Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fXH54mfhaxklGPCRxFsAHwwojDU.roa
File: fXH54mfhaxklGPCRxFsAHwwojDU.roa (raw, json)
Hash identifier: Kj6Zxq7O8nlN21gEhUhka9lskCv5YEs2FM2gcz6f1+0=
Subject key identifier: 7D:71:F9:E2:67:E1:6B:19:25:18:F0:91:C4:5B:00:1F:0C:28:8C:35
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 48CE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fXH54mfhaxklGPCRxFsAHwwojDU.roa
Signing time: Thu 25 Apr 2024 15:53:20 +0000
ROA not before: Thu 25 Apr 2024 15:53:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18638 (0x48ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 15:53:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7D71F9E267E16B192518F091C45B001F0C288C35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1b:1a:ac:3b:be:ef:61:b6:68:09:83:50:01:
8f:dd:ae:f2:71:fe:d7:33:f7:89:fb:21:d6:27:47:
a3:e7:57:59:d7:e8:bf:65:5d:5c:04:83:07:7a:32:
54:df:9c:bc:96:2c:8f:bb:35:81:bf:5b:35:9c:03:
01:2a:ab:fc:ea:3c:2f:5a:94:59:85:8e:7b:e8:87:
71:5d:7d:97:db:8f:5b:e3:64:0a:17:eb:51:01:88:
25:5e:32:ba:37:95:81:50:85:fe:19:70:7e:50:d6:
c7:a9:08:fd:f4:a3:56:52:2a:18:c0:ad:f3:f8:a3:
61:43:af:1e:ae:ae:d3:79:81:e0:6a:49:7e:38:78:
42:61:19:61:a8:36:cf:7c:61:93:2a:82:e8:d0:09:
43:a4:e2:3f:b0:3d:c8:c6:a4:7e:63:1d:fd:8c:0c:
bb:ca:59:d1:57:ce:72:91:21:58:3a:a5:68:7f:bc:
04:66:7b:89:8d:2e:07:0f:c3:0b:d1:16:66:e3:16:
3e:5e:6d:2f:d6:b3:98:46:50:f5:8e:56:cc:25:47:
39:d2:61:4e:f8:91:70:27:24:ee:c1:af:c7:4d:29:
79:ce:e0:75:5b:64:79:69:29:ac:b3:4e:03:19:f8:
25:c9:7e:d6:d4:81:2a:5c:7d:2a:a9:4a:0f:48:18:
0b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:71:F9:E2:67:E1:6B:19:25:18:F0:91:C4:5B:00:1F:0C:28:8C:35
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fXH54mfhaxklGPCRxFsAHwwojDU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:9b:cf:fa:8b:11:08:15:e3:00:0e:67:79:70:cd:fc:24:96:
c3:77:ba:ab:59:6d:f7:c4:fd:7a:de:3c:e6:d0:83:98:99:42:
34:ee:c8:92:7d:2a:ad:0e:10:1b:0a:5e:91:16:fd:c7:e7:35:
dd:f4:f3:16:34:19:74:03:1f:d1:10:e2:85:76:ff:ad:0a:b4:
ee:b0:cf:44:d6:c5:5a:1a:32:9f:74:c6:8f:51:ee:11:a0:f6:
4a:25:e8:07:71:7d:17:df:45:9c:28:fa:3f:f6:20:78:72:52:
e3:55:03:35:ba:f8:39:c4:51:b7:ad:4b:cc:2f:87:eb:1c:85:
04:b2:50:96:bb:82:81:76:a3:7b:0e:b0:b1:e1:74:cb:16:a1:
61:ac:e7:18:e0:fd:ff:7a:dc:d0:20:58:44:5d:2e:79:94:92:
fd:85:47:36:97:f4:00:a3:4b:20:e9:50:16:74:00:5a:6f:1d:
00:74:f5:4e:66:4f:f8:50:22:d9:f9:a4:b2:fd:5c:a5:f2:68:
05:84:48:48:aa:2e:eb:8c:94:e5:af:96:aa:2f:12:d8:64:fa:
e7:ae:32:21:6b:f4:ae:60:d8:64:82:cd:67:ca:9f:8d:29:f5:
d1:bb:ac:ac:b6:dc:f6:05:be:6e:89:26:20:cf:a3:78:71:9c:
05:49:5d:c5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSM4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUx
NTUzMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdENzFGOUUyNjdFMTZC
MTkyNTE4RjA5MUM0NUIwMDFGMEMyODhDMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+GxqsO77vYbZoCYNQAY/drvJx/tcz94n7IdYnR6PnV1nX6L9l
XVwEgwd6MlTfnLyWLI+7NYG/WzWcAwEqq/zqPC9alFmFjnvoh3FdfZfbj1vjZAoX
61EBiCVeMro3lYFQhf4ZcH5Q1sepCP30o1ZSKhjArfP4o2FDrx6urtN5geBqSX44
eEJhGWGoNs98YZMqgujQCUOk4j+wPcjGpH5jHf2MDLvKWdFXznKRIVg6pWh/vARm
e4mNLgcPwwvRFmbjFj5ebS/Ws5hGUPWOVswlRznSYU74kXAnJO7Br8dNKXnO4HVb
ZHlpKayzTgMZ+CXJftbUgSpcfSqpSg9IGAs1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUfXH54mfhaxklGPCRxFsAHwwojDUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ZYSDU0bWZoYXhrbEdQ
Q1J4RnNBSHd3b2pEVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAFpvP+osRCBXjAA5neXDN/CSWw3e6q1lt
98T9et485tCDmJlCNO7Ikn0qrQ4QGwpekRb9x+c13fTzFjQZdAMf0RDihXb/rQq0
7rDPRNbFWhoyn3TGj1HuEaD2SiXoB3F9F99FnCj6P/YgeHJS41UDNbr4OcRRt61L
zC+H6xyFBLJQlruCgXajew6wseF0yxahYaznGOD9/3rc0CBYRF0ueZSS/YVHNpf0
AKNLIOlQFnQAWm8dAHT1TmZP+FAi2fmksv1cpfJoBYRISKou64yU5a+Wqi8S2GT6
564yIWv0rmDYZILNZ8qfjSn10busrLbc9gW+bokmIM+jeHGcBUldxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:38 2024 by rpki-client on console-fra.rpki-client.org