Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hopDkz7jq1B1GWJmFadMJD9azEQ.roa
File: hopDkz7jq1B1GWJmFadMJD9azEQ.roa (raw, json)
Hash identifier: U27+sQCGTOiviAkZBA6ksG+vsoEmlsgbktj9gJ/Ihjg=
Subject key identifier: 86:8A:43:93:3E:E3:AB:50:75:19:62:66:15:A7:4C:24:3F:5A:CC:44
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5142
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hopDkz7jq1B1GWJmFadMJD9azEQ.roa
Signing time: Mon 06 May 2024 22:24:00 +0000
ROA not before: Mon 06 May 2024 22:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20802 (0x5142)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 22:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=868A43933EE3AB507519626615A74C243F5ACC44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:47:e5:2b:33:f0:b2:b0:59:2b:8f:10:ab:6b:
a6:e7:86:48:4b:9c:85:62:5f:ef:f9:ff:07:2c:25:
eb:f6:7c:0f:87:18:a1:91:3f:af:a6:4c:1d:3f:09:
8d:98:ac:e9:81:5e:54:10:31:3b:6d:82:94:b4:15:
7b:e5:0f:4c:d2:b7:d7:dd:17:3b:c5:0c:3d:cc:5c:
4f:05:9d:bd:56:c9:e2:88:e0:69:34:60:78:74:9c:
bf:e4:d9:dd:ef:06:30:9c:d9:e8:8f:7b:07:4e:42:
4c:18:f2:dd:bd:84:85:ba:a6:0a:39:a8:a5:0f:66:
30:eb:dc:81:d6:21:6a:99:83:1b:be:86:bf:8c:78:
bb:f0:49:26:11:ca:0f:03:e8:52:62:f9:7d:1a:30:
c2:60:80:19:a4:37:93:88:7b:d4:a0:85:a0:dd:6f:
fb:22:3b:e8:fe:96:cd:2f:15:70:8d:0e:49:3a:ba:
8c:5d:c7:0f:3d:6b:ed:35:cc:ee:f4:79:0d:97:85:
4d:20:1b:11:b2:be:93:c9:4c:01:a5:28:49:94:6f:
92:b5:32:28:b7:a2:7c:35:60:74:0a:ae:03:04:b1:
15:4c:b7:47:22:ba:60:68:97:41:5c:23:b2:3e:b6:
b8:b5:9a:11:c5:01:55:db:8e:1c:03:fe:e1:fb:a8:
19:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8A:43:93:3E:E3:AB:50:75:19:62:66:15:A7:4C:24:3F:5A:CC:44
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hopDkz7jq1B1GWJmFadMJD9azEQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:74:bb:cd:4f:02:98:e1:24:0a:c3:e6:f4:74:64:3b:48:60:
7b:4c:9b:23:9d:43:25:ec:73:50:71:04:f0:a3:69:6e:c4:4c:
e4:27:0b:f1:a4:0f:67:80:9c:fb:73:c0:cf:48:65:2e:d8:a3:
c9:33:6a:51:59:60:25:97:3e:38:a2:7b:0a:ae:69:8c:e6:ee:
e8:ec:12:2d:4b:1c:64:52:87:59:c6:15:61:e9:34:61:49:24:
59:88:da:b6:43:cc:b3:c6:54:a4:b5:7f:fb:5d:cb:e6:57:01:
27:c6:50:75:b1:c4:66:3a:7c:4b:81:fa:91:63:3e:33:68:f1:
b6:ac:ec:21:9e:23:b0:d3:43:e9:db:ef:ef:3f:b5:e8:bf:b3:
10:c2:61:9b:7e:c1:0b:22:2b:08:7e:e0:e3:33:2f:31:81:df:
21:85:7e:f4:5b:c4:8e:da:b9:0d:74:54:e5:34:ab:0f:73:95:
5a:31:6f:c2:9d:43:ed:21:c8:22:57:3e:26:ed:b3:5d:9b:95:
f5:37:3a:c4:7f:2e:5c:52:51:65:4c:bc:a0:6c:64:fe:8d:67:
f4:23:d0:f5:16:60:88:a3:aa:24:b3:17:c2:40:f5:55:52:4c:
db:8c:63:81:24:ae:9a:71:76:b2:d1:5a:cf:2d:6a:da:9e:2c:
de:3e:43:6e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUUIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYy
MjI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg2OEE0MzkzM0VFM0FC
NTA3NTE5NjI2NjE1QTc0QzI0M0Y1QUNDNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjR+UrM/CysFkrjxCra6bnhkhLnIViX+/5/wcsJev2fA+HGKGR
P6+mTB0/CY2YrOmBXlQQMTttgpS0FXvlD0zSt9fdFzvFDD3MXE8Fnb1WyeKI4Gk0
YHh0nL/k2d3vBjCc2eiPewdOQkwY8t29hIW6pgo5qKUPZjDr3IHWIWqZgxu+hr+M
eLvwSSYRyg8D6FJi+X0aMMJggBmkN5OIe9SghaDdb/siO+j+ls0vFXCNDkk6uoxd
xw89a+01zO70eQ2XhU0gGxGyvpPJTAGlKEmUb5K1Mii3onw1YHQKrgMEsRVMt0ci
umBol0FcI7I+tri1mhHFAVXbjhwD/uH7qBnRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhopDkz7jq1B1GWJmFadMJD9azEQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hvcERrejdqcTFCMUdX
Sm1GYWRNSkQ5YXpFUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAS3S7zU8CmOEkCsPm9HRkO0hge0ybI51D
JexzUHEE8KNpbsRM5CcL8aQPZ4Cc+3PAz0hlLtijyTNqUVlgJZc+OKJ7Cq5pjObu
6OwSLUscZFKHWcYVYek0YUkkWYjatkPMs8ZUpLV/+13L5lcBJ8ZQdbHEZjp8S4H6
kWM+M2jxtqzsIZ4jsNND6dvv7z+16L+zEMJhm37BCyIrCH7g4zMvMYHfIYV+9FvE
jtq5DXRU5TSrD3OVWjFvwp1D7SHIIlc+Ju2zXZuV9Tc6xH8uXFJRZUy8oGxk/o1n
9CPQ9RZgiKOqJLMXwkD1VVJM24xjgSSumnF2stFazy1q2p4s3j5Dbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:40 2024 by rpki-client on console-fra.rpki-client.org