Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/i0U5tXJzoLeemLRZXK8plYeLJvE.roa
File: i0U5tXJzoLeemLRZXK8plYeLJvE.roa (raw, json)
Hash identifier: 6JA4WRinllbQNLKX72KMMQPw0iP3jUjtGV9c3GFPoTQ=
Subject key identifier: 8B:45:39:B5:72:73:A0:B7:9E:98:B4:59:5C:AF:29:95:87:8B:26:F1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4782
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/i0U5tXJzoLeemLRZXK8plYeLJvE.roa
Signing time: Tue 23 Apr 2024 22:23:19 +0000
ROA not before: Tue 23 Apr 2024 22:23:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18306 (0x4782)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 23 22:23:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8B4539B57273A0B79E98B4595CAF2995878B26F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0c:73:80:71:15:72:50:b5:43:59:0b:50:a4:
08:8e:66:61:d2:51:80:6c:6b:cd:58:9e:70:9e:c7:
94:46:64:1d:62:c1:f7:dd:d0:3e:4e:82:e1:3e:10:
8e:10:31:9f:20:fa:60:e4:85:3a:95:1f:ea:6c:21:
dd:88:21:25:fd:ae:08:17:bc:f9:a0:b2:ff:96:28:
2d:87:a4:cd:fc:f6:14:a4:b9:e5:02:6e:40:fb:bb:
9e:86:97:86:94:98:ec:30:5a:82:cf:d8:1d:6d:f3:
59:9e:86:ad:e6:a9:6a:66:53:e8:37:d1:f9:b0:91:
13:90:b0:14:66:05:ec:d0:7e:5b:27:c1:1b:9d:16:
06:12:53:10:08:45:5a:d5:ff:11:92:c3:a8:47:95:
19:be:11:e8:a1:02:97:b3:99:e5:34:8e:6b:86:7d:
cb:60:bb:9a:58:a4:ae:43:b8:a7:21:29:6c:86:91:
98:ab:b5:ea:74:6f:76:da:c7:4a:ad:db:6c:e7:27:
07:3f:c0:bd:47:f0:4d:51:8e:59:89:cf:1c:b7:5c:
9d:9e:fc:93:f3:f9:41:4a:f7:08:bb:2d:89:8f:04:
b8:85:e8:c8:b6:ba:9b:0d:2f:97:47:21:fa:3a:87:
52:43:39:ec:88:51:5f:39:c3:6b:1d:89:d5:13:dd:
4a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:45:39:B5:72:73:A0:B7:9E:98:B4:59:5C:AF:29:95:87:8B:26:F1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/i0U5tXJzoLeemLRZXK8plYeLJvE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bc:e0:bd:64:81:c2:c6:27:3e:1e:33:69:9c:82:99:2d:ec:f9:
61:ff:7e:a1:68:8f:0c:4a:07:8b:02:8f:fa:a4:c0:c5:dc:e9:
a3:0e:d8:22:7f:84:82:91:c9:00:c5:16:f1:9e:cf:4e:d9:95:
e7:a6:f2:05:20:82:89:83:77:99:50:71:71:e5:f5:af:ab:7d:
a3:8c:29:7f:54:32:e8:ae:cb:31:9a:eb:f6:3c:2c:3e:7b:ff:
ab:5b:9a:c5:ef:78:0b:cf:fb:27:b8:15:96:0b:d1:7b:e5:e8:
7e:f1:33:64:bf:3e:5e:d0:d9:a1:56:7f:9a:c3:82:1b:f4:59:
58:39:2d:5e:da:ef:a2:4e:f9:c8:2b:a8:db:00:1c:3d:5e:4e:
ff:ee:dd:25:06:e7:e0:6a:2d:9a:6a:4b:8b:9c:31:75:88:a6:
54:e1:ad:d3:db:ed:b8:10:e0:f0:11:59:70:ad:e8:b9:7d:59:
71:ab:08:73:88:82:a0:a3:c1:02:f8:53:f6:a2:c7:57:9e:05:
c4:25:29:b2:cb:ff:39:a3:37:5f:6c:a8:5a:ca:a9:e4:69:30:
a9:38:db:20:3d:01:56:b8:d3:78:1b:48:83:54:20:38:bc:ca:
5d:ef:3b:8e:bd:c1:3b:fa:58:dd:cd:b3:fc:3f:ad:48:b6:56:
71:6a:f1:d2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR4IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjMy
MjIzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhCNDUzOUI1NzI3M0Ew
Qjc5RTk4QjQ1OTVDQUYyOTk1ODc4QjI2RjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbDHOAcRVyULVDWQtQpAiOZmHSUYBsa81YnnCex5RGZB1iwffd
0D5OguE+EI4QMZ8g+mDkhTqVH+psId2IISX9rggXvPmgsv+WKC2HpM389hSkueUC
bkD7u56Gl4aUmOwwWoLP2B1t81mehq3mqWpmU+g30fmwkROQsBRmBezQflsnwRud
FgYSUxAIRVrV/xGSw6hHlRm+EeihApezmeU0jmuGfctgu5pYpK5DuKchKWyGkZir
tep0b3bax0qt22znJwc/wL1H8E1RjlmJzxy3XJ2e/JPz+UFK9wi7LYmPBLiF6Mi2
upsNL5dHIfo6h1JDOeyIUV85w2sdidUT3UqPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUi0U5tXJzoLeemLRZXK8plYeLJvEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2kwVTV0WEp6b0xlZW1M
UlpYSzhwbFllTEp2RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAvOC9ZIHCxic+HjNpnIKZLez5Yf9+oWiP
DEoHiwKP+qTAxdzpow7YIn+EgpHJAMUW8Z7PTtmV56byBSCCiYN3mVBxceX1r6t9
o4wpf1Qy6K7LMZrr9jwsPnv/q1uaxe94C8/7J7gVlgvRe+XofvEzZL8+XtDZoVZ/
msOCG/RZWDktXtrvok75yCuo2wAcPV5O/+7dJQbn4GotmmpLi5wxdYimVOGt09vt
uBDg8BFZcK3ouX1ZcasIc4iCoKPBAvhT9qLHV54FxCUpssv/OaM3X2yoWsqp5Gkw
qTjbID0BVrjTeBtIg1QgOLzKXe87jr3BO/pY3c2z/D+tSLZWcWrx0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:02 2024 by rpki-client on console-ams.rpki-client.org