Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/h9ofSh00cpqGCG64nJ983oK0oRA.roa
File: h9ofSh00cpqGCG64nJ983oK0oRA.roa (raw, json)
Hash identifier: pXYbWZO62ClHL4B8InydhFniFxz7Y/eRs51XxfGjdFI=
Subject key identifier: 87:DA:1F:4A:1D:34:72:9A:86:08:6E:B8:9C:9F:7C:DE:82:B4:A1:10
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4436
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/h9ofSh00cpqGCG64nJ983oK0oRA.roa
Signing time: Fri 19 Apr 2024 12:53:02 +0000
ROA not before: Fri 19 Apr 2024 12:53:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17462 (0x4436)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 12:53:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=87DA1F4A1D34729A86086EB89C9F7CDE82B4A110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e8:80:95:21:9f:a7:fb:4b:0e:17:5c:16:c1:
13:31:0f:5b:a4:a6:98:79:f6:c5:a7:37:d5:bb:3d:
e4:75:a8:9c:1a:db:e7:18:9c:93:46:6c:c3:55:5e:
9a:4d:3f:ad:6f:1f:7e:40:49:11:85:93:c9:92:ad:
f3:71:6a:88:22:7d:02:e2:1e:28:b2:fe:5d:97:b9:
d2:fe:c3:3a:2f:70:c8:d5:91:97:8b:85:c0:87:1b:
0a:ad:aa:d4:60:68:97:35:ff:33:ad:6b:7a:d3:31:
6b:6a:17:fc:b3:aa:02:59:b7:3c:4f:9b:49:c7:fd:
74:76:3e:6d:b4:6a:0b:47:44:9e:a9:5f:58:97:42:
be:c5:55:7f:a4:7c:aa:44:9f:11:2d:95:76:d1:4d:
2c:99:de:4d:b5:b9:db:2b:e7:41:af:c4:a2:ed:b9:
03:a1:9e:87:24:03:45:a8:53:91:95:67:58:3c:11:
17:0e:48:87:d5:c1:b1:f9:c3:c1:4a:d4:0f:a2:09:
4c:dd:f3:94:d5:9e:91:ee:f5:8a:f5:67:5e:b5:a1:
89:ca:02:38:ad:71:a1:7e:ee:03:a7:d6:e9:30:d1:
8e:0d:4a:15:8d:6e:8d:55:75:90:4f:c9:28:5b:d2:
c2:5b:d6:9b:74:77:76:8e:5e:e3:ac:e7:65:b1:14:
e8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:DA:1F:4A:1D:34:72:9A:86:08:6E:B8:9C:9F:7C:DE:82:B4:A1:10
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/h9ofSh00cpqGCG64nJ983oK0oRA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:4b:85:e1:b9:88:5c:19:79:ea:dc:01:dd:12:fe:67:fe:fc:
32:83:d8:11:cb:97:3f:98:76:ad:8c:82:f5:72:61:3c:ef:f8:
43:01:8e:a6:79:66:ba:bb:cf:5e:95:63:15:c1:62:15:8d:8d:
eb:75:59:d2:83:e7:40:af:c4:8e:99:05:61:ff:1d:87:77:05:
27:70:c4:62:30:a9:7b:29:82:e2:d1:b8:13:96:29:51:92:00:
52:71:a9:07:7d:d1:a3:9d:4e:fe:00:ae:4b:4e:c6:24:fd:28:
c8:ce:44:cb:ea:72:8f:c1:2d:69:21:90:ff:35:c1:64:25:8f:
75:1b:f6:a1:ac:84:da:d4:c6:33:dd:8b:e9:60:7e:7b:8b:ab:
0b:51:a6:88:9e:e2:d7:45:c7:3e:00:df:46:3e:69:f7:00:ec:
2b:88:84:51:57:d0:71:9a:cf:6a:a4:be:2e:5e:0e:44:d9:b2:
4b:d8:de:d4:6b:95:bc:e5:93:8c:98:f7:08:44:bd:af:fa:c4:
f1:fb:04:ef:bb:e5:bd:03:73:17:8b:48:3d:44:6c:97:67:53:
b8:8d:68:d1:4c:b6:41:ce:d7:13:56:a2:0e:59:3c:b0:8f:cf:
bf:f3:0f:47:bb:55:0c:4d:ba:28:ae:de:84:dc:5d:d4:fd:9b:
10:ab:25:5c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRDYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkx
MjUzMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg3REExRjRBMUQzNDcy
OUE4NjA4NkVCODlDOUY3Q0RFODJCNEExMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDM6ICVIZ+n+0sOF1wWwRMxD1ukpph59sWnN9W7PeR1qJwa2+cY
nJNGbMNVXppNP61vH35ASRGFk8mSrfNxaogifQLiHiiy/l2XudL+wzovcMjVkZeL
hcCHGwqtqtRgaJc1/zOta3rTMWtqF/yzqgJZtzxPm0nH/XR2Pm20agtHRJ6pX1iX
Qr7FVX+kfKpEnxEtlXbRTSyZ3k21udsr50GvxKLtuQOhnockA0WoU5GVZ1g8ERcO
SIfVwbH5w8FK1A+iCUzd85TVnpHu9Yr1Z161oYnKAjitcaF+7gOn1ukw0Y4NShWN
bo1VdZBPyShb0sJb1pt0d3aOXuOs52WxFOirAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUh9ofSh00cpqGCG64nJ983oK0oRAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2g5b2ZTaDAwY3BxR0NH
NjRuSjk4M29LMG9SQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEADUuF4bmIXBl56twB3RL+Z/78MoPYEcuX
P5h2rYyC9XJhPO/4QwGOpnlmurvPXpVjFcFiFY2N63VZ0oPnQK/EjpkFYf8dh3cF
J3DEYjCpeymC4tG4E5YpUZIAUnGpB33Ro51O/gCuS07GJP0oyM5Ey+pyj8EtaSGQ
/zXBZCWPdRv2oayE2tTGM92L6WB+e4urC1GmiJ7i10XHPgDfRj5p9wDsK4iEUVfQ
cZrPaqS+Ll4ORNmyS9je1GuVvOWTjJj3CES9r/rE8fsE77vlvQNzF4tIPURsl2dT
uI1o0Uy2Qc7XE1aiDlk8sI/Pv/MPR7tVDE26KK7ehNxd1P2bEKslXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:40 2024 by rpki-client on console-fra.rpki-client.org