Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hyZ2Df0kVROnvVoo_0WFnNZd5q0.roa
File: hyZ2Df0kVROnvVoo_0WFnNZd5q0.roa (raw, json)
Hash identifier: Iw0CT/fgjTzlONfH8VoAq4W07P3Y/gpY+Nc3u7HCvew=
Subject key identifier: 87:26:76:0D:FD:24:55:13:A7:BD:5A:28:FF:45:85:9C:D6:5D:E6:AD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 542A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hyZ2Df0kVROnvVoo_0WFnNZd5q0.roa
Signing time: Fri 10 May 2024 19:24:04 +0000
ROA not before: Fri 10 May 2024 19:24:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21546 (0x542a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 19:24:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8726760DFD245513A7BD5A28FF45859CD65DE6AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ee:2c:f2:bb:d8:43:14:cc:1e:f9:d2:27:32:
87:b1:80:8e:52:b1:55:fe:eb:3f:79:22:65:6c:94:
63:0a:56:05:1a:41:67:7e:36:a9:74:37:21:d4:5d:
3a:bd:3b:c8:d2:de:9b:db:75:ac:21:d8:e4:40:62:
4c:89:dc:24:32:bf:27:e7:71:4f:5e:66:1e:d7:69:
d6:f3:72:bb:ee:b3:e3:51:54:da:b2:06:7c:c1:c4:
e9:bd:66:fc:cc:77:c7:1a:3c:04:e7:78:e6:10:73:
4a:40:bf:32:60:f3:0c:12:63:c7:67:fd:a9:e3:2b:
ef:be:88:fd:38:fc:ae:bb:2c:e4:30:d3:c1:03:6a:
53:b1:6f:96:a9:b6:fa:e5:bc:18:44:e8:b3:fa:b0:
25:56:8a:d0:51:b0:5f:97:25:d0:e9:de:1f:33:a1:
05:83:42:cb:7b:d1:f9:c8:09:78:e2:77:bc:c5:a4:
c9:c4:9b:64:f2:95:82:23:31:57:ec:e7:62:b8:54:
c6:ae:13:62:4f:c0:f8:67:bc:83:05:fb:2c:58:56:
c7:83:d5:b1:4f:42:56:23:69:68:0c:bf:b9:5a:9a:
50:5e:04:f0:d7:92:9f:d5:3b:66:ad:83:07:2e:dd:
b4:70:23:74:1c:30:44:ba:b2:8d:11:89:62:bf:8e:
bd:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:26:76:0D:FD:24:55:13:A7:BD:5A:28:FF:45:85:9C:D6:5D:E6:AD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hyZ2Df0kVROnvVoo_0WFnNZd5q0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:4a:33:f6:92:6f:70:18:39:71:75:2e:cc:35:21:0b:32:71:
26:f4:cc:5d:2c:a1:5a:c6:5e:14:84:8b:3c:29:b4:4d:a3:d1:
51:12:7f:35:ce:9d:2a:58:f8:a4:6a:81:2a:b6:62:67:18:eb:
32:a2:77:af:17:b9:83:e8:79:90:ea:62:73:99:63:79:da:13:
f5:ac:ca:1b:53:8e:9b:26:0d:db:f7:b2:b5:bf:d9:7b:ba:d8:
d5:c7:30:81:65:7d:76:07:05:5a:94:96:43:dc:10:fc:88:3d:
42:69:2e:5b:a5:dc:98:89:73:5b:e2:15:e8:85:06:26:3d:cf:
f9:88:54:4c:c7:31:93:33:60:7a:3b:ca:be:ae:c3:02:c3:fa:
6b:f0:52:1f:fe:d5:61:da:75:14:62:c3:cb:07:ed:06:3a:bb:
80:0a:58:49:11:46:a4:58:d7:5a:10:ef:18:5e:66:0b:d8:16:
36:fc:df:c9:78:93:a4:eb:65:dc:f5:20:b8:4e:b8:f4:7d:5e:
d8:57:a0:8d:aa:04:ab:89:f4:12:ba:b2:f9:a2:6f:a8:d0:fb:
a8:2f:2a:75:be:b7:02:e6:6e:1e:1b:6a:f8:cd:48:5b:df:c9:
cd:d5:54:75:e9:a5:eb:b6:c6:8f:f7:0a:3e:ba:4a:f7:ef:f7:
5a:28:a8:a8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVCowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAx
OTI0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg3MjY3NjBERkQyNDU1
MTNBN0JENUEyOEZGNDU4NTlDRDY1REU2QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt7izyu9hDFMwe+dInMoexgI5SsVX+6z95ImVslGMKVgUaQWd+
Nql0NyHUXTq9O8jS3pvbdawh2ORAYkyJ3CQyvyfncU9eZh7Xadbzcrvus+NRVNqy
BnzBxOm9ZvzMd8caPATneOYQc0pAvzJg8wwSY8dn/anjK+++iP04/K67LOQw08ED
alOxb5aptvrlvBhE6LP6sCVWitBRsF+XJdDp3h8zoQWDQst70fnICXjid7zFpMnE
m2TylYIjMVfs52K4VMauE2JPwPhnvIMF+yxYVseD1bFPQlYjaWgMv7lamlBeBPDX
kp/VO2atgwcu3bRwI3QcMES6so0RiWK/jr3nAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhyZ2Df0kVROnvVoo/0WFnNZd5q0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2h5WjJEZjBrVlJPbnZW
b29fMFdGbk5aZDVxMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAW0oz9pJvcBg5cXUuzDUhCzJxJvTMXSyh
WsZeFISLPCm0TaPRURJ/Nc6dKlj4pGqBKrZiZxjrMqJ3rxe5g+h5kOpic5ljedoT
9azKG1OOmyYN2/eytb/Ze7rY1ccwgWV9dgcFWpSWQ9wQ/Ig9QmkuW6XcmIlzW+IV
6IUGJj3P+YhUTMcxkzNgejvKvq7DAsP6a/BSH/7VYdp1FGLDywftBjq7gApYSRFG
pFjXWhDvGF5mC9gWNvzfyXiTpOtl3PUguE649H1e2FegjaoEq4n0Erqy+aJvqND7
qC8qdb63AuZuHhtq+M1IW9/JzdVUdeml67bGj/cKPrpK9+/3WiioqA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:41 2024 by rpki-client on console-fra.rpki-client.org