Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hlUn0xAZ9gYLs8LLM0UrcHRCg9U.roa
File: hlUn0xAZ9gYLs8LLM0UrcHRCg9U.roa (raw, json)
Hash identifier: ZqEQdPouY1jIWi5eb2vm/7eOj3DqHnrscWW+dhE5NjU=
Subject key identifier: 86:55:27:D3:10:19:F6:06:0B:B3:C2:CB:33:45:2B:70:74:42:83:D5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35F6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hlUn0xAZ9gYLs8LLM0UrcHRCg9U.roa
Signing time: Sun 31 Mar 2024 12:52:11 +0000
ROA not before: Sun 31 Mar 2024 12:52:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13814 (0x35f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 12:52:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=865527D31019F6060BB3C2CB33452B70744283D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b2:a8:42:b5:cc:2d:21:9b:65:09:20:1a:73:
ce:bf:dd:94:9c:72:a3:75:9d:c5:fc:34:4c:5b:02:
68:ac:40:2d:b8:61:46:7c:3e:6d:0d:3d:76:ea:0a:
9f:df:ff:d1:cc:ef:f3:87:c0:c8:52:e9:aa:85:2a:
45:87:90:4c:f4:69:23:c4:a3:84:cd:a7:63:2c:fe:
05:b7:98:f8:1e:55:0e:33:54:e5:ce:8e:96:5f:4c:
a2:88:cb:d8:a5:91:0a:0b:d0:33:24:d5:f7:23:2f:
f6:85:9b:b2:5b:ac:f1:06:dd:b4:45:5b:fb:0c:8b:
81:69:47:22:37:61:96:34:46:9b:ba:43:2a:ac:7a:
e3:79:a4:d7:b5:bb:b6:c7:db:10:65:95:22:a8:73:
19:8c:44:70:44:79:41:71:e0:b9:d6:4c:e2:5a:5f:
8b:78:a5:e5:71:de:a9:f3:08:85:de:eb:cc:59:6f:
de:d8:81:e1:75:f1:66:5b:b8:b1:21:f5:52:4a:4b:
16:32:fc:b5:10:d8:83:8f:29:05:22:57:2d:ee:cc:
f6:63:59:5e:9a:79:7f:ce:eb:64:d2:73:b8:f4:ee:
0a:07:7b:19:21:36:65:14:9e:18:76:86:c0:be:b0:
b8:0f:91:23:20:bf:04:16:43:d9:cb:4a:5a:22:b2:
39:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:55:27:D3:10:19:F6:06:0B:B3:C2:CB:33:45:2B:70:74:42:83:D5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hlUn0xAZ9gYLs8LLM0UrcHRCg9U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:c4:b0:c6:40:5c:8f:80:08:8b:79:d6:9f:3a:e6:ff:f8:a9:
2c:fb:6c:14:55:9c:9f:c5:f6:54:ee:9f:05:39:06:a4:9a:6d:
b8:04:ca:d9:d0:16:19:c3:07:a6:64:e7:4a:ce:65:4a:2e:f4:
ce:50:39:3c:86:df:f4:d6:f2:18:84:3d:c9:76:d9:59:e3:09:
c7:8d:28:50:10:9b:02:6a:d6:c2:14:38:8b:83:ca:a1:75:95:
cd:99:da:0d:e5:a1:42:4f:59:7f:30:94:ba:f5:1b:7e:ed:a0:
49:77:a7:66:bf:04:bc:26:e1:7d:ae:44:cf:64:62:9c:69:26:
c9:4a:aa:6f:d0:7f:68:5b:10:51:89:89:73:fe:bd:b3:79:56:
3a:e0:c9:79:0d:93:61:3b:8d:58:2b:41:8d:9d:a3:cc:5c:9a:
43:c4:0f:84:99:1b:81:57:36:6c:01:5c:6a:cb:35:87:f7:88:
56:12:50:3d:b0:08:47:68:44:9b:fc:2f:38:b5:5f:27:0c:bc:
70:fc:7f:f6:14:3c:2c:1a:d1:d6:af:f2:12:d9:ac:fb:44:2c:
b1:d3:2d:dd:07:95:a5:f2:0b:2a:82:a5:da:e6:eb:4e:0f:f7:
3f:6d:6a:9f:b3:f7:f7:b1:62:94:c6:ad:1b:a8:a5:7e:25:8c:
96:a1:ba:a6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNfYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
MjUyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg2NTUyN0QzMTAxOUY2
MDYwQkIzQzJDQjMzNDUyQjcwNzQ0MjgzRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDsqhCtcwtIZtlCSAac86/3ZSccqN1ncX8NExbAmisQC24YUZ8
Pm0NPXbqCp/f/9HM7/OHwMhS6aqFKkWHkEz0aSPEo4TNp2Ms/gW3mPgeVQ4zVOXO
jpZfTKKIy9ilkQoL0DMk1fcjL/aFm7JbrPEG3bRFW/sMi4FpRyI3YZY0Rpu6Qyqs
euN5pNe1u7bH2xBllSKocxmMRHBEeUFx4LnWTOJaX4t4peVx3qnzCIXe68xZb97Y
geF18WZbuLEh9VJKSxYy/LUQ2IOPKQUiVy3uzPZjWV6aeX/O62TSc7j07goHexkh
NmUUnhh2hsC+sLgPkSMgvwQWQ9nLSloisjllAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhlUn0xAZ9gYLs8LLM0UrcHRCg9UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hsVW4weEFaOWdZTHM4
TExNMFVyY0hSQ2c5VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAk8SwxkBcj4AIi3nWnzrm//ipLPtsFFWc
n8X2VO6fBTkGpJptuATK2dAWGcMHpmTnSs5lSi70zlA5PIbf9NbyGIQ9yXbZWeMJ
x40oUBCbAmrWwhQ4i4PKoXWVzZnaDeWhQk9ZfzCUuvUbfu2gSXenZr8EvCbhfa5E
z2RinGkmyUqqb9B/aFsQUYmJc/69s3lWOuDJeQ2TYTuNWCtBjZ2jzFyaQ8QPhJkb
gVc2bAFcass1h/eIVhJQPbAIR2hEm/wvOLVfJwy8cPx/9hQ8LBrR1q/yEtms+0Qs
sdMt3QeVpfILKoKl2ubrTg/3P21qn7P397FilMatG6ilfiWMlqG6pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:40 2024 by rpki-client on console-fra.rpki-client.org