Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/oI7eefB_5jcNok50IkUuKL2vwzI.roa
File: oI7eefB_5jcNok50IkUuKL2vwzI.roa (raw, json)
Hash identifier: 9xdnX19f6tK6yzos5NRFP3/HDu4wNLh3TaFfVLZWF6o=
Subject key identifier: A0:8E:DE:79:F0:7F:E6:37:0D:A2:4E:74:22:45:2E:28:BD:AF:C3:32
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 489E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oI7eefB_5jcNok50IkUuKL2vwzI.roa
Signing time: Thu 25 Apr 2024 09:53:18 +0000
ROA not before: Thu 25 Apr 2024 09:53:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18590 (0x489e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 09:53:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A08EDE79F07FE6370DA24E7422452E28BDAFC332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:91:5d:a1:e8:ae:37:91:cf:d4:7f:2f:0b:c4:
32:f9:9a:77:cb:69:e9:03:ca:b4:80:79:a1:6c:09:
d5:bd:72:57:2b:f6:51:76:0e:17:07:ec:84:9b:d6:
a1:aa:06:43:58:7c:dd:48:eb:e8:15:1b:66:7f:e4:
18:f4:af:66:d8:d8:fe:1c:40:c4:2a:d8:fc:66:38:
24:93:f6:ae:cb:af:98:8f:18:2c:04:14:2f:71:09:
39:ed:bf:d8:ad:fc:88:42:ec:32:2a:cd:b1:cb:5d:
ef:14:68:46:40:ee:80:66:a5:f0:60:05:50:75:47:
72:51:d4:d6:c9:09:d2:f9:d6:3b:37:2a:a5:58:b9:
c4:49:91:dc:d2:57:f6:3c:e5:4e:c9:fc:83:97:ca:
60:b4:3f:f2:eb:34:62:a0:8e:67:e2:f0:53:19:2c:
e7:52:44:4e:80:74:8f:e8:20:f6:46:86:f8:e5:1e:
a0:d7:36:8f:fe:e6:14:95:41:f7:94:26:91:5e:11:
e1:26:85:ac:11:92:a4:92:50:1b:c4:74:1a:ac:eb:
52:12:99:19:ae:8f:a9:34:6f:e7:46:e4:52:c2:61:
58:34:fb:43:5d:72:5b:6f:c0:e9:4f:3f:72:6a:b8:
50:d4:d6:d8:00:a9:6d:51:92:dc:1f:2d:4d:86:61:
8b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:8E:DE:79:F0:7F:E6:37:0D:A2:4E:74:22:45:2E:28:BD:AF:C3:32
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oI7eefB_5jcNok50IkUuKL2vwzI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:be:06:0d:c5:97:1d:8d:01:86:2d:fa:a5:1d:fe:14:31:b8:
27:6a:0f:9e:f3:aa:9c:b1:33:51:61:52:79:34:2d:83:7f:c6:
3e:5d:41:a9:e9:36:c4:05:d0:13:d4:12:11:9b:8f:b9:5b:62:
d2:06:e3:12:0b:2c:1d:73:6b:43:e4:61:cd:b1:27:68:1e:1b:
f0:2e:07:e5:85:7f:d9:bc:05:1e:44:fd:08:ec:11:c2:fd:da:
c8:b2:b5:b7:03:99:66:95:a0:b5:dc:72:8c:7b:bc:94:52:e1:
80:7d:cd:4a:f1:ab:e6:17:f1:92:7f:02:93:00:51:06:06:f3:
b8:64:c4:4f:b3:6f:4c:d8:29:02:8b:79:39:aa:2a:62:50:c5:
2e:e2:08:74:77:1e:dc:b1:ac:64:49:84:ec:a6:88:f3:55:02:
b7:8c:f8:6a:3e:29:da:0a:68:f2:6e:3a:a5:82:06:4c:a2:f8:
71:3c:eb:61:24:69:e5:a7:aa:41:b5:9c:b8:78:81:61:68:18:
b4:f9:e1:d2:0d:c0:98:e3:fa:30:f8:b5:fb:33:55:10:42:55:
39:bc:e0:b2:43:b0:0f:fe:fa:2b:99:52:c0:30:0e:c4:86:f1:
38:16:d0:2d:34:27:cf:36:90:b1:f4:79:35:a9:7b:9c:b4:b3:
1e:05:9b:60
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUw
OTUzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEwOEVERTc5RjA3RkU2
MzcwREEyNEU3NDIyNDUyRTI4QkRBRkMzMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPkV2h6K43kc/Ufy8LxDL5mnfLaekDyrSAeaFsCdW9clcr9lF2
DhcH7ISb1qGqBkNYfN1I6+gVG2Z/5Bj0r2bY2P4cQMQq2PxmOCST9q7Lr5iPGCwE
FC9xCTntv9it/IhC7DIqzbHLXe8UaEZA7oBmpfBgBVB1R3JR1NbJCdL51js3KqVY
ucRJkdzSV/Y85U7J/IOXymC0P/LrNGKgjmfi8FMZLOdSRE6AdI/oIPZGhvjlHqDX
No/+5hSVQfeUJpFeEeEmhawRkqSSUBvEdBqs61ISmRmuj6k0b+dG5FLCYVg0+0Nd
cltvwOlPP3JquFDU1tgAqW1RktwfLU2GYYt9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUoI7eefB/5jcNok50IkUuKL2vwzIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29JN2VlZkJfNWpjTm9r
NTBJa1V1S0wydnd6SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEACb4GDcWXHY0Bhi36pR3+FDG4J2oPnvOq
nLEzUWFSeTQtg3/GPl1Bqek2xAXQE9QSEZuPuVti0gbjEgssHXNrQ+RhzbEnaB4b
8C4H5YV/2bwFHkT9COwRwv3ayLK1twOZZpWgtdxyjHu8lFLhgH3NSvGr5hfxkn8C
kwBRBgbzuGTET7NvTNgpAot5OaoqYlDFLuIIdHce3LGsZEmE7KaI81UCt4z4aj4p
2gpo8m46pYIGTKL4cTzrYSRp5aeqQbWcuHiBYWgYtPnh0g3AmOP6MPi1+zNVEEJV
ObzgskOwD/76K5lSwDAOxIbxOBbQLTQnzzaQsfR5Nal7nLSzHgWbYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:46 2024 by rpki-client on console-fra.rpki-client.org