Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hR7dP9gyxT9bwfcp522cZgSm1yY.roa
File: hR7dP9gyxT9bwfcp522cZgSm1yY.roa (raw, json)
Hash identifier: 1ZzTLHkvvZxMzeR/Uo3WRk8WiIULnsTNFZYFgrNJzBE=
Subject key identifier: 85:1E:DD:3F:D8:32:C5:3F:5B:C1:F7:29:E7:6D:9C:66:04:A6:D7:26
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 32DE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hR7dP9gyxT9bwfcp522cZgSm1yY.roa
Signing time: Wed 27 Mar 2024 09:52:06 +0000
ROA not before: Wed 27 Mar 2024 09:52:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13022 (0x32de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 09:52:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=851EDD3FD832C53F5BC1F729E76D9C6604A6D726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b3:cf:f0:94:e5:fc:04:b5:86:6a:e4:9b:d6:
4c:99:35:bf:79:75:92:ba:d7:1e:df:36:56:72:ed:
23:ba:30:df:7a:e9:5d:db:a1:17:dd:44:b8:be:1e:
b2:04:73:fd:8f:e1:5c:d1:9d:3c:4f:1c:64:a0:49:
60:4e:2b:73:45:d3:06:1d:a0:ac:55:85:bc:c6:45:
97:6c:c3:e7:90:12:d9:fe:89:6b:0c:f0:34:ba:2b:
a4:a7:28:f7:d3:5e:f2:f2:f5:a6:88:fd:db:48:12:
80:c1:fe:05:69:59:38:7a:d5:34:ec:f7:bb:d1:ee:
1c:ec:03:8d:45:c5:91:4e:c0:91:67:04:0a:1a:a9:
05:ce:70:5b:82:22:0b:09:79:22:66:23:99:f3:f4:
f7:93:d3:82:17:2d:aa:4c:66:07:ac:70:d5:64:2a:
9f:0c:51:dc:4a:97:14:9e:ee:c8:3a:f1:3c:40:81:
e4:69:90:94:69:c0:c6:93:d5:52:9f:b2:77:28:0c:
d3:cd:48:ef:bc:44:38:87:b3:f1:1f:da:3c:7b:8b:
12:dc:a1:3a:a5:44:cd:f3:a0:6b:71:9e:87:fd:f9:
a8:49:1b:83:84:3e:a7:85:ed:b8:53:ef:6d:f0:4f:
13:5c:c3:c5:9d:67:6d:dc:f3:b8:0c:70:77:f8:91:
5b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:1E:DD:3F:D8:32:C5:3F:5B:C1:F7:29:E7:6D:9C:66:04:A6:D7:26
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hR7dP9gyxT9bwfcp522cZgSm1yY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:41:19:48:d5:17:81:99:f0:5d:ea:b4:c3:cd:3f:d2:fb:f9:
5b:e2:b3:4d:00:4c:70:43:3a:33:f0:c1:6a:3a:9e:6c:41:d1:
85:5e:b5:aa:bd:a3:59:00:f3:2f:75:df:80:32:57:4e:f7:98:
4d:f2:d7:f0:e6:d6:c7:a7:d0:52:a1:27:6f:91:3e:c3:81:63:
ae:a9:ef:c0:9c:af:6c:34:07:62:8f:a0:65:17:c2:b2:86:c6:
01:59:e8:95:8c:90:22:d6:f5:79:1f:63:32:03:20:31:a1:ba:
4c:c9:1d:3b:3b:51:7a:35:da:99:cb:4f:ca:df:9c:12:39:10:
66:27:b8:4e:13:bd:7f:7b:80:bd:9e:20:d3:7e:04:d1:bf:2a:
73:c1:ff:6c:ca:4d:be:92:27:23:54:0e:e2:66:ba:12:8a:18:
33:54:55:90:09:a8:ef:67:24:ea:89:3f:f0:f6:88:77:37:fa:
f3:fc:cc:db:d2:7d:f3:fe:a6:f2:2c:e1:7d:ab:55:9e:30:50:
47:a9:b4:53:b3:29:e6:ce:2c:20:ac:bd:64:82:db:7d:d3:bc:
32:fb:8c:4b:91:b6:72:68:c2:68:f0:fe:21:66:20:e8:f4:4f:
00:04:5e:f6:01:5e:04:c6:21:bd:3c:e1:79:31:ff:aa:1e:b9:
d4:39:19:11
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICMt4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcw
OTUyMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg1MUVERDNGRDgzMkM1
M0Y1QkMxRjcyOUU3NkQ5QzY2MDRBNkQ3MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUs8/wlOX8BLWGauSb1kyZNb95dZK61x7fNlZy7SO6MN966V3b
oRfdRLi+HrIEc/2P4VzRnTxPHGSgSWBOK3NF0wYdoKxVhbzGRZdsw+eQEtn+iWsM
8DS6K6SnKPfTXvLy9aaI/dtIEoDB/gVpWTh61TTs97vR7hzsA41FxZFOwJFnBAoa
qQXOcFuCIgsJeSJmI5nz9PeT04IXLapMZgescNVkKp8MUdxKlxSe7sg68TxAgeRp
kJRpwMaT1VKfsncoDNPNSO+8RDiHs/Ef2jx7ixLcoTqlRM3zoGtxnof9+ahJG4OE
PqeF7bhT723wTxNcw8WdZ23c87gMcHf4kVsZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhR7dP9gyxT9bwfcp522cZgSm1yYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hSN2RQOWd5eFQ5Yndm
Y3A1MjJjWmdTbTF5WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAaEEZSNUXgZnwXeq0w80/0vv5W+KzTQBM
cEM6M/DBajqebEHRhV61qr2jWQDzL3XfgDJXTveYTfLX8ObWx6fQUqEnb5E+w4Fj
rqnvwJyvbDQHYo+gZRfCsobGAVnolYyQItb1eR9jMgMgMaG6TMkdOztRejXamctP
yt+cEjkQZie4ThO9f3uAvZ4g034E0b8qc8H/bMpNvpInI1QO4ma6EooYM1RVkAmo
72ck6ok/8PaIdzf68/zM29J98/6m8izhfatVnjBQR6m0U7Mp5s4sIKy9ZILbfdO8
MvuMS5G2cmjCaPD+IWYg6PRPAARe9gFeBMYhvTzheTH/qh651DkZEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:40 2024 by rpki-client on console-fra.rpki-client.org