Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hi3AaNw62J3uR9bHMsELpjXD1DY.roa
File: hi3AaNw62J3uR9bHMsELpjXD1DY.roa (raw, json)
Hash identifier: kGo0glBuVFQQ7cxoNJatRc3AzS0vcCJ4lQypDLijIzU=
Subject key identifier: 86:2D:C0:68:DC:3A:D8:9D:EE:47:D6:C7:32:C1:0B:A6:35:C3:D4:36
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F0A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hi3AaNw62J3uR9bHMsELpjXD1DY.roa
Signing time: Fri 03 May 2024 23:23:49 +0000
ROA not before: Fri 03 May 2024 23:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20234 (0x4f0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 23:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=862DC068DC3AD89DEE47D6C732C10BA635C3D436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c9:de:8a:a7:58:dc:52:59:88:79:d8:f9:c7:
13:45:be:8e:e1:5d:b3:07:c1:b9:41:83:6b:30:a6:
43:6a:f3:c3:95:26:30:80:aa:97:79:51:0e:56:73:
48:34:e8:48:23:95:6c:58:7a:79:fb:86:6d:8e:38:
0c:fb:ed:62:a0:f4:ee:fb:8d:12:5e:89:10:e5:21:
77:ae:37:b8:10:a4:de:5d:8a:3d:78:88:85:b7:d3:
82:30:b8:cb:96:f8:ad:b6:34:fe:6d:ec:93:1d:9e:
14:4c:47:74:23:36:4e:87:4f:b0:47:f8:24:ab:64:
a8:1f:bd:32:5a:c0:ea:37:14:ef:ad:d3:8b:a9:d2:
d6:cd:42:e6:92:81:ef:df:6f:46:c8:45:b2:85:2b:
b2:50:be:6f:a0:04:2f:94:4c:20:6f:fe:73:0f:76:
23:bd:c7:36:0d:03:72:d2:30:95:47:24:84:bb:50:
e7:5a:92:4d:d9:b6:3d:5b:5d:75:54:c1:2e:82:4f:
36:71:ed:8e:a5:25:1d:18:00:eb:d7:8a:b2:2f:11:
aa:77:c9:c5:92:12:39:1d:42:42:6b:5d:97:14:3d:
44:a9:9d:d2:89:51:76:8d:5b:23:c4:9a:42:ce:8e:
86:8d:3d:9e:db:47:4d:96:fb:ef:93:65:ec:a8:18:
7c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:2D:C0:68:DC:3A:D8:9D:EE:47:D6:C7:32:C1:0B:A6:35:C3:D4:36
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hi3AaNw62J3uR9bHMsELpjXD1DY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:c5:e4:40:52:09:da:4d:47:6a:24:59:f6:63:44:8b:73:20:
b5:e8:a4:eb:e1:84:34:b4:9a:ee:bc:48:ef:7c:54:a2:cf:bf:
34:36:08:69:d0:d2:4a:e8:85:f8:b4:27:81:31:59:88:50:62:
ac:21:da:52:3d:b0:39:4e:31:d8:d0:21:b7:51:c7:1b:d9:92:
dc:13:51:98:a6:22:c4:87:a0:09:ce:4c:f6:89:dd:69:10:5c:
df:60:d6:22:7e:d7:5c:d7:17:98:ff:fe:f8:d4:a8:43:bd:f3:
62:aa:36:be:c9:47:11:ae:17:5b:4e:97:0b:82:10:18:fa:e9:
3b:37:ad:a9:04:e1:19:32:ba:31:4a:60:9b:e1:8b:56:fc:d3:
34:65:ad:26:89:01:52:9b:19:cd:57:c7:17:93:3c:dd:b4:65:
ea:b2:1d:68:db:8b:3c:09:93:ad:87:53:c0:f1:b2:f9:1d:40:
c7:7b:8d:02:86:95:33:1d:86:11:c5:c6:ca:5e:99:64:1e:d5:
52:78:e2:8e:fb:cc:8a:99:6a:0e:66:ce:7d:f5:f7:f2:02:81:
fa:00:f9:77:be:84:2c:fe:65:c6:c5:5b:4f:24:16:79:08:5f:
53:27:17:4d:53:b2:3f:4a:80:fc:ef:4e:bc:72:ce:83:5e:02:
eb:a9:00:ab
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTwowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMy
MzIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg2MkRDMDY4REMzQUQ4
OURFRTQ3RDZDNzMyQzEwQkE2MzVDM0Q0MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVyd6Kp1jcUlmIedj5xxNFvo7hXbMHwblBg2swpkNq88OVJjCA
qpd5UQ5Wc0g06EgjlWxYenn7hm2OOAz77WKg9O77jRJeiRDlIXeuN7gQpN5dij14
iIW304IwuMuW+K22NP5t7JMdnhRMR3QjNk6HT7BH+CSrZKgfvTJawOo3FO+t04up
0tbNQuaSge/fb0bIRbKFK7JQvm+gBC+UTCBv/nMPdiO9xzYNA3LSMJVHJIS7UOda
kk3Ztj1bXXVUwS6CTzZx7Y6lJR0YAOvXirIvEap3ycWSEjkdQkJrXZcUPUSpndKJ
UXaNWyPEmkLOjoaNPZ7bR02W+++TZeyoGHw1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhi3AaNw62J3uR9bHMsELpjXD1DYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hpM0FhTnc2MkozdVI5
YkhNc0VMcGpYRDFEWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEASsXkQFIJ2k1HaiRZ9mNEi3Mgteik6+GE
NLSa7rxI73xUos+/NDYIadDSSuiF+LQngTFZiFBirCHaUj2wOU4x2NAht1HHG9mS
3BNRmKYixIegCc5M9ondaRBc32DWIn7XXNcXmP/++NSoQ73zYqo2vslHEa4XW06X
C4IQGPrpOzetqQThGTK6MUpgm+GLVvzTNGWtJokBUpsZzVfHF5M83bRl6rIdaNuL
PAmTrYdTwPGy+R1Ax3uNAoaVMx2GEcXGyl6ZZB7VUnjijvvMiplqDmbOffX38gKB
+gD5d76ELP5lxsVbTyQWeQhfUycXTVOyP0qA/O9OvHLOg14C66kAqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:02 2024 by rpki-client on console-ams.rpki-client.org