Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hVOqs4jkMKtXkSFZYeGyxMoNdoA.roa
File: hVOqs4jkMKtXkSFZYeGyxMoNdoA.roa (raw, json)
Hash identifier: yUFRbX4gW0Vg67sscj2h7aEH7PhXx9i0NoMnwQsXHfQ=
Subject key identifier: 85:53:AA:B3:88:E4:30:AB:57:91:21:59:61:E1:B2:C4:CA:0D:76:80
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F82
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hVOqs4jkMKtXkSFZYeGyxMoNdoA.roa
Signing time: Sat 04 May 2024 14:23:48 +0000
ROA not before: Sat 04 May 2024 14:23:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20354 (0x4f82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 14:23:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8553AAB388E430AB5791215961E1B2C4CA0D7680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9e:bd:a4:6c:f9:71:d4:73:38:00:f3:97:fc:
9a:12:88:02:3d:46:c0:28:f4:b0:fd:f0:27:29:f8:
e9:56:2b:22:70:a9:d0:f4:9d:79:f1:64:41:e5:0f:
d6:b4:7c:a8:83:41:53:6a:b7:6e:f8:91:d5:12:4c:
38:af:35:c1:43:89:f2:47:7e:5d:eb:1e:09:32:ed:
73:8c:f6:66:35:2a:9a:18:44:86:19:09:2a:70:eb:
72:4b:84:78:2f:d2:3a:68:dc:0d:3d:55:2e:95:b5:
7b:04:e5:d8:94:c4:e8:55:5c:b7:67:bb:8b:a8:0e:
c0:9e:65:2b:e1:af:95:e1:af:ed:8c:63:51:1a:07:
bc:26:79:b4:02:53:a3:a3:4b:10:45:55:43:d8:21:
4f:c2:07:d5:82:4f:8b:ab:dd:45:54:1c:00:6d:9f:
31:23:bd:1b:60:ab:21:be:dd:e9:7e:56:82:3e:10:
9f:4d:29:e1:e9:99:5e:e7:e5:54:e3:ff:0f:b9:89:
5c:fa:a9:44:38:4e:04:9a:31:3f:ee:ed:d7:42:48:
87:96:32:7d:ed:63:ab:e7:61:09:ec:a3:63:5b:b4:
2d:4d:0d:52:53:61:9a:7b:17:ea:2f:36:b0:e6:1f:
aa:e7:ab:f1:49:bc:d6:3b:87:0a:c5:d7:7d:95:be:
39:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:53:AA:B3:88:E4:30:AB:57:91:21:59:61:E1:B2:C4:CA:0D:76:80
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hVOqs4jkMKtXkSFZYeGyxMoNdoA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:00:c2:ee:fd:ac:f1:31:c0:1e:6f:f1:0d:32:c2:1c:b1:15:
43:43:84:5d:66:b5:b5:cf:2c:4e:7b:60:d9:54:09:75:1c:3a:
6d:24:57:3c:ef:ad:4e:97:26:35:8d:e6:f6:87:8c:24:fa:95:
2a:7b:28:42:41:ee:c5:8a:4e:26:96:ea:1c:9d:ad:41:2d:6d:
a4:d0:88:42:c0:68:cf:75:ec:bb:b5:7a:6d:b7:a2:18:48:37:
0c:0f:05:05:02:b7:f2:e5:9e:c3:08:c5:b1:6a:e6:c8:62:ec:
f7:5c:0e:45:a8:d2:8c:1a:e7:f8:fe:7e:f1:ed:c8:bc:37:ea:
22:b3:c8:3f:01:2e:bf:e6:5c:25:40:e6:80:85:9c:36:5b:fb:
cb:48:fa:17:da:e4:e3:8f:26:d3:7c:a5:b7:09:2e:51:08:c3:
12:8c:57:0a:16:1c:94:ed:fa:6f:7b:06:5a:b0:0d:a5:ee:b6:
32:3a:85:75:37:19:1c:32:8d:f3:a9:ea:a4:15:28:48:d2:f2:
f5:37:59:b3:c4:3d:4a:52:18:7e:50:3b:e2:84:9a:e9:54:bc:
5b:1b:d1:f6:9f:e9:95:1b:71:06:9a:3b:3a:e4:57:10:0b:a9:
ce:83:7e:4d:72:6c:b4:28:66:b3:90:be:b4:02:c4:83:16:6a:
72:a8:b6:f5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICT4IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQx
NDIzNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg1NTNBQUIzODhFNDMw
QUI1NzkxMjE1OTYxRTFCMkM0Q0EwRDc2ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5nr2kbPlx1HM4APOX/JoSiAI9RsAo9LD98Ccp+OlWKyJwqdD0
nXnxZEHlD9a0fKiDQVNqt274kdUSTDivNcFDifJHfl3rHgky7XOM9mY1KpoYRIYZ
CSpw63JLhHgv0jpo3A09VS6VtXsE5diUxOhVXLdnu4uoDsCeZSvhr5Xhr+2MY1Ea
B7wmebQCU6OjSxBFVUPYIU/CB9WCT4ur3UVUHABtnzEjvRtgqyG+3el+VoI+EJ9N
KeHpmV7n5VTj/w+5iVz6qUQ4TgSaMT/u7ddCSIeWMn3tY6vnYQnso2NbtC1NDVJT
YZp7F+ovNrDmH6rnq/FJvNY7hwrF132VvjmnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhVOqs4jkMKtXkSFZYeGyxMoNdoAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hWT3FzNGprTUt0WGtT
RlpZZUd5eE1vTmRvQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEATADC7v2s8THAHm/xDTLCHLEVQ0OEXWa1
tc8sTntg2VQJdRw6bSRXPO+tTpcmNY3m9oeMJPqVKnsoQkHuxYpOJpbqHJ2tQS1t
pNCIQsBoz3Xsu7V6bbeiGEg3DA8FBQK38uWewwjFsWrmyGLs91wORajSjBrn+P5+
8e3IvDfqIrPIPwEuv+ZcJUDmgIWcNlv7y0j6F9rk448m03yltwkuUQjDEoxXChYc
lO36b3sGWrANpe62MjqFdTcZHDKN86nqpBUoSNLy9TdZs8Q9SlIYflA74oSa6VS8
WxvR9p/plRtxBpo7OuRXEAupzoN+TXJstChms5C+tALEgxZqcqi29Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:02 2024 by rpki-client on console-ams.rpki-client.org