dhj_ye9sExeVU0p6VDdSgmU5-5w.roa (raw, json)
Hash identifier: 4ewwlrd+kSXh2iYd0N7XFdp+qAPhdfGbms40m0QMlF0=
Subject key identifier: 76:18:FF:C9:EF:6C:13:17:95:53:4A:7A:54:37:52:82:65:39:FB:9C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 373A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dhj_ye9sExeVU0p6VDdSgmU5-5w.roa
Signing time: Tue 02 Apr 2024 05:22:14 +0000
ROA not before: Tue 02 Apr 2024 05:22:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14138 (0x373a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 05:22:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7618FFC9EF6C131795534A7A543752826539FB9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b1:f1:c8:13:a7:07:8a:d7:f2:01:34:5f:d3:
69:43:85:71:10:22:ef:f7:4f:ab:85:24:d8:99:80:
71:fc:80:59:55:b7:db:ad:1f:ae:63:0d:ee:17:58:
cd:53:cd:82:20:73:96:eb:11:d9:cc:ba:38:a2:cf:
4a:06:27:78:4f:7a:c5:35:34:c2:f0:0b:86:2e:30:
b3:05:67:84:df:c3:7d:8d:0a:e7:43:99:e9:e4:14:
89:4c:5c:9a:14:f7:67:28:c1:54:3d:86:ff:bf:48:
d5:d9:4c:af:9a:76:58:a7:59:49:a7:97:81:be:39:
57:19:41:30:f8:ac:0b:17:5d:f6:ed:70:7d:63:12:
16:7d:94:75:0b:dc:d0:de:cb:6b:09:af:1b:31:17:
91:6c:51:b6:ea:4a:be:66:f9:7e:07:f2:b2:9d:fd:
67:08:aa:a9:a1:05:c7:89:a5:e1:62:d9:91:cd:8c:
5e:3b:07:a7:21:1e:fb:28:43:22:af:4c:d1:00:ac:
56:4c:3d:66:c5:76:bd:1e:fb:fd:1b:ee:5b:49:a0:
bf:6c:21:be:43:34:47:5d:5a:7b:04:0d:44:16:11:
fb:3f:32:14:8c:13:9d:d2:77:c6:66:20:6f:7d:a4:
b4:ef:c5:ca:81:1f:77:46:dd:c3:65:01:9f:8f:72:
c0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:18:FF:C9:EF:6C:13:17:95:53:4A:7A:54:37:52:82:65:39:FB:9C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dhj_ye9sExeVU0p6VDdSgmU5-5w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
14:d7:c5:7a:3e:ec:48:43:fc:c7:55:21:c2:4b:b8:01:cd:a7:
9e:32:28:c7:d6:30:f5:b1:3d:46:d5:d9:1a:35:1e:6a:44:31:
be:8d:c0:00:14:0e:a1:fd:02:94:f1:b9:3f:90:74:3b:6c:34:
e5:f3:cd:d8:94:a4:03:98:05:bd:57:f5:ac:c0:31:4e:e6:4e:
ed:6b:73:e1:41:3b:0e:d6:57:a4:87:bd:c7:9e:cf:18:7a:72:
6a:24:fa:dc:a7:97:26:65:87:ae:66:5f:8b:73:c8:b6:d1:3b:
18:50:b1:ac:2c:92:b1:91:9e:84:f5:ef:94:1c:27:d2:ec:60:
11:bd:ad:c4:c2:03:2c:15:25:0a:b8:9a:e0:14:7b:ab:49:fb:
dc:73:29:1f:a1:dd:c9:9f:37:f3:b5:5c:60:30:9e:01:d5:34:
08:7a:cb:92:ed:1a:4e:ca:09:bf:1b:a2:a6:13:b6:81:52:40:
95:96:cd:08:e8:cd:21:ac:f1:20:05:41:cd:da:0a:55:5e:c1:
c8:d6:e9:25:34:c2:79:b8:ff:05:60:65:d0:c6:4b:d4:54:91:
ec:84:09:96:2b:77:d0:a0:0f:b6:0d:ef:da:08:90:04:15:4b:
8a:fe:81:80:3c:50:f2:5d:97:54:76:29:80:14:a6:81:6c:6d:
f3:e6:82:b7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNzowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIw
NTIyMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc2MThGRkM5RUY2QzEz
MTc5NTUzNEE3QTU0Mzc1MjgyNjUzOUZCOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtsfHIE6cHitfyATRf02lDhXEQIu/3T6uFJNiZgHH8gFlVt9ut
H65jDe4XWM1TzYIgc5brEdnMujiiz0oGJ3hPesU1NMLwC4YuMLMFZ4Tfw32NCudD
menkFIlMXJoU92cowVQ9hv+/SNXZTK+adlinWUmnl4G+OVcZQTD4rAsXXfbtcH1j
EhZ9lHUL3NDey2sJrxsxF5FsUbbqSr5m+X4H8rKd/WcIqqmhBceJpeFi2ZHNjF47
B6chHvsoQyKvTNEArFZMPWbFdr0e+/0b7ltJoL9sIb5DNEddWnsEDUQWEfs/MhSM
E53Sd8ZmIG99pLTvxcqBH3dG3cNlAZ+PcsADAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdhj/ye9sExeVU0p6VDdSgmU5+5wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Roal95ZTlzRXhlVlUw
cDZWRGRTZ21VNS01dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAFNfFej7sSEP8x1Uhwku4Ac2nnjIox9Yw
9bE9RtXZGjUeakQxvo3AABQOof0ClPG5P5B0O2w05fPN2JSkA5gFvVf1rMAxTuZO
7Wtz4UE7DtZXpIe9x57PGHpyaiT63KeXJmWHrmZfi3PIttE7GFCxrCySsZGehPXv
lBwn0uxgEb2txMIDLBUlCria4BR7q0n73HMpH6HdyZ8387VcYDCeAdU0CHrLku0a
TsoJvxuiphO2gVJAlZbNCOjNIazxIAVBzdoKVV7ByNbpJTTCebj/BWBl0MZL1FSR
7IQJlit30KAPtg3v2giQBBVLiv6BgDxQ8l2XVHYpgBSmgWxt8+aCtw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:57 2024 by rpki-client on console-ams.rpki-client.org