Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/orue1Duhg66amNPyqBT2zH4VDec.roa
File: orue1Duhg66amNPyqBT2zH4VDec.roa (raw, json)
Hash identifier: tz5Do5MwSvRFj6aQuVZcfBrNaB1QD6Znu1Q8yb/HqUQ=
Subject key identifier: A2:BB:9E:D4:3B:A1:83:AE:9A:98:D3:F2:A8:14:F6:CC:7E:15:0D:E7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55AA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/orue1Duhg66amNPyqBT2zH4VDec.roa
Signing time: Sun 12 May 2024 19:24:05 +0000
ROA not before: Sun 12 May 2024 19:24:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21930 (0x55aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 19:24:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A2BB9ED43BA183AE9A98D3F2A814F6CC7E150DE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:60:7c:17:40:0f:9e:d2:6a:10:7b:59:22:d6:
3e:95:22:ad:07:40:a4:7d:d7:2d:57:88:0f:ad:b3:
e6:f7:f3:cc:29:51:d8:a8:76:f7:74:12:64:32:fc:
08:02:c8:db:29:f1:16:0b:ee:fe:ec:ff:59:08:6a:
82:fb:17:08:50:cb:24:49:6e:e2:a6:52:ff:b3:16:
0f:f6:b3:31:d4:4b:c1:fa:e0:2d:6f:22:d6:df:ec:
8a:85:28:3b:87:db:3b:99:dc:20:2f:63:d8:c3:bf:
0a:2b:97:01:3c:8f:ad:d8:ed:f9:d5:e3:d2:d7:07:
72:10:a9:6f:58:44:7c:85:71:b8:e8:3a:a1:e5:bd:
2d:6e:a7:56:1d:21:60:9c:ff:7d:0a:b8:a7:e6:b7:
ec:b3:c0:0b:f5:87:58:29:5e:7b:50:20:bb:10:10:
c5:12:e4:4c:4e:f9:5d:49:d3:71:6f:91:85:99:5e:
39:ee:f7:11:86:29:ac:bc:04:a9:c7:aa:f0:02:64:
22:eb:a2:68:3b:2b:29:59:04:95:8b:32:7d:a7:51:
cb:26:30:6b:cc:1a:96:f3:de:46:27:f5:a2:a1:1c:
40:07:24:be:b5:43:5b:fd:56:f4:4f:80:22:d9:f6:
bd:e5:63:ab:c7:84:64:47:84:74:49:f9:40:74:8b:
40:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BB:9E:D4:3B:A1:83:AE:9A:98:D3:F2:A8:14:F6:CC:7E:15:0D:E7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/orue1Duhg66amNPyqBT2zH4VDec.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:d9:57:70:d5:25:ee:ca:dc:be:b5:51:12:8c:86:a6:0e:69:
af:04:a3:4f:c5:e3:f9:9d:70:b5:89:70:25:4d:6d:69:ad:3b:
2b:3c:28:ab:05:f9:8f:67:48:b4:b4:49:a1:a1:f7:7a:1d:e5:
0d:19:58:b4:0f:9f:9b:5f:65:88:57:86:d0:b7:d8:1b:ca:91:
fe:82:4f:1b:6c:7a:fb:0a:31:e4:48:c6:41:5e:32:94:1c:e2:
e2:52:15:c2:e3:1d:62:3e:ff:ca:64:2c:ab:12:58:df:35:c2:
85:40:85:6f:ed:f1:52:fd:1d:0b:f6:ac:55:14:5d:90:eb:b9:
25:7c:70:3f:22:96:47:2c:c8:1f:e5:71:40:8e:c6:d9:f9:36:
53:31:9b:c3:0c:f2:53:b7:f0:c0:c2:1a:fc:d0:18:29:89:d3:
fe:19:d1:10:1c:72:8f:99:52:1a:c5:58:2a:fc:a4:45:e7:ec:
ed:e8:8c:fc:c6:dc:83:e3:6a:5e:c6:18:eb:cc:d3:cc:15:a8:
64:0f:46:62:9c:79:fe:a2:bd:e7:14:c9:56:bc:2d:c2:31:a5:
02:f0:38:10:7c:8f:a1:99:b2:60:b5:d3:c4:3c:8d:fa:33:4a:
71:8e:96:37:24:ec:0b:db:30:43:95:7d:bf:9a:6a:8b:fa:f7:
3b:c0:fc:1b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVaowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIx
OTI0MDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEyQkI5RUQ0M0JBMTgz
QUU5QTk4RDNGMkE4MTRGNkNDN0UxNTBERTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoYHwXQA+e0moQe1ki1j6VIq0HQKR91y1XiA+ts+b388wpUdio
dvd0EmQy/AgCyNsp8RYL7v7s/1kIaoL7FwhQyyRJbuKmUv+zFg/2szHUS8H64C1v
Itbf7IqFKDuH2zuZ3CAvY9jDvworlwE8j63Y7fnV49LXB3IQqW9YRHyFcbjoOqHl
vS1up1YdIWCc/30KuKfmt+yzwAv1h1gpXntQILsQEMUS5ExO+V1J03FvkYWZXjnu
9xGGKay8BKnHqvACZCLromg7KylZBJWLMn2nUcsmMGvMGpbz3kYn9aKhHEAHJL61
Q1v9VvRPgCLZ9r3lY6vHhGRHhHRJ+UB0i0BfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUorue1Duhg66amNPyqBT2zH4VDecwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29ydWUxRHVoZzY2YW1O
UHlxQlQyekg0VkRlYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQNlXcNUl7srcvrVREoyGpg5prwSjT8Xj
+Z1wtYlwJU1taa07KzwoqwX5j2dItLRJoaH3eh3lDRlYtA+fm19liFeG0LfYG8qR
/oJPG2x6+wox5EjGQV4ylBzi4lIVwuMdYj7/ymQsqxJY3zXChUCFb+3xUv0dC/as
VRRdkOu5JXxwPyKWRyzIH+VxQI7G2fk2UzGbwwzyU7fwwMIa/NAYKYnT/hnREBxy
j5lSGsVYKvykRefs7eiM/Mbcg+NqXsYY68zTzBWoZA9GYpx5/qK95xTJVrwtwjGl
AvA4EHyPoZmyYLXTxDyN+jNKcY6WNyTsC9swQ5V9v5pqi/r3O8D8Gw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:10 2024 by rpki-client on console-ams.rpki-client.org