Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hAyG87EXmqjAE_JKmsF643ZMvhk.roa
File: hAyG87EXmqjAE_JKmsF643ZMvhk.roa (raw, json)
Hash identifier: EeN7+YNgIg8fNMeqQ7xlIp3eZ1beSEPjRLsmULDMoWY=
Subject key identifier: 84:0C:86:F3:B1:17:9A:A8:C0:13:F2:4A:9A:C1:7A:E3:76:4C:BE:19
Certificate issuer: /CN=510BFE032E8DF5FDEF3BA81C9F09B7D785B9A3A6
Certificate serial: 20DE
Authority key identifier: 51:0B:FE:03:2E:8D:F5:FD:EF:3B:A8:1C:9F:09:B7:D7:85:B9:A3:A6
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UQv-Ay6N9f3vO6gcnwm314W5o6Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hAyG87EXmqjAE_JKmsF643ZMvhk.roa
Signing time: Fri 21 Jan 2022 02:14:10 +0000
ROA not before: Fri 21 Jan 2022 02:14:10 +0000
ROA not after: Fri 27 May 2022 04:59:52 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8414 (0x20de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510BFE032E8DF5FDEF3BA81C9F09B7D785B9A3A6
Validity
Not Before: Jan 21 02:14:10 2022 GMT
Not After : May 27 04:59:52 2022 GMT
Subject: CN=840C86F3B1179AA8C013F24A9AC17AE3764CBE19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ac:e6:bb:51:4b:5b:9b:89:83:12:c2:5d:41:
48:33:17:e2:68:57:b6:0a:28:be:b8:22:5b:63:90:
2e:08:10:0c:ee:ee:58:26:15:be:d1:36:05:af:2f:
06:ac:b2:da:f0:f7:f9:b7:03:d6:89:d6:19:e5:0d:
0d:20:5a:bc:87:ac:63:79:d9:9a:d3:7a:fb:0d:47:
42:74:6d:3a:81:3b:7a:6d:35:11:27:33:57:d2:f1:
c6:2b:94:29:2b:06:be:0b:26:c8:33:9a:33:f0:d5:
3a:a8:c9:bd:d7:97:b1:2d:ce:03:ce:18:53:7e:4f:
00:b9:87:6c:63:97:0d:3c:c5:c9:a0:99:9b:a1:8f:
a7:ae:e8:3e:9b:f8:09:4d:e0:89:40:82:68:a5:74:
b9:e3:c1:bd:81:b5:4d:37:3c:1d:d1:6d:2d:a0:f2:
a9:3b:3b:24:e7:cf:76:84:96:18:4e:5c:79:7e:d6:
59:63:12:bc:5f:2a:3d:58:b8:dd:17:96:2f:1e:28:
fd:60:63:cb:a3:8b:ce:13:2a:f5:8c:56:ad:3d:5a:
e5:eb:73:fe:bc:02:eb:35:ef:9c:84:46:a0:34:b4:
67:89:d7:ac:46:c9:c8:13:4c:34:e0:d5:4f:30:81:
be:b3:61:03:58:a9:db:62:06:d6:b4:66:00:9a:b6:
cd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:0C:86:F3:B1:17:9A:A8:C0:13:F2:4A:9A:C1:7A:E3:76:4C:BE:19
X509v3 Authority Key Identifier:
keyid:51:0B:FE:03:2E:8D:F5:FD:EF:3B:A8:1C:9F:09:B7:D7:85:B9:A3:A6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UQv-Ay6N9f3vO6gcnwm314W5o6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UQv-Ay6N9f3vO6gcnwm314W5o6Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hAyG87EXmqjAE_JKmsF643ZMvhk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:52:1d:a3:63:07:52:ea:20:3b:57:38:72:3e:44:8e:9a:75:
32:7f:f3:7e:e3:a8:14:d4:be:95:be:07:62:e2:c6:de:bf:80:
60:f4:2f:ca:4c:3f:50:ae:7e:e5:2f:dd:80:7e:be:1a:9b:ad:
08:21:b3:dd:c8:7b:d8:e2:42:7c:40:b0:cc:04:77:29:0c:62:
e2:d2:70:7c:bc:cb:4b:49:c8:01:16:b3:a8:f0:ea:09:d4:04:
97:dc:f6:33:de:42:fe:0d:80:9d:36:70:81:db:02:f9:6e:f7:
3d:12:49:8f:c4:23:3d:ba:06:b8:0d:16:a2:7c:38:0f:5c:7e:
69:2b:8e:6d:00:fe:d3:18:cd:80:da:41:49:44:fd:dc:18:81:
f8:b5:ce:5e:1f:54:1c:9e:9f:4e:fa:b3:7b:b6:d6:0f:4d:b1:
12:af:e4:00:90:18:11:c4:52:5e:27:04:b4:b9:0b:3c:a5:8e:
69:16:e5:b6:57:14:3c:45:53:ba:c1:f6:b1:a9:8e:31:97:ab:
b7:87:c1:2a:1a:56:f5:9a:fe:ed:18:50:cf:fd:67:d9:fa:31:
70:47:fb:90:11:40:4b:00:75:f5:9d:38:ea:cb:d2:f2:42:8c:
0d:43:03:01:a1:8f:62:5a:23:79:7a:59:05:71:9f:cd:5a:e5:
c8:6f:a7:ed
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICIN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEw
QkZFMDMyRThERjVGREVGM0JBODFDOUYwOUI3RDc4NUI5QTNBNjAeFw0yMjAxMjEw
MjE0MTBaFw0yMjA1MjcwNDU5NTJaMDMxMTAvBgNVBAMTKDg0MEM4NkYzQjExNzlB
QThDMDEzRjI0QTlBQzE3QUUzNzY0Q0JFMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcrOa7UUtbm4mDEsJdQUgzF+JoV7YKKL64IltjkC4IEAzu7lgm
Fb7RNgWvLwasstrw9/m3A9aJ1hnlDQ0gWryHrGN52ZrTevsNR0J0bTqBO3ptNREn
M1fS8cYrlCkrBr4LJsgzmjPw1Tqoyb3Xl7EtzgPOGFN+TwC5h2xjlw08xcmgmZuh
j6eu6D6b+AlN4IlAgmildLnjwb2BtU03PB3RbS2g8qk7OyTnz3aElhhOXHl+1llj
ErxfKj1YuN0Xli8eKP1gY8uji84TKvWMVq09WuXrc/68Aus175yERqA0tGeJ16xG
ycgTTDTg1U8wgb6zYQNYqdtiBta0ZgCats2vAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhAyG87EXmqjAE/JKmsF643ZMvhkwHwYDVR0jBBgwFoAUUQv+Ay6N9f3vO6gc
nwm314W5o6YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L1VRdi1BeTZOOWYzdk82Z2Nud20zMTRXNW82WS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvVVF2LUF5Nk45ZjN2TzZnY253bTMxNFc1bzZZLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hBeUc4N0VYbXFqQUVf
Skttc0Y2NDNaTXZoay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAJlIdo2MHUuogO1c4cj5Ejpp1Mn/zfuOo
FNS+lb4HYuLG3r+AYPQvykw/UK5+5S/dgH6+GputCCGz3ch72OJCfECwzAR3KQxi
4tJwfLzLS0nIARazqPDqCdQEl9z2M95C/g2AnTZwgdsC+W73PRJJj8QjPboGuA0W
onw4D1x+aSuObQD+0xjNgNpBSUT93BiB+LXOXh9UHJ6fTvqze7bWD02xEq/kAJAY
EcRSXicEtLkLPKWOaRbltlcUPEVTusH2samOMZert4fBKhpW9Zr+7RhQz/1n2fox
cEf7kBFASwB19Z046svS8kKMDUMDAaGPYlojeXpZBXGfzVrlyG+n7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:40 2024 by rpki-client on console-fra.rpki-client.org