Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/oYGjiUSxxWTpvQtXFaPchxZx9Go.roa
File: oYGjiUSxxWTpvQtXFaPchxZx9Go.roa (raw, json)
Hash identifier: a8D0u2EJM+q0pXxbM+Ig+sk1S/cZhOVZ6gY4Uj0N3g8=
Subject key identifier: A1:81:A3:89:44:B1:C5:64:E9:BD:0B:57:15:A3:DC:87:16:71:F4:6A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44FE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oYGjiUSxxWTpvQtXFaPchxZx9Go.roa
Signing time: Sat 20 Apr 2024 13:53:04 +0000
ROA not before: Sat 20 Apr 2024 13:53:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17662 (0x44fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 13:53:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A181A38944B1C564E9BD0B5715A3DC871671F46A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ea:cc:aa:6b:e6:8f:ea:8f:7d:0e:52:70:12:
86:ad:31:24:84:a9:08:49:cb:77:ef:ef:de:82:3d:
03:84:d7:2a:5b:ca:38:6c:63:55:50:91:72:bd:3d:
da:51:e7:31:87:3f:1d:3a:b2:4d:eb:f9:10:35:60:
cd:c2:41:dc:85:0e:39:c4:ac:49:80:21:83:0c:69:
ce:c7:38:da:a3:7e:bb:e5:a9:a0:5d:0c:ed:16:51:
27:70:be:8a:83:9d:d7:46:d7:06:ff:4e:be:7f:43:
5a:9d:90:49:05:41:9f:48:23:92:da:f0:ec:4f:b0:
72:fe:91:c2:c0:fa:3d:dc:f4:fb:ec:64:46:0e:c4:
00:c6:be:83:54:86:85:36:b3:46:54:7b:fc:8a:74:
33:fc:f8:db:ed:c4:63:88:bd:80:7b:53:a6:73:c4:
ed:0b:4d:dd:26:e2:f9:58:cd:e2:45:74:df:19:25:
ce:9b:4d:5a:c4:d1:d1:d6:1f:67:9c:7a:f6:e0:e9:
51:7b:d8:49:0e:2b:a6:92:3f:fe:9b:f6:a1:3c:24:
11:6a:9f:07:bd:e5:13:06:ee:4e:0f:fd:74:2f:51:
ad:f2:db:62:b2:23:5b:00:7c:ba:34:fd:58:41:f9:
cc:e3:fa:40:b9:24:87:6e:ea:1a:a9:4b:1a:32:55:
28:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:81:A3:89:44:B1:C5:64:E9:BD:0B:57:15:A3:DC:87:16:71:F4:6A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oYGjiUSxxWTpvQtXFaPchxZx9Go.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:d7:b9:d1:f5:9f:21:0f:c1:35:75:96:82:80:d3:91:be:95:
a5:9e:70:2d:d2:29:56:e0:d2:d6:22:a3:01:8e:16:22:cb:33:
43:1f:01:13:ca:ac:6d:36:86:a8:cb:04:52:48:2f:01:4e:0d:
5a:d4:97:43:4b:3d:43:53:e7:bb:8c:b1:55:58:60:a2:9a:c7:
85:28:de:00:9c:b2:b1:bd:bb:0d:75:e3:9b:a2:e7:30:28:64:
f4:a8:ca:6d:44:a4:86:ce:c7:28:77:03:76:f2:c2:86:17:6e:
28:d5:68:1b:61:de:c2:54:7a:a0:29:7c:06:87:ca:06:27:32:
04:14:86:3c:4f:8b:9b:43:26:37:d5:a4:6b:a0:58:40:0b:3f:
39:1a:e0:94:41:7e:16:ea:6d:0d:ec:c0:3c:de:7b:2b:5f:a8:
0e:db:36:b8:5e:58:56:67:0e:ca:8f:c2:d8:c9:d1:da:dd:6e:
bf:3b:d7:70:ec:ad:bc:d3:32:99:ab:6f:3b:04:d2:cc:1f:99:
f7:f8:e0:4a:35:fa:5b:ee:16:03:5a:58:0e:b8:27:cf:37:09:
ea:90:6b:5d:83:5f:f8:80:85:62:94:a0:40:75:00:a6:69:c9:
c8:af:fc:0b:a3:14:f0:f6:37:12:6d:1e:a9:77:75:7a:59:bb:
c9:dd:8e:63
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
MzUzMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEExODFBMzg5NDRCMUM1
NjRFOUJEMEI1NzE1QTNEQzg3MTY3MUY0NkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU6syqa+aP6o99DlJwEoatMSSEqQhJy3fv796CPQOE1ypbyjhs
Y1VQkXK9PdpR5zGHPx06sk3r+RA1YM3CQdyFDjnErEmAIYMMac7HONqjfrvlqaBd
DO0WUSdwvoqDnddG1wb/Tr5/Q1qdkEkFQZ9II5La8OxPsHL+kcLA+j3c9PvsZEYO
xADGvoNUhoU2s0ZUe/yKdDP8+NvtxGOIvYB7U6ZzxO0LTd0m4vlYzeJFdN8ZJc6b
TVrE0dHWH2ecevbg6VF72EkOK6aSP/6b9qE8JBFqnwe95RMG7k4P/XQvUa3y22Ky
I1sAfLo0/VhB+czj+kC5JIdu6hqpSxoyVSglAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUoYGjiUSxxWTpvQtXFaPchxZx9GowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29ZR2ppVVN4eFdUcHZR
dFhGYVBjaHhaeDlHby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAW9e50fWfIQ/BNXWWgoDTkb6VpZ5wLdIp
VuDS1iKjAY4WIsszQx8BE8qsbTaGqMsEUkgvAU4NWtSXQ0s9Q1Pnu4yxVVhgoprH
hSjeAJyysb27DXXjm6LnMChk9KjKbUSkhs7HKHcDdvLChhduKNVoG2HewlR6oCl8
BofKBicyBBSGPE+Lm0MmN9Wka6BYQAs/ORrglEF+FuptDezAPN57K1+oDts2uF5Y
VmcOyo/C2MnR2t1uvzvXcOytvNMymatvOwTSzB+Z9/jgSjX6W+4WA1pYDrgnzzcJ
6pBrXYNf+ICFYpSgQHUApmnJyK/8C6MU8PY3Em0eqXd1elm7yd2OYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:46 2024 by rpki-client on console-fra.rpki-client.org