Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/s5bismnm3hh5WU_9WRKQq7zkuD4.roa
File: s5bismnm3hh5WU_9WRKQq7zkuD4.roa (raw, json)
Hash identifier: PZKIl1+2/SYIqtRI+WNN63GKg00ZM4PrcgHOSffHw/0=
Subject key identifier: B3:96:E2:B2:69:E6:DE:18:79:59:4F:FD:59:12:90:AB:BC:E4:B8:3E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 50D2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/s5bismnm3hh5WU_9WRKQq7zkuD4.roa
Signing time: Mon 06 May 2024 08:23:55 +0000
ROA not before: Mon 06 May 2024 08:23:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20690 (0x50d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 08:23:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B396E2B269E6DE1879594FFD591290ABBCE4B83E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b0:65:ab:0b:b4:72:02:34:85:8e:f8:34:ae:
e6:c5:bc:be:ef:16:1d:48:ab:58:01:cd:61:5b:cb:
ad:ac:08:01:cc:08:5a:a0:ef:ab:11:a3:60:d0:d1:
23:1f:45:49:87:7d:49:7f:f2:25:7b:72:05:b2:0d:
1d:12:63:91:df:ae:66:60:6a:e3:07:2c:25:56:30:
b1:34:61:b2:bd:f8:f1:bf:ac:bb:3a:2d:a9:4d:c0:
e1:86:68:4b:e7:29:a5:29:84:ce:a9:da:ab:b3:5a:
cd:92:5d:f3:76:82:e1:3e:ba:b7:e4:12:4c:3c:e7:
7b:df:46:16:50:4f:ed:fc:06:77:8d:72:fc:aa:25:
09:e8:39:c5:98:6a:98:e1:9a:0b:7f:ed:72:43:77:
e1:54:89:5a:e1:c8:1b:f2:28:55:21:71:39:a7:7a:
f0:a9:b1:d3:44:6e:b0:b1:b2:59:de:b0:87:62:f6:
cb:d8:b2:07:48:1b:f7:25:fb:cc:8d:68:fc:56:4c:
1e:62:de:1a:90:67:3a:66:9a:a9:21:cf:f7:1c:f4:
32:71:48:d1:62:2e:09:f0:b1:2c:cb:0e:88:b4:47:
0a:86:40:d9:2a:fd:64:42:b1:67:1c:e8:9b:99:1e:
36:29:29:70:0d:5d:4c:5a:16:44:8e:95:89:eb:85:
3f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:96:E2:B2:69:E6:DE:18:79:59:4F:FD:59:12:90:AB:BC:E4:B8:3E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/s5bismnm3hh5WU_9WRKQq7zkuD4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:18:c1:8b:b4:52:de:b6:91:94:10:13:22:9c:7d:2c:e1:3a:
cb:b7:3d:47:fd:54:da:78:7b:47:54:c7:bc:f2:0b:0c:5c:bd:
ca:b5:3b:89:2c:3d:b8:82:04:9c:9a:12:7f:8e:27:fe:f8:dd:
b1:5e:6f:f8:4c:3a:9d:08:ae:a3:d1:23:68:ed:21:c0:a6:85:
17:61:b0:ee:39:01:40:78:61:6b:ef:bb:e9:18:fd:a8:26:90:
17:43:66:d2:ef:7c:39:07:10:e7:fa:3a:d9:78:6e:fa:44:79:
4d:5c:cf:73:19:de:7a:f6:93:7f:9d:e3:c0:5e:36:8c:03:aa:
4e:c1:fc:b8:8d:e4:c9:8c:d7:84:36:40:f7:49:c6:5b:e9:0c:
89:de:11:a7:76:d6:a1:01:78:03:37:71:99:5f:43:92:31:e3:
75:45:a8:aa:7e:92:f7:28:83:ad:ba:fb:32:e7:53:7d:e0:88:
ec:9d:1f:76:92:d8:c1:90:d2:a7:aa:93:f2:b5:16:12:66:2c:
8a:ab:b1:51:fa:a3:52:01:53:a6:8a:b0:bc:1f:3b:70:3c:2b:
96:c5:02:b4:d9:65:f9:f4:ad:79:e3:2e:aa:74:5e:ba:01:62:
40:07:b2:ba:88:4f:1e:ee:ef:f6:dc:c6:23:49:17:c2:47:5a:
6b:bd:aa:eb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUNIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYw
ODIzNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIzOTZFMkIyNjlFNkRF
MTg3OTU5NEZGRDU5MTI5MEFCQkNFNEI4M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtsGWrC7RyAjSFjvg0rubFvL7vFh1Iq1gBzWFby62sCAHMCFqg
76sRo2DQ0SMfRUmHfUl/8iV7cgWyDR0SY5HfrmZgauMHLCVWMLE0YbK9+PG/rLs6
LalNwOGGaEvnKaUphM6p2quzWs2SXfN2guE+urfkEkw853vfRhZQT+38BneNcvyq
JQnoOcWYapjhmgt/7XJDd+FUiVrhyBvyKFUhcTmnevCpsdNEbrCxslnesIdi9svY
sgdIG/cl+8yNaPxWTB5i3hqQZzpmmqkhz/cc9DJxSNFiLgnwsSzLDoi0RwqGQNkq
/WRCsWcc6JuZHjYpKXANXUxaFkSOlYnrhT+jAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUs5bismnm3hh5WU/9WRKQq7zkuD4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3M1YmlzbW5tM2hoNVdV
XzlXUktRcTd6a3VENC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAbRjBi7RS3raRlBATIpx9LOE6y7c9R/1U
2nh7R1THvPILDFy9yrU7iSw9uIIEnJoSf44n/vjdsV5v+Ew6nQiuo9EjaO0hwKaF
F2Gw7jkBQHhha++76Rj9qCaQF0Nm0u98OQcQ5/o62Xhu+kR5TVzPcxneevaTf53j
wF42jAOqTsH8uI3kyYzXhDZA90nGW+kMid4Rp3bWoQF4AzdxmV9DkjHjdUWoqn6S
9yiDrbr7MudTfeCI7J0fdpLYwZDSp6qT8rUWEmYsiquxUfqjUgFTpoqwvB87cDwr
lsUCtNll+fSteeMuqnReugFiQAeyuohPHu7v9tzGI0kXwkdaa72q6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:50 2024 by rpki-client on console-fra.rpki-client.org