Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/f5elPEwsrnH2LruGDKfP_zXnDDE.roa
File: f5elPEwsrnH2LruGDKfP_zXnDDE.roa (raw, json)
Hash identifier: Cz5ux1m6DJhm4+GFzVx7jdhwAWS01oMY6dqBnNVxmtg=
Subject key identifier: 7F:97:A5:3C:4C:2C:AE:71:F6:2E:BB:86:0C:A7:CF:FF:35:E7:0C:31
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F42
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/f5elPEwsrnH2LruGDKfP_zXnDDE.roa
Signing time: Sat 04 May 2024 06:23:52 +0000
ROA not before: Sat 04 May 2024 06:23:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20290 (0x4f42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 06:23:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7F97A53C4C2CAE71F62EBB860CA7CFFF35E70C31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b5:c4:f9:23:a4:74:d9:26:dc:8e:2f:0e:7d:
ac:41:42:ac:8f:3d:8f:10:8f:c2:40:56:a3:d5:63:
20:c3:d0:ad:da:54:ac:f5:c2:7f:d2:9b:cb:c3:51:
49:57:8f:d5:ac:34:04:55:c5:a4:3f:93:b9:a4:09:
a6:d4:c7:fa:5e:34:6d:7f:6c:35:3e:8b:1a:3e:b4:
4c:80:3b:e5:49:72:42:5c:71:29:79:cd:80:ac:4d:
5b:47:23:6a:31:ee:1b:49:24:09:96:bf:f5:33:6c:
af:87:6b:29:e4:7e:7a:3c:3a:93:af:61:74:25:91:
26:5f:6c:7d:ae:ca:1b:40:8d:48:ab:c2:c8:5e:27:
91:e7:7d:55:e3:a6:ff:ce:e2:5a:8e:a5:b3:d4:07:
2b:75:1e:a9:46:4a:32:66:5b:0f:c1:c6:f1:6a:73:
74:d5:57:0c:ef:e6:f4:5c:b8:47:44:12:d2:bf:bb:
98:86:f5:6e:9e:e0:8c:e2:1b:1e:ee:17:3d:85:f1:
cf:d6:30:25:33:9f:e9:05:e3:34:eb:23:0f:c6:f0:
c0:dc:04:19:10:24:25:b2:d7:6e:96:54:46:f2:ea:
3f:66:ee:f9:4d:c6:3e:8b:1d:5b:ec:a9:75:a5:5a:
03:07:72:c6:a7:5a:53:d0:5d:5c:c4:98:32:dd:56:
a7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:97:A5:3C:4C:2C:AE:71:F6:2E:BB:86:0C:A7:CF:FF:35:E7:0C:31
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/f5elPEwsrnH2LruGDKfP_zXnDDE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:bd:7a:ec:2b:ab:f0:c3:6e:77:86:36:cc:c2:b6:64:2c:63:
26:c9:0d:20:a2:a2:b1:57:99:fa:b3:ed:f7:c0:9e:ab:3b:9a:
99:96:75:d2:8a:2a:65:49:67:e9:46:75:33:0a:8a:d6:bd:2e:
34:42:38:87:09:e6:18:bf:d9:1e:51:7c:b2:f1:74:c3:7b:96:
db:d7:05:7e:d9:68:7f:f9:47:21:3d:b1:e3:d5:fe:37:7e:d4:
d4:b9:d9:0f:52:79:4c:16:6f:df:01:13:e2:5c:a3:92:7d:94:
be:1d:bb:81:88:83:4f:91:60:a8:f5:29:bc:00:a2:8e:85:d9:
da:d2:8b:02:aa:b7:3a:97:12:ae:3f:9e:d8:0f:1b:06:b5:ef:
8c:86:d5:f1:4f:db:c4:a3:fc:95:47:cd:47:27:c4:70:c6:4a:
ef:5e:10:24:41:8b:eb:90:f7:e9:e1:ff:1b:c0:df:bc:84:51:
41:5b:a1:26:83:10:94:72:84:8b:41:4b:ec:d7:79:4b:95:2d:
24:63:6e:47:60:df:16:da:37:79:2a:88:f4:ce:85:75:78:c8:
6e:bc:f8:36:c5:22:bc:a3:75:fc:66:d7:69:a8:e6:c1:b2:02:
cb:3d:12:9c:a2:83:e6:23:83:62:7f:85:1b:fc:81:ea:b9:89:
08:a0:a7:f5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICT0IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQw
NjIzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdGOTdBNTNDNEMyQ0FF
NzFGNjJFQkI4NjBDQTdDRkZGMzVFNzBDMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLtcT5I6R02Sbcji8OfaxBQqyPPY8Qj8JAVqPVYyDD0K3aVKz1
wn/Sm8vDUUlXj9WsNARVxaQ/k7mkCabUx/peNG1/bDU+ixo+tEyAO+VJckJccSl5
zYCsTVtHI2ox7htJJAmWv/UzbK+Haynkfno8OpOvYXQlkSZfbH2uyhtAjUirwshe
J5HnfVXjpv/O4lqOpbPUByt1HqlGSjJmWw/BxvFqc3TVVwzv5vRcuEdEEtK/u5iG
9W6e4IziGx7uFz2F8c/WMCUzn+kF4zTrIw/G8MDcBBkQJCWy126WVEby6j9m7vlN
xj6LHVvsqXWlWgMHcsanWlPQXVzEmDLdVqe3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUf5elPEwsrnH2LruGDKfP/zXnDDEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Y1ZWxQRXdzcm5IMkxy
dUdES2ZQX3pYbkRERS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAVL167Cur8MNud4Y2zMK2ZCxjJskNIKKi
sVeZ+rPt98CeqzuamZZ10ooqZUln6UZ1MwqK1r0uNEI4hwnmGL/ZHlF8svF0w3uW
29cFftlof/lHIT2x49X+N37U1LnZD1J5TBZv3wET4lyjkn2Uvh27gYiDT5FgqPUp
vACijoXZ2tKLAqq3OpcSrj+e2A8bBrXvjIbV8U/bxKP8lUfNRyfEcMZK714QJEGL
65D36eH/G8DfvIRRQVuhJoMQlHKEi0FL7Nd5S5UtJGNuR2DfFto3eSqI9M6FdXjI
brz4NsUivKN1/GbXaajmwbICyz0SnKKD5iODYn+FG/yB6rmJCKCn9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:38 2024 by rpki-client on console-fra.rpki-client.org