Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/iP5XcX-YVV0SXPBxPgCRp0nrGtg.roa
File: iP5XcX-YVV0SXPBxPgCRp0nrGtg.roa (raw, json)
Hash identifier: qj9EgkRHXdqoK42y4v26SL181PGU0nuEAc+dy1V0IQU=
Subject key identifier: 88:FE:57:71:7F:98:55:5D:12:5C:F0:71:3E:00:91:A7:49:EB:1A:D8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5606
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iP5XcX-YVV0SXPBxPgCRp0nrGtg.roa
Signing time: Mon 13 May 2024 06:54:11 +0000
ROA not before: Mon 13 May 2024 06:54:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22022 (0x5606)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 06:54:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=88FE57717F98555D125CF0713E0091A749EB1AD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e8:30:8a:08:0a:40:35:24:05:d9:4a:a5:43:
e1:99:de:a5:72:58:b7:5e:37:71:9c:d9:5d:7c:22:
99:a2:23:c1:92:40:29:15:d2:6d:8f:cb:b1:be:6a:
4c:81:d4:97:ee:a1:e8:cf:a6:81:de:ff:ff:7c:2b:
cc:85:07:fb:33:14:09:9d:8a:c7:1a:56:a0:2e:14:
f5:a2:81:df:aa:de:4b:e9:22:f5:1e:8e:fb:a4:b7:
e1:98:f7:ad:82:ff:08:45:f0:62:78:72:61:f6:74:
1b:24:df:d8:62:b6:68:fe:63:1f:6c:b8:38:70:64:
a4:04:2c:b5:f2:14:9c:21:d2:37:ae:28:52:58:45:
ec:54:89:81:c8:cb:e2:88:ba:d5:84:14:49:3c:e1:
43:aa:6d:e6:49:f4:a8:5c:5a:6c:a1:db:fb:c8:8f:
f6:d5:e0:fa:dc:3f:48:48:d7:3f:28:50:fa:a5:c1:
14:6f:60:ee:58:38:21:3c:2f:57:81:4f:f5:c6:46:
67:47:6a:be:45:5e:79:c1:30:bf:38:e2:33:b9:c6:
ac:70:e1:18:8e:ed:4d:2d:77:a8:d4:64:31:70:33:
60:24:90:77:c3:07:7b:74:ff:74:03:c8:ee:19:40:
31:ef:a3:c3:d0:94:88:e6:57:eb:7a:5c:82:0c:4c:
85:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FE:57:71:7F:98:55:5D:12:5C:F0:71:3E:00:91:A7:49:EB:1A:D8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iP5XcX-YVV0SXPBxPgCRp0nrGtg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:d4:00:9d:3e:39:cd:d2:f5:dd:fa:bd:a9:dd:33:34:3e:ef:
7b:7a:0a:c9:c3:1a:c4:fb:13:58:6c:20:97:ed:9a:11:61:7d:
7f:16:f3:d4:62:bf:a1:4b:85:31:d4:4b:07:b2:91:7d:34:01:
51:22:74:be:f0:cd:2e:1f:6e:06:18:6a:ed:d8:60:db:8e:aa:
4a:d5:1b:d5:e7:85:74:5b:fe:9c:f2:ea:56:cb:43:99:fc:b5:
9e:4a:c1:29:45:97:cd:1e:d9:4a:7f:33:a7:a6:e1:e7:96:25:
43:34:47:75:fb:ab:0c:97:2f:3e:02:d9:f4:15:18:22:61:da:
e4:53:56:ed:1a:06:93:ec:c4:9e:16:1c:2d:eb:4f:6f:2c:ba:
fa:27:56:9c:ee:b3:b7:d2:0d:34:90:a3:31:d7:9a:b9:cc:9a:
d1:af:74:7e:cb:c7:b9:12:44:9f:66:29:eb:46:b7:14:ce:67:
b8:ca:08:00:4e:13:85:f2:60:63:36:dc:9d:7c:7b:6c:cb:eb:
37:ab:b7:fe:c9:8e:45:25:b5:2b:97:eb:7e:f2:45:1f:a4:58:
18:1e:35:86:3e:0f:e8:ba:d1:3b:89:c7:d8:59:ae:93:b0:c5:
25:7d:0b:52:66:f8:6a:ee:87:00:fb:89:90:6c:4a:54:97:2b:
09:6b:ff:fa
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVgYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
NjU0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg4RkU1NzcxN0Y5ODU1
NUQxMjVDRjA3MTNFMDA5MUE3NDlFQjFBRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB6DCKCApANSQF2UqlQ+GZ3qVyWLdeN3Gc2V18IpmiI8GSQCkV
0m2Py7G+akyB1JfuoejPpoHe//98K8yFB/szFAmdiscaVqAuFPWigd+q3kvpIvUe
jvukt+GY962C/whF8GJ4cmH2dBsk39hitmj+Yx9suDhwZKQELLXyFJwh0jeuKFJY
RexUiYHIy+KIutWEFEk84UOqbeZJ9KhcWmyh2/vIj/bV4PrcP0hI1z8oUPqlwRRv
YO5YOCE8L1eBT/XGRmdHar5FXnnBML844jO5xqxw4RiO7U0td6jUZDFwM2AkkHfD
B3t0/3QDyO4ZQDHvo8PQlIjmV+t6XIIMTIVzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUiP5XcX+YVV0SXPBxPgCRp0nrGtgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lQNVhjWC1ZVlYwU1hQ
QnhQZ0NScDBuckd0Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAc9QAnT45zdL13fq9qd0zND7ve3oKycMa
xPsTWGwgl+2aEWF9fxbz1GK/oUuFMdRLB7KRfTQBUSJ0vvDNLh9uBhhq7dhg246q
StUb1eeFdFv+nPLqVstDmfy1nkrBKUWXzR7ZSn8zp6bh55YlQzRHdfurDJcvPgLZ
9BUYImHa5FNW7RoGk+zEnhYcLetPbyy6+idWnO6zt9INNJCjMdeaucya0a90fsvH
uRJEn2Yp60a3FM5nuMoIAE4ThfJgYzbcnXx7bMvrN6u3/smORSW1K5frfvJFH6RY
GB41hj4P6LrRO4nH2Fmuk7DFJX0LUmb4au6HAPuJkGxKVJcrCWv/+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:41 2024 by rpki-client on console-fra.rpki-client.org