Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/oe1L208_msYt013_khEJbsKKHB0.roa
File: oe1L208_msYt013_khEJbsKKHB0.roa (raw, json)
Hash identifier: M4sWC+FMgYkDszZK13Wegw+e7O4N4zxCFhJDKQf/cnI=
Subject key identifier: A1:ED:4B:DB:4F:3F:9A:C6:2D:D3:5D:FF:92:11:09:6E:C2:8A:1C:1D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47B6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oe1L208_msYt013_khEJbsKKHB0.roa
Signing time: Wed 24 Apr 2024 04:53:15 +0000
ROA not before: Wed 24 Apr 2024 04:53:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18358 (0x47b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 04:53:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A1ED4BDB4F3F9AC62DD35DFF9211096EC28A1C1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f0:a2:9c:c3:92:0b:5d:d4:7a:2d:9d:7e:0d:
08:99:1b:8a:14:f5:ed:09:7c:c8:b6:04:13:f7:3f:
a7:13:d3:a7:23:99:a1:41:16:e9:12:29:65:b2:6a:
3c:2d:d9:b3:f5:22:5f:21:f1:42:a9:dd:2c:13:7a:
3a:99:24:74:92:2d:e7:5d:a6:ad:0a:c1:fd:11:c4:
0d:40:6e:50:44:61:6a:00:60:b0:3d:f4:57:89:d9:
ba:3c:75:37:7b:e4:e6:84:15:7e:50:25:f8:84:0d:
10:20:a9:80:78:4b:f5:9b:2c:62:43:88:78:81:9a:
81:07:c9:4e:d1:59:63:63:24:84:91:e6:79:d0:11:
7c:c6:49:10:6e:eb:06:07:75:99:98:35:a6:15:c1:
08:74:82:3b:b4:a5:20:31:53:ce:bb:84:7c:2c:75:
7c:4b:ed:65:25:37:b4:bd:07:7c:f6:68:6c:aa:ad:
d4:ee:39:5f:bc:9b:d1:45:2f:72:7e:85:f4:5d:cc:
4f:d4:a1:a9:f6:a9:59:7c:b5:4a:03:e0:9e:75:11:
80:92:0a:3e:d0:7d:f1:a0:47:1d:e0:19:4b:a5:dd:
55:37:94:c2:d8:13:26:1c:67:4e:53:0f:b5:bb:c8:
be:89:a1:a5:ac:53:dd:b2:2e:fe:d8:b7:21:0f:96:
93:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:ED:4B:DB:4F:3F:9A:C6:2D:D3:5D:FF:92:11:09:6E:C2:8A:1C:1D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oe1L208_msYt013_khEJbsKKHB0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:12:dc:5f:e0:91:64:9f:d1:eb:c4:ca:63:8f:69:05:37:24:
c4:d8:bb:4e:80:52:b3:d9:a5:9d:44:4f:ad:19:8d:cb:5f:5c:
f2:d1:70:27:2e:bb:48:39:fa:33:27:31:ba:4c:be:17:f6:8f:
5b:71:ba:88:56:ad:f5:fc:de:18:2a:63:10:e4:d4:0c:11:eb:
73:0d:2e:1f:9e:86:2a:ea:82:21:93:d0:20:27:92:27:38:46:
8d:ec:54:04:f6:48:f9:f0:85:aa:9b:ed:58:cf:30:43:ee:a8:
62:67:69:52:18:cf:d7:90:f6:c6:fb:d6:ba:0d:5b:4e:04:60:
1a:c8:bb:58:98:be:7a:5a:1b:53:59:aa:fc:b7:10:21:db:af:
92:2a:d0:66:44:6a:f1:a4:f3:35:d1:8c:79:40:3c:60:59:8c:
95:d1:95:4f:d5:5b:0b:74:a5:39:17:9f:ef:13:c7:3e:91:00:
98:e8:ac:d2:53:75:e0:48:1b:a9:4d:4b:a3:28:bf:8f:27:b6:
59:e6:87:86:82:74:2b:cb:c5:83:fb:fc:a6:46:c4:04:ef:7d:
14:e0:fa:e0:b1:8e:81:72:c9:7c:4d:ec:d7:12:af:fe:b0:35:
8a:26:ce:10:3e:da:e0:42:f4:bf:df:44:f7:da:ed:fc:95:e6:
be:b5:75:de
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR7YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
NDUzMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEExRUQ0QkRCNEYzRjlB
QzYyREQzNURGRjkyMTEwOTZFQzI4QTFDMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP8KKcw5ILXdR6LZ1+DQiZG4oU9e0JfMi2BBP3P6cT06cjmaFB
FukSKWWyajwt2bP1Il8h8UKp3SwTejqZJHSSLeddpq0Kwf0RxA1AblBEYWoAYLA9
9FeJ2bo8dTd75OaEFX5QJfiEDRAgqYB4S/WbLGJDiHiBmoEHyU7RWWNjJISR5nnQ
EXzGSRBu6wYHdZmYNaYVwQh0gju0pSAxU867hHwsdXxL7WUlN7S9B3z2aGyqrdTu
OV+8m9FFL3J+hfRdzE/Uoan2qVl8tUoD4J51EYCSCj7QffGgRx3gGUul3VU3lMLY
EyYcZ05TD7W7yL6JoaWsU92yLv7YtyEPlpPFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUoe1L208/msYt013/khEJbsKKHB0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29lMUwyMDhfbXNZdDAx
M19raEVKYnNLS0hCMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEApxLcX+CRZJ/R68TKY49pBTckxNi7ToBS
s9mlnURPrRmNy19c8tFwJy67SDn6Mycxuky+F/aPW3G6iFat9fzeGCpjEOTUDBHr
cw0uH56GKuqCIZPQICeSJzhGjexUBPZI+fCFqpvtWM8wQ+6oYmdpUhjP15D2xvvW
ug1bTgRgGsi7WJi+elobU1mq/LcQIduvkirQZkRq8aTzNdGMeUA8YFmMldGVT9Vb
C3SlORef7xPHPpEAmOis0lN14EgbqU1Loyi/jye2WeaHhoJ0K8vFg/v8pkbEBO99
FOD64LGOgXLJfE3s1xKv/rA1iibOED7a4EL0v99E99rt/JXmvrV13g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:47 2024 by rpki-client on console-fra.rpki-client.org