Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hgf8NBKbOvUpGM6TbrjP0DDdK1A.roa
File: hgf8NBKbOvUpGM6TbrjP0DDdK1A.roa (raw, json)
Hash identifier: S1Q/+4DTcIsNnRe+ZtMKR6jc04+ke2SMyM2zUItellU=
Subject key identifier: 86:07:FC:34:12:9B:3A:F5:29:18:CE:93:6E:B8:CF:D0:30:DD:2B:50
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 366A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hgf8NBKbOvUpGM6TbrjP0DDdK1A.roa
Signing time: Mon 01 Apr 2024 03:22:12 +0000
ROA not before: Mon 01 Apr 2024 03:22:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13930 (0x366a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 03:22:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8607FC34129B3AF52918CE936EB8CFD030DD2B50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d8:ab:0b:47:1d:1a:42:06:2c:11:66:bd:f7:
98:b4:b6:de:45:4d:9a:79:cf:94:62:e7:04:fa:9c:
91:23:b0:15:48:d7:77:29:ce:e7:1d:db:9c:77:5d:
54:ec:d4:a5:8e:61:77:09:49:d8:44:6e:1b:a9:70:
98:e2:4d:26:65:17:2e:a6:88:ac:25:d0:8d:4e:49:
3a:53:ee:e4:1f:e1:19:c3:83:d5:14:73:8e:b2:49:
da:c3:71:b5:9f:30:9f:ab:ae:c4:65:c4:1f:e2:90:
e0:51:22:e4:04:0c:ff:d6:fb:41:35:fb:e9:c0:79:
39:dd:f4:c4:07:4e:b7:18:1b:bd:5a:cd:b2:bf:de:
4f:95:3e:cb:28:3b:2a:b7:8f:bf:61:8d:47:cd:a5:
23:17:b7:14:03:2a:a5:21:f2:a5:e1:21:fa:1e:9a:
c4:31:a4:2e:93:38:6b:e3:c1:95:d9:2d:82:6d:ee:
7a:3e:41:58:ef:40:b3:d7:2f:61:03:59:54:53:ea:
d8:10:80:15:4d:b6:1e:3f:f9:22:bc:a7:72:65:53:
e2:c7:b5:a5:ea:3b:cc:71:b3:ac:ea:f7:15:c3:09:
92:15:e5:4f:8b:cb:dc:52:e1:ae:b6:33:5a:b9:1e:
f2:95:a7:0a:fc:de:9b:0f:a1:e9:de:59:52:ad:18:
0f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:07:FC:34:12:9B:3A:F5:29:18:CE:93:6E:B8:CF:D0:30:DD:2B:50
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hgf8NBKbOvUpGM6TbrjP0DDdK1A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:31:c1:09:e1:f1:2b:57:70:04:f0:60:2a:5b:c9:0f:d4:0f:
b1:43:78:08:f2:2e:c8:01:4f:25:e9:7f:aa:82:65:ac:ea:74:
60:8d:d4:43:1b:bb:a3:ae:d9:66:d4:f6:c7:8c:49:27:70:c2:
43:1d:b4:db:13:9d:3a:04:b5:63:22:47:f5:9b:70:4c:0a:b9:
5c:06:f7:af:ed:3e:31:b3:8e:37:c0:f5:27:9e:9d:bb:3e:f9:
fe:db:e9:23:81:ca:da:5c:a6:af:74:f4:11:04:bc:5a:27:27:
73:df:89:a9:bb:0a:7d:15:0e:3a:66:30:39:d1:cb:db:9d:df:
f6:d7:ad:c5:3d:e0:72:02:43:5f:0f:a6:9b:c0:69:4e:05:40:
b6:ff:4e:e4:43:6c:67:af:5c:56:89:dc:7b:0c:06:ff:72:c8:
d7:12:4e:5b:93:dd:39:4c:ac:3f:c6:af:a7:67:a2:59:38:11:
40:0f:26:c4:24:10:51:e9:f7:00:c4:bb:6c:05:e4:75:02:8e:
69:ac:ce:9c:24:c6:cb:9c:62:f1:a7:ba:0c:c5:a3:6f:f6:93:
e0:7a:a1:ba:9f:fd:f1:03:02:41:4f:9a:56:41:aa:0d:fe:1b:
25:7e:dc:9d:04:f0:8f:57:e8:ed:c0:b5:79:57:14:d5:d6:cc:
fd:b2:d1:30
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNmowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEw
MzIyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg2MDdGQzM0MTI5QjNB
RjUyOTE4Q0U5MzZFQjhDRkQwMzBERDJCNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH2KsLRx0aQgYsEWa995i0tt5FTZp5z5Ri5wT6nJEjsBVI13cp
zucd25x3XVTs1KWOYXcJSdhEbhupcJjiTSZlFy6miKwl0I1OSTpT7uQf4RnDg9UU
c46ySdrDcbWfMJ+rrsRlxB/ikOBRIuQEDP/W+0E1++nAeTnd9MQHTrcYG71azbK/
3k+VPssoOyq3j79hjUfNpSMXtxQDKqUh8qXhIfoemsQxpC6TOGvjwZXZLYJt7no+
QVjvQLPXL2EDWVRT6tgQgBVNth4/+SK8p3JlU+LHtaXqO8xxs6zq9xXDCZIV5U+L
y9xS4a62M1q5HvKVpwr83psPoeneWVKtGA8fAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhgf8NBKbOvUpGM6TbrjP0DDdK1AwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hnZjhOQktiT3ZVcEdN
NlRicmpQMEREZEsxQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAnjHBCeHxK1dwBPBgKlvJD9QPsUN4CPIu
yAFPJel/qoJlrOp0YI3UQxu7o67ZZtT2x4xJJ3DCQx202xOdOgS1YyJH9ZtwTAq5
XAb3r+0+MbOON8D1J56duz75/tvpI4HK2lymr3T0EQS8Wicnc9+JqbsKfRUOOmYw
OdHL253f9tetxT3gcgJDXw+mm8BpTgVAtv9O5ENsZ69cVoncewwG/3LI1xJOW5Pd
OUysP8avp2eiWTgRQA8mxCQQUen3AMS7bAXkdQKOaazOnCTGy5xi8ae6DMWjb/aT
4Hqhup/98QMCQU+aVkGqDf4bJX7cnQTwj1fo7cC1eVcU1dbM/bLRMA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:02 2024 by rpki-client on console-ams.rpki-client.org