Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/uOrqqx39d8GsfvRRpgFr9W5i-Uk.roa
File: uOrqqx39d8GsfvRRpgFr9W5i-Uk.roa (raw, json)
Hash identifier: 2sZ6up4lpRxZmqlW979J+3I1wzCYA1ngjZ1e3BrwILw=
Subject key identifier: B8:EA:EA:AB:1D:FD:77:C1:AC:7E:F4:51:A6:01:6B:F5:6E:62:F9:49
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 42D6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uOrqqx39d8GsfvRRpgFr9W5i-Uk.roa
Signing time: Wed 17 Apr 2024 16:53:00 +0000
ROA not before: Wed 17 Apr 2024 16:53:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17110 (0x42d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 16:53:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B8EAEAAB1DFD77C1AC7EF451A6016BF56E62F949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e0:81:ae:b2:c3:ee:9b:e2:6b:f9:fd:ad:9d:
d6:18:bb:cc:5c:78:d8:04:a9:d3:64:13:6d:54:e3:
3a:55:a9:2b:a9:a2:6f:fb:c2:d1:07:4c:f6:6e:99:
7f:d5:eb:6e:21:5a:8c:07:6b:ec:ff:6d:3d:06:c1:
1d:d4:4e:1c:69:3f:a7:31:56:5d:b1:3e:62:e9:cf:
63:06:b1:18:60:77:c9:43:aa:df:bc:85:a9:16:57:
19:6c:e2:38:0a:3a:a8:1a:62:fc:fc:8d:71:6f:e0:
b1:38:f1:77:af:8c:de:35:05:23:cc:25:fe:dd:79:
8f:58:3f:37:6a:72:79:56:db:e1:7b:9f:3d:54:23:
59:46:fa:af:7f:52:5c:ec:bf:d2:48:46:2f:a7:b9:
c6:a1:37:0c:36:50:5b:48:a4:49:2e:b9:63:e6:0c:
ed:f7:7b:cd:c6:91:c8:2b:76:cc:39:e6:e1:b5:ba:
08:53:e5:c5:4f:01:90:d9:9b:5d:3b:30:bc:3a:ff:
02:e4:5d:77:f8:1e:b3:7b:1d:06:a1:24:16:54:5a:
32:50:1c:d6:e2:1b:db:02:c0:be:f2:ca:99:b9:b4:
40:bb:61:8d:6d:48:21:87:a0:03:35:b3:ab:f9:d1:
c0:56:38:d9:a5:99:e9:4b:a7:e3:cc:b0:83:74:42:
04:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:EA:EA:AB:1D:FD:77:C1:AC:7E:F4:51:A6:01:6B:F5:6E:62:F9:49
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uOrqqx39d8GsfvRRpgFr9W5i-Uk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b8:40:6d:df:f4:0e:64:1d:bb:37:07:a1:2d:56:a9:80:f0:aa:
d7:45:90:ee:22:c5:08:6e:79:22:4a:6e:ab:c1:29:bb:c0:d7:
b5:ac:43:65:90:05:0a:01:8e:30:60:1e:3a:22:17:ea:c7:5e:
de:bd:02:44:63:7d:4b:ed:b6:66:f6:9a:ac:90:0c:69:ac:16:
ad:e6:6c:a9:ee:3a:d3:0a:3d:78:0c:8f:1f:c2:f0:ce:ee:4f:
f8:21:be:d0:ce:b6:a4:72:31:00:fa:36:40:33:32:bd:7d:3b:
2e:c5:fe:34:22:87:df:57:66:fd:41:d1:2d:99:c1:80:cc:83:
28:47:ef:fc:9a:02:e2:23:fe:68:7b:85:e3:da:7f:46:9b:9d:
29:40:39:3f:59:f1:0c:07:a4:57:c3:b1:4f:38:29:e5:eb:a0:
2f:fc:7f:a9:bf:23:84:a5:dd:55:3d:85:13:b0:de:87:b7:eb:
0a:33:5e:10:86:64:d2:66:6e:97:5e:8e:af:58:d8:44:ad:e3:
73:80:9a:8b:7c:47:56:16:51:a2:8a:bd:2e:56:a6:34:67:57:
8e:d8:ab:fc:85:8e:03:88:5b:bf:6c:0d:5d:7c:a3:f7:85:f6:
41:83:30:dd:4b:21:82:19:7a:9a:ce:c8:a7:f4:ae:2f:41:ac:
75:7f:26:00
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQtYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcx
NjUzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI4RUFFQUFCMURGRDc3
QzFBQzdFRjQ1MUE2MDE2QkY1NkU2MkY5NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDM4IGussPum+Jr+f2tndYYu8xceNgEqdNkE21U4zpVqSupom/7
wtEHTPZumX/V624hWowHa+z/bT0GwR3UThxpP6cxVl2xPmLpz2MGsRhgd8lDqt+8
hakWVxls4jgKOqgaYvz8jXFv4LE48XevjN41BSPMJf7deY9YPzdqcnlW2+F7nz1U
I1lG+q9/Ulzsv9JIRi+nucahNww2UFtIpEkuuWPmDO33e83Gkcgrdsw55uG1ughT
5cVPAZDZm107MLw6/wLkXXf4HrN7HQahJBZUWjJQHNbiG9sCwL7yypm5tEC7YY1t
SCGHoAM1s6v50cBWONmlmelLp+PMsIN0QgTbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUuOrqqx39d8GsfvRRpgFr9W5i+UkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3VPcnFxeDM5ZDhHc2Z2
UlJwZ0ZyOVc1aS1Vay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAuEBt3/QOZB27NwehLVapgPCq10WQ7iLF
CG55Ikpuq8Epu8DXtaxDZZAFCgGOMGAeOiIX6sde3r0CRGN9S+22ZvaarJAMaawW
reZsqe460wo9eAyPH8Lwzu5P+CG+0M62pHIxAPo2QDMyvX07LsX+NCKH31dm/UHR
LZnBgMyDKEfv/JoC4iP+aHuF49p/RpudKUA5P1nxDAekV8OxTzgp5eugL/x/qb8j
hKXdVT2FE7Deh7frCjNeEIZk0mZul16Or1jYRK3jc4Cai3xHVhZRooq9LlamNGdX
jtir/IWOA4hbv2wNXXyj94X2QYMw3Ushghl6ms7Ip/SuL0GsdX8mAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:52 2024 by rpki-client on console-fra.rpki-client.org