Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ePAiZoF5htCEp9fCuc9WtZDzxe0.roa
File: ePAiZoF5htCEp9fCuc9WtZDzxe0.roa (raw, json)
Hash identifier: o2mHcCBdwaF5w5C3eqXVOw8dnPISovIPJju9wmbMvs4=
Subject key identifier: 78:F0:22:66:81:79:86:D0:84:A7:D7:C2:B9:CF:56:B5:90:F3:C5:ED
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 415A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ePAiZoF5htCEp9fCuc9WtZDzxe0.roa
Signing time: Mon 15 Apr 2024 17:22:54 +0000
ROA not before: Mon 15 Apr 2024 17:22:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16730 (0x415a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 17:22:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=78F02266817986D084A7D7C2B9CF56B590F3C5ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0e:48:37:9f:b2:ed:dc:11:c5:35:5d:67:26:
87:19:1a:e7:e0:e3:48:88:f2:20:ce:69:1a:61:b5:
e1:03:65:0a:d5:65:ba:4f:64:45:36:a1:ed:06:c1:
dd:8b:d9:86:c5:3f:85:a1:46:19:6f:2c:81:48:e5:
7a:3d:7d:03:f8:06:3b:a3:38:b2:2d:60:3f:b2:85:
58:57:d2:98:df:af:a5:64:8d:cd:01:9c:c9:96:a3:
84:eb:d5:62:f4:01:39:ef:25:27:5c:15:86:38:49:
fe:71:d9:0f:3a:73:a7:86:ef:0a:30:c7:8a:ed:95:
c9:68:cc:da:5b:4f:19:b3:5c:9f:98:c9:3a:1b:d4:
6b:d8:12:8e:45:d6:d5:c0:5b:fb:64:1a:ea:2e:48:
44:19:80:26:6a:69:7d:71:a2:fe:96:a2:a1:74:bf:
52:8d:a2:b0:fc:94:05:93:53:39:b3:17:8d:e4:56:
e4:d7:ad:63:17:e9:7b:ac:bb:9a:29:db:ed:b6:53:
67:e4:cf:fb:b7:4b:11:93:43:89:f5:e8:fd:32:65:
a0:4b:ba:0c:bd:dc:cc:06:c8:f2:67:cd:46:9d:17:
fc:ae:c2:84:41:43:68:be:a7:08:f8:93:2e:6a:f9:
ed:56:9d:51:2d:80:94:81:07:80:3b:ce:bc:77:ca:
61:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F0:22:66:81:79:86:D0:84:A7:D7:C2:B9:CF:56:B5:90:F3:C5:ED
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ePAiZoF5htCEp9fCuc9WtZDzxe0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:2b:dd:3b:49:da:6a:d2:55:b6:c0:ce:ec:96:11:b1:d2:9a:
7e:cc:f4:89:6c:0a:10:11:57:93:2b:52:33:93:3d:e6:b1:68:
75:5d:ef:ed:a4:d9:a1:69:05:c0:f8:7f:75:5b:e5:d3:7c:43:
0f:57:21:50:43:f9:23:53:68:57:c2:94:33:1b:47:2a:4a:7e:
f8:ec:b1:12:ec:37:16:91:f3:84:d4:d7:47:28:1c:ff:b9:86:
93:28:72:76:f9:17:a6:67:da:5b:2c:91:87:8a:d1:aa:29:88:
13:db:44:c8:1d:01:3a:14:00:e7:24:d9:ac:c7:56:37:bc:88:
db:49:9a:2d:85:a9:de:e2:46:4d:16:a6:50:ee:7e:55:48:0c:
53:c5:2a:44:86:a6:58:13:f7:40:c6:a7:4d:29:f6:8b:3c:c4:
a0:47:ae:45:db:7e:99:8f:cd:04:82:3b:46:1c:8f:fa:0a:76:
3b:b2:6c:20:05:a9:30:88:33:aa:de:7d:a3:f7:3f:c2:2e:5c:
39:0b:01:00:3a:37:7c:29:e4:f4:51:3e:2b:5f:37:6f:80:d3:
87:d3:28:f4:92:34:46:b1:5d:93:da:a8:cd:af:9d:62:ca:89:
2b:63:d0:a9:2a:5b:65:d0:30:02:3f:28:e0:a2:11:74:af:6e:
64:2e:b2:6e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUx
NzIyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc4RjAyMjY2ODE3OTg2
RDA4NEE3RDdDMkI5Q0Y1NkI1OTBGM0M1RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWDkg3n7Lt3BHFNV1nJocZGufg40iI8iDOaRphteEDZQrVZbpP
ZEU2oe0Gwd2L2YbFP4WhRhlvLIFI5Xo9fQP4BjujOLItYD+yhVhX0pjfr6Vkjc0B
nMmWo4Tr1WL0ATnvJSdcFYY4Sf5x2Q86c6eG7wowx4rtlclozNpbTxmzXJ+YyTob
1GvYEo5F1tXAW/tkGuouSEQZgCZqaX1xov6WoqF0v1KNorD8lAWTUzmzF43kVuTX
rWMX6Xusu5op2+22U2fkz/u3SxGTQ4n16P0yZaBLugy93MwGyPJnzUadF/yuwoRB
Q2i+pwj4ky5q+e1WnVEtgJSBB4A7zrx3ymEDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUePAiZoF5htCEp9fCuc9WtZDzxe0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VQQWlab0Y1aHRDRXA5
ZkN1YzlXdFpEenhlMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKSvdO0naatJVtsDO7JYRsdKafsz0iWwK
EBFXkytSM5M95rFodV3v7aTZoWkFwPh/dVvl03xDD1chUEP5I1NoV8KUMxtHKkp+
+OyxEuw3FpHzhNTXRygc/7mGkyhydvkXpmfaWyyRh4rRqimIE9tEyB0BOhQA5yTZ
rMdWN7yI20maLYWp3uJGTRamUO5+VUgMU8UqRIamWBP3QManTSn2izzEoEeuRdt+
mY/NBII7RhyP+gp2O7JsIAWpMIgzqt59o/c/wi5cOQsBADo3fCnk9FE+K183b4DT
h9Mo9JI0RrFdk9qoza+dYsqJK2PQqSpbZdAwAj8o4KIRdK9uZC6ybg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:58 2024 by rpki-client on console-ams.rpki-client.org