Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kOcISWH-X3giPn3n0IUYwI8yIoE.roa
File: kOcISWH-X3giPn3n0IUYwI8yIoE.roa (raw, json)
Hash identifier: BtAdjpqkm3w/RvblpRrBDl4857uzRymacQ4cRH2kspk=
Subject key identifier: 90:E7:08:49:61:FE:5F:78:22:3E:7D:E7:D0:85:18:C0:8F:32:22:81
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53CE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kOcISWH-X3giPn3n0IUYwI8yIoE.roa
Signing time: Fri 10 May 2024 07:54:25 +0000
ROA not before: Fri 10 May 2024 07:54:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21454 (0x53ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 07:54:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=90E7084961FE5F78223E7DE7D08518C08F322281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:17:7c:ce:2f:e0:96:1f:c6:ee:63:7d:64:5a:
7e:be:82:da:a4:87:b8:d6:37:2f:c6:d5:ce:cb:0f:
9b:24:9b:f1:c5:84:8e:36:9d:a6:e0:f8:36:5a:da:
c0:2c:4b:02:f1:66:db:55:9d:35:8f:2a:12:9a:87:
67:c8:4c:8b:94:53:c8:c6:87:4b:28:4d:16:54:f6:
dc:4e:e6:16:0f:f3:99:75:da:6f:65:67:96:22:39:
d2:7d:1c:f2:75:cf:6e:6e:8e:de:d4:64:91:a5:60:
84:1d:26:02:f7:43:d2:af:52:a2:0b:27:06:2c:51:
9c:d8:c4:a5:c2:4d:e4:c0:d5:57:38:e6:79:ad:9e:
97:38:12:8c:a1:f6:53:00:ce:a2:98:f7:3d:3f:4b:
93:f0:2d:ab:59:d8:2d:fd:03:86:90:45:be:cd:45:
80:3c:79:e5:2f:2b:d8:a7:5c:b2:8d:f8:4e:9b:b7:
8e:3f:85:dd:ac:76:ec:ed:eb:73:e5:a8:fe:f8:11:
85:4f:5d:9c:32:a7:e9:b5:1a:c6:e3:3c:aa:4c:5f:
2a:87:80:e1:68:62:94:3a:67:18:35:a3:4b:fa:16:
10:c9:af:71:43:33:63:47:91:78:76:d6:38:df:45:
12:8d:85:04:e0:0d:e9:fe:77:ff:2f:ce:08:b5:11:
24:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:E7:08:49:61:FE:5F:78:22:3E:7D:E7:D0:85:18:C0:8F:32:22:81
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kOcISWH-X3giPn3n0IUYwI8yIoE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8f:08:69:8c:d6:33:f0:be:3d:7d:c4:e2:4d:45:6b:b4:f1:67:
3b:5f:6f:02:1b:d2:57:f8:f0:52:26:46:4c:d2:0f:ca:ef:e7:
0e:9e:55:f2:2d:e8:e4:60:ee:23:38:d5:a2:bc:f5:95:33:da:
ae:5b:63:92:93:2f:91:4a:a5:6f:b9:f7:72:f4:ec:15:01:9f:
7d:57:50:af:66:95:7c:98:fc:93:25:37:d8:9b:bd:58:0d:eb:
08:3d:42:6a:0e:1a:75:5a:78:ed:46:9a:b8:b0:5c:37:a9:a3:
dd:47:ea:23:de:c5:77:56:4a:d0:67:5f:b5:25:4d:e1:19:cd:
ba:6a:0d:66:2e:92:58:d2:94:e9:75:a7:3f:d6:48:e5:dd:26:
70:b9:09:31:57:eb:2e:a9:d1:6a:f9:60:a7:9b:52:82:83:2e:
b1:8d:32:60:cc:18:03:37:2e:00:87:58:45:23:52:03:d2:12:
5f:9f:d9:7a:7b:03:37:5c:b2:2c:ea:31:80:f5:b8:92:5d:28:
9d:d5:65:8d:2f:27:f0:69:86:c8:a1:a6:8e:40:6b:68:74:3b:
80:be:a3:4a:83:bd:a5:08:f1:cf:38:3a:d9:1f:44:c7:c0:c8:
54:86:e2:db:41:af:f4:f2:7f:11:66:2c:01:55:f3:a1:50:de:
20:57:94:28
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU84wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
NzU0MjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwRTcwODQ5NjFGRTVG
NzgyMjNFN0RFN0QwODUxOEMwOEYzMjIyODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuF3zOL+CWH8buY31kWn6+gtqkh7jWNy/G1c7LD5skm/HFhI42
nabg+DZa2sAsSwLxZttVnTWPKhKah2fITIuUU8jGh0soTRZU9txO5hYP85l12m9l
Z5YiOdJ9HPJ1z25ujt7UZJGlYIQdJgL3Q9KvUqILJwYsUZzYxKXCTeTA1Vc45nmt
npc4Eoyh9lMAzqKY9z0/S5PwLatZ2C39A4aQRb7NRYA8eeUvK9inXLKN+E6bt44/
hd2sduzt63PlqP74EYVPXZwyp+m1GsbjPKpMXyqHgOFoYpQ6Zxg1o0v6FhDJr3FD
M2NHkXh21jjfRRKNhQTgDen+d/8vzgi1ESQZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkOcISWH+X3giPn3n0IUYwI8yIoEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tPY0lTV0gtWDNnaVBu
M24wSVVZd0k4eUlvRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAjwhpjNYz8L49fcTiTUVrtPFnO19vAhvS
V/jwUiZGTNIPyu/nDp5V8i3o5GDuIzjVorz1lTParltjkpMvkUqlb7n3cvTsFQGf
fVdQr2aVfJj8kyU32Ju9WA3rCD1Cag4adVp47UaauLBcN6mj3UfqI97Fd1ZK0Gdf
tSVN4RnNumoNZi6SWNKU6XWnP9ZI5d0mcLkJMVfrLqnRavlgp5tSgoMusY0yYMwY
AzcuAIdYRSNSA9ISX5/ZensDN1yyLOoxgPW4kl0ondVljS8n8GmGyKGmjkBraHQ7
gL6jSoO9pQjxzzg62R9Ex8DIVIbi20Gv9PJ/EWYsAVXzoVDeIFeUKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org