Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hcxcxPApRm8JcTkKEfkGLeKxxDw.roa
File: hcxcxPApRm8JcTkKEfkGLeKxxDw.roa (raw, json)
Hash identifier: 1qk9YFeie5IrGzKWtN+6iA6zxCzVFMA1RiamrtHtlTY=
Subject key identifier: 85:CC:5C:C4:F0:29:46:6F:09:71:39:0A:11:F9:06:2D:E2:B1:C4:3C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 373E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hcxcxPApRm8JcTkKEfkGLeKxxDw.roa
Signing time: Tue 02 Apr 2024 05:52:17 +0000
ROA not before: Tue 02 Apr 2024 05:52:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14142 (0x373e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 05:52:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=85CC5CC4F029466F0971390A11F9062DE2B1C43C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:55:f2:ba:4b:2c:21:52:dc:06:c9:2b:ec:dd:
4c:0e:fa:9c:12:91:76:da:8d:ca:ef:f4:b8:0d:45:
2c:29:9e:14:2b:f7:9c:af:08:de:6e:d2:37:b6:0b:
29:86:fe:15:b5:66:12:ab:3f:b7:7a:41:e9:29:22:
24:1b:b6:c2:52:a9:88:b7:c2:ad:e5:9b:6c:1f:7e:
83:19:b8:b7:d2:56:8b:05:d0:55:c0:88:36:13:13:
2a:14:58:78:11:bc:6f:46:23:ce:96:56:f9:17:9e:
33:aa:49:a5:b1:9f:1e:02:c2:d2:f8:4a:83:70:5d:
c6:d5:ba:0f:b6:b0:79:30:d7:b4:89:f8:09:48:39:
d7:fa:9a:99:18:d4:e7:53:7b:8e:6e:b7:8c:ca:3d:
f3:3f:0a:84:ea:02:60:1b:69:07:fa:f3:a5:3d:2b:
61:95:66:65:c9:74:e1:07:ad:7e:3d:58:3e:93:b2:
dc:62:a6:f4:b6:71:a2:19:87:e1:b5:04:27:20:06:
9d:4b:57:44:3f:fc:2b:37:3f:02:d2:c4:0b:d8:26:
ab:94:e1:8e:a6:e9:8f:4e:a2:6e:ff:d4:a9:fc:fe:
22:9c:f9:d8:ed:2c:80:69:9a:09:d7:ee:34:f0:33:
c8:af:d4:9d:2e:60:eb:47:41:ca:b7:42:7f:7f:9f:
85:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CC:5C:C4:F0:29:46:6F:09:71:39:0A:11:F9:06:2D:E2:B1:C4:3C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hcxcxPApRm8JcTkKEfkGLeKxxDw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:7a:d8:43:6b:b5:2f:42:71:9f:a8:9c:f6:4e:c7:ae:33:b9:
f1:40:60:7e:0f:da:a8:20:a6:5d:1b:e1:a0:1e:c7:28:66:17:
94:fe:40:68:2d:78:78:ee:43:b1:8d:f2:fc:4c:3e:93:92:7f:
e6:b5:5a:ac:f8:12:4b:1f:f0:4e:0b:76:c9:1c:b1:b9:37:e4:
1c:4e:e3:2c:e0:0d:f0:1f:8f:8f:14:42:c1:4e:40:97:e7:25:
d9:6e:c8:02:ce:28:a1:e1:56:46:31:be:de:54:e2:36:26:d7:
c4:93:a4:bb:b4:dc:a5:1e:3e:84:6a:0d:f0:e2:c3:78:8a:08:
93:52:95:44:88:f0:f3:86:0e:0e:dc:88:2b:88:51:86:a8:6f:
37:e7:7b:08:ba:af:f3:2b:e6:05:c8:aa:8c:f9:25:01:84:d3:
c6:be:e9:ae:f4:49:01:39:5d:a5:ee:21:1b:ee:a2:fe:3c:4a:
cd:53:3d:dc:7e:a4:e5:b8:f7:a6:d5:07:8a:fe:29:cd:15:6f:
b0:a1:4c:b6:aa:8a:cb:12:7a:7c:49:bd:f5:25:d9:9b:5b:7e:
8a:c8:93:e1:e3:c5:92:aa:20:7a:86:2d:f9:78:72:a8:ad:75:
82:8f:70:a0:7b:4e:3b:eb:d3:a9:91:43:1c:3a:37:6b:d8:e5:
34:e6:a7:f5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNz4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIw
NTUyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg1Q0M1Q0M0RjAyOTQ2
NkYwOTcxMzkwQTExRjkwNjJERTJCMUM0M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWVfK6SywhUtwGySvs3UwO+pwSkXbajcrv9LgNRSwpnhQr95yv
CN5u0je2CymG/hW1ZhKrP7d6QekpIiQbtsJSqYi3wq3lm2wffoMZuLfSVosF0FXA
iDYTEyoUWHgRvG9GI86WVvkXnjOqSaWxnx4CwtL4SoNwXcbVug+2sHkw17SJ+AlI
Odf6mpkY1OdTe45ut4zKPfM/CoTqAmAbaQf686U9K2GVZmXJdOEHrX49WD6Tstxi
pvS2caIZh+G1BCcgBp1LV0Q//Cs3PwLSxAvYJquU4Y6m6Y9Oom7/1Kn8/iKc+djt
LIBpmgnX7jTwM8iv1J0uYOtHQcq3Qn9/n4UtAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhcxcxPApRm8JcTkKEfkGLeKxxDwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hjeGN4UEFwUm04SmNU
a0tFZmtHTGVLeHhEdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAanrYQ2u1L0Jxn6ic9k7HrjO58UBgfg/a
qCCmXRvhoB7HKGYXlP5AaC14eO5DsY3y/Ew+k5J/5rVarPgSSx/wTgt2yRyxuTfk
HE7jLOAN8B+PjxRCwU5Al+cl2W7IAs4ooeFWRjG+3lTiNibXxJOku7TcpR4+hGoN
8OLDeIoIk1KVRIjw84YODtyIK4hRhqhvN+d7CLqv8yvmBciqjPklAYTTxr7prvRJ
ATldpe4hG+6i/jxKzVM93H6k5bj3ptUHiv4pzRVvsKFMtqqKyxJ6fEm99SXZm1t+
isiT4ePFkqogeoYt+XhyqK11go9woHtOO+vTqZFDHDo3a9jlNOan9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:02 2024 by rpki-client on console-ams.rpki-client.org