Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/j5lo99SVPe7m5865WAXMo43MIbI.roa
File: j5lo99SVPe7m5865WAXMo43MIbI.roa (raw, json)
Hash identifier: SsTPi5HrIMvu7YbuBO8yMJiYH4P2mN/pAlIQRE51oAc=
Subject key identifier: 8F:99:68:F7:D4:95:3D:EE:E6:E7:CE:B9:58:05:CC:A3:8D:CC:21:B2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41AE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/j5lo99SVPe7m5865WAXMo43MIbI.roa
Signing time: Tue 16 Apr 2024 03:52:56 +0000
ROA not before: Tue 16 Apr 2024 03:52:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16814 (0x41ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 03:52:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8F9968F7D4953DEEE6E7CEB95805CCA38DCC21B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b1:5a:43:00:4e:40:c5:dd:26:af:25:60:89:
1d:18:14:4c:b0:b5:8e:49:3a:05:84:bb:c8:77:6b:
34:06:53:40:72:fc:2c:97:ba:35:37:46:40:e4:0f:
9c:9b:52:bf:b6:7a:64:17:05:32:8b:3e:db:41:f7:
12:b6:31:e4:53:87:5b:38:89:3f:ad:8c:ec:21:92:
14:18:8c:dc:00:6c:d4:e8:9f:6f:7a:64:aa:24:79:
8d:b3:e6:9e:7e:75:6f:76:25:ce:5c:4f:4a:ed:80:
73:52:9c:ed:78:51:16:01:fb:b4:31:7e:9f:07:ff:
00:21:f2:39:2e:d3:81:39:9d:e0:84:05:57:8b:c5:
56:33:e6:f4:77:38:13:fe:c0:21:6d:ef:b3:60:43:
2a:68:d8:5f:c4:51:0f:86:ba:7d:0c:8a:be:d4:c1:
df:79:17:37:db:d5:01:78:41:25:ee:13:7e:0a:69:
44:cf:41:94:e5:54:e7:84:c0:cf:b0:b4:7b:5b:bf:
c1:c6:7b:19:f4:12:b0:75:55:39:49:9a:fb:9f:c3:
0b:8c:56:90:e6:d5:3d:89:6c:85:d7:5f:66:e3:2e:
78:3d:2d:75:4b:8c:fd:1b:8f:72:a4:e8:85:c1:81:
03:db:61:8c:3a:a5:1b:35:55:6b:6b:10:13:3a:48:
80:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:99:68:F7:D4:95:3D:EE:E6:E7:CE:B9:58:05:CC:A3:8D:CC:21:B2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/j5lo99SVPe7m5865WAXMo43MIbI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6c:da:7f:35:57:dc:49:78:82:44:2b:d1:dd:21:29:6c:bd:5c:
13:87:30:96:1f:75:c0:9e:97:1c:1f:d5:d0:98:4e:61:68:5d:
22:6f:77:03:b2:17:d8:22:69:7f:26:a9:e4:a9:8e:3f:42:cb:
09:a4:71:2f:e4:16:21:1f:91:7d:70:a8:94:b6:30:9a:2b:14:
75:62:d6:eb:47:f2:65:f1:9c:50:eb:8b:9a:21:f2:94:34:fb:
82:94:b0:8a:48:ef:16:46:35:7e:26:3c:c7:80:2e:c5:bb:b7:
d3:89:0b:41:df:08:8e:01:87:52:f1:1c:c8:b1:98:3a:65:ad:
4b:d4:ab:0d:d9:b3:df:78:51:33:06:43:1c:61:9b:69:b4:12:
35:28:eb:5d:9b:68:d4:e0:ef:1f:8b:20:90:fb:e9:bc:53:ff:
a1:7c:1a:c3:08:8b:24:2e:31:66:5d:ad:33:66:7e:92:a6:f2:
43:e3:a9:11:bf:56:32:f4:f5:fd:e6:fb:ff:aa:02:6f:72:a4:
83:b6:87:f4:06:2c:6c:7a:9a:d2:7f:8b:0f:78:56:4c:0f:15:
ea:8d:a5:d4:54:93:5c:56:38:cc:44:10:2a:35:4c:ca:64:99:
67:ae:9d:34:8b:6f:e3:d8:07:2f:5a:2d:43:c4:1e:70:77:25:
9d:5b:e6:0d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQa4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
MzUyNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhGOTk2OEY3RDQ5NTNE
RUVFNkU3Q0VCOTU4MDVDQ0EzOERDQzIxQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvsVpDAE5Axd0mryVgiR0YFEywtY5JOgWEu8h3azQGU0By/CyX
ujU3RkDkD5ybUr+2emQXBTKLPttB9xK2MeRTh1s4iT+tjOwhkhQYjNwAbNTon296
ZKokeY2z5p5+dW92Jc5cT0rtgHNSnO14URYB+7Qxfp8H/wAh8jku04E5neCEBVeL
xVYz5vR3OBP+wCFt77NgQypo2F/EUQ+Gun0Mir7Uwd95Fzfb1QF4QSXuE34KaUTP
QZTlVOeEwM+wtHtbv8HGexn0ErB1VTlJmvufwwuMVpDm1T2JbIXXX2bjLng9LXVL
jP0bj3Kk6IXBgQPbYYw6pRs1VWtrEBM6SIBFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUj5lo99SVPe7m5865WAXMo43MIbIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2o1bG85OVNWUGU3bTU4
NjVXQVhNbzQzTUliSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAbNp/NVfcSXiCRCvR3SEpbL1cE4cwlh91
wJ6XHB/V0JhOYWhdIm93A7IX2CJpfyap5KmOP0LLCaRxL+QWIR+RfXColLYwmisU
dWLW60fyZfGcUOuLmiHylDT7gpSwikjvFkY1fiY8x4Auxbu304kLQd8IjgGHUvEc
yLGYOmWtS9SrDdmz33hRMwZDHGGbabQSNSjrXZto1ODvH4sgkPvpvFP/oXwawwiL
JC4xZl2tM2Z+kqbyQ+OpEb9WMvT1/eb7/6oCb3Kkg7aH9AYsbHqa0n+LD3hWTA8V
6o2l1FSTXFY4zEQQKjVMymSZZ66dNItv49gHL1otQ8QecHclnVvmDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:04 2024 by rpki-client on console-ams.rpki-client.org