Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mcC5-SMwBQDT_z-OQlkUGbwm0mY.roa
File: mcC5-SMwBQDT_z-OQlkUGbwm0mY.roa (raw, json)
Hash identifier: 0RW/KJ8kmHmUbgSGd9m4/WRNlcK88zB3IZ3Kafr5T4o=
Subject key identifier: 99:C0:B9:F9:23:30:05:00:D3:FF:3F:8E:42:59:14:19:BC:26:D2:66
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43F6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mcC5-SMwBQDT_z-OQlkUGbwm0mY.roa
Signing time: Fri 19 Apr 2024 04:53:01 +0000
ROA not before: Fri 19 Apr 2024 04:53:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17398 (0x43f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 04:53:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=99C0B9F923300500D3FF3F8E42591419BC26D266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:64:29:12:8b:d0:79:7b:6f:bc:a1:c7:38:48:
de:ef:8b:84:fc:82:6c:f1:ef:ab:6b:2b:11:32:be:
96:87:a6:47:37:97:91:6c:ed:20:42:3d:3a:65:c1:
0d:67:28:3d:f7:f1:db:04:84:bd:62:ab:f1:55:1b:
a1:66:1a:8a:14:5a:d2:e3:d9:b7:8f:96:12:4b:2b:
6e:df:39:92:04:08:34:39:f4:2e:92:01:92:8b:00:
80:b6:c6:39:d8:b5:88:72:57:d4:af:ac:cb:b3:98:
ea:1a:a8:f5:91:58:11:68:35:b5:75:ea:7a:47:ad:
0b:de:97:01:e4:9a:f8:a8:4b:d2:7a:87:89:64:4b:
d3:6a:34:2d:7c:01:c6:df:7e:a2:ad:1b:f2:e5:f8:
62:cb:a3:bf:f0:2d:4b:ff:59:f3:02:93:b1:d8:48:
16:b6:0e:53:8f:74:f1:6c:80:22:74:df:b5:84:bc:
4c:79:64:62:45:89:d7:36:21:09:6f:72:0d:8c:a2:
61:d5:58:42:22:70:b5:14:0c:2e:cc:e5:b7:35:8f:
00:70:48:1b:45:73:f8:d8:ea:34:ac:17:4a:73:4a:
d3:21:03:e7:c4:9b:09:e3:97:4e:d7:c0:52:45:f4:
50:a2:18:d4:9f:f0:02:3c:3d:dd:fc:ea:1d:e0:74:
84:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C0:B9:F9:23:30:05:00:D3:FF:3F:8E:42:59:14:19:BC:26:D2:66
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mcC5-SMwBQDT_z-OQlkUGbwm0mY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:5c:69:e6:f5:c8:07:e9:da:9b:81:87:27:e2:ac:cd:06:c5:
ce:f7:92:08:ea:49:2f:c5:28:29:b2:5a:f0:5d:32:43:0f:b6:
a2:ea:67:af:2a:b9:5c:fb:2e:94:77:ce:30:72:88:2e:8d:0c:
1d:75:9b:bf:c3:fd:3c:f2:cd:a1:34:56:09:b4:d2:d9:3a:b8:
37:65:38:63:8f:54:90:1f:a8:31:a7:4d:83:a4:09:2c:0e:3f:
0f:6c:b1:7b:43:67:d9:fe:f9:fd:50:d4:a4:a5:de:a7:5a:6f:
04:76:89:5e:7e:b3:c5:c1:d1:32:81:6d:15:9a:ed:1d:90:b0:
39:5f:c0:81:5d:02:7f:d1:76:65:cc:2f:f5:59:25:a6:d2:eb:
e7:4c:01:2c:00:db:a8:3a:df:77:e9:1d:4d:42:1c:12:0a:fd:
fc:f8:8f:65:64:ab:8f:b3:b0:ba:e8:fd:b3:8e:77:98:10:a1:
c6:9d:2e:52:34:08:07:d7:27:a9:76:d1:a3:0e:4c:ff:bf:88:
81:f6:74:5c:94:f4:bf:0a:b6:10:06:64:67:b6:70:90:0f:df:
a0:e4:b3:fa:b6:87:9d:f8:3d:4d:20:88:3a:24:bc:1c:39:ec:
cd:35:69:01:ef:6f:5b:a5:b4:d4:df:a9:49:48:98:ff:25:07:
4f:11:70:3c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ/YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
NDUzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk5QzBCOUY5MjMzMDA1
MDBEM0ZGM0Y4RTQyNTkxNDE5QkMyNkQyNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/ZCkSi9B5e2+8occ4SN7vi4T8gmzx76trKxEyvpaHpkc3l5Fs
7SBCPTplwQ1nKD338dsEhL1iq/FVG6FmGooUWtLj2bePlhJLK27fOZIECDQ59C6S
AZKLAIC2xjnYtYhyV9SvrMuzmOoaqPWRWBFoNbV16npHrQvelwHkmvioS9J6h4lk
S9NqNC18AcbffqKtG/Ll+GLLo7/wLUv/WfMCk7HYSBa2DlOPdPFsgCJ037WEvEx5
ZGJFidc2IQlvcg2MomHVWEIicLUUDC7M5bc1jwBwSBtFc/jY6jSsF0pzStMhA+fE
mwnjl07XwFJF9FCiGNSf8AI8Pd386h3gdITXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUmcC5+SMwBQDT/z+OQlkUGbwm0mYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21jQzUtU013QlFEVF96
LU9RbGtVR2J3bTBtWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAMFxp5vXIB+nam4GHJ+KszQbFzveSCOpJ
L8UoKbJa8F0yQw+2oupnryq5XPsulHfOMHKILo0MHXWbv8P9PPLNoTRWCbTS2Tq4
N2U4Y49UkB+oMadNg6QJLA4/D2yxe0Nn2f75/VDUpKXep1pvBHaJXn6zxcHRMoFt
FZrtHZCwOV/AgV0Cf9F2Zcwv9VklptLr50wBLADbqDrfd+kdTUIcEgr9/PiPZWSr
j7Owuuj9s453mBChxp0uUjQIB9cnqXbRow5M/7+IgfZ0XJT0vwq2EAZkZ7ZwkA/f
oOSz+raHnfg9TSCIOiS8HDnszTVpAe9vW6W01N+pSUiY/yUHTxFwPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:45 2024 by rpki-client on console-fra.rpki-client.org