Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yhODGkEPdEhVT9cRHoNAWVCh888.roa
File: yhODGkEPdEhVT9cRHoNAWVCh888.roa (raw, json)
Hash identifier: WVjZjdrOwkgA9NjOYZPWG0DwjCCf/PLouDQAap6MGOY=
Subject key identifier: CA:13:83:1A:41:0F:74:48:55:4F:D7:11:1E:83:40:59:50:A1:F3:CF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3932
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yhODGkEPdEhVT9cRHoNAWVCh888.roa
Signing time: Thu 04 Apr 2024 20:22:23 +0000
ROA not before: Thu 04 Apr 2024 20:22:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14642 (0x3932)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 20:22:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CA13831A410F7448554FD7111E83405950A1F3CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e3:0c:c6:bf:43:b0:a5:2e:dd:67:ae:7e:b4:
f0:4c:39:77:ae:4d:1a:9a:ec:84:b0:17:db:81:98:
0e:e1:56:f7:7e:d1:ff:99:08:6e:91:e8:d7:bd:f8:
3c:60:9c:c9:6c:fc:7f:0e:81:8f:c0:b9:ea:93:b6:
88:51:4f:54:b2:89:4a:9a:1c:b3:80:4f:86:ea:f9:
9f:99:9b:08:3f:2c:ee:2d:db:e0:53:32:17:ee:e8:
6c:b0:19:15:b6:ca:0f:eb:dd:43:48:ca:fb:ea:13:
07:51:86:49:7d:31:18:f0:43:0a:5e:e5:90:2a:f5:
e0:5a:21:c8:11:73:ff:37:6d:f6:0e:9b:14:dc:50:
cd:57:87:7a:87:36:59:60:68:d6:75:b6:86:65:17:
01:6e:b9:c9:7e:d9:f2:51:ff:a6:2f:be:a0:53:8a:
58:30:19:27:cd:8f:8d:1b:4e:16:65:64:83:8d:28:
8d:3f:c4:93:de:d9:b6:04:a0:87:39:4a:30:47:f0:
e7:dd:24:69:78:bd:88:bb:04:05:56:83:1f:5f:fa:
8a:c2:7a:11:2c:25:f2:5a:48:c8:44:99:70:4a:52:
ba:31:d1:76:b8:ef:54:c4:c7:18:93:e5:ee:8f:d3:
77:38:8d:df:bf:97:fc:4a:a9:bf:73:1d:35:44:e6:
ba:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:13:83:1A:41:0F:74:48:55:4F:D7:11:1E:83:40:59:50:A1:F3:CF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yhODGkEPdEhVT9cRHoNAWVCh888.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bb:32:cd:30:2c:ef:54:10:ae:40:6d:f6:e3:b7:a1:37:e0:25:
40:7e:4e:ed:68:b7:c7:7a:73:99:0e:d6:d2:2e:ad:1b:08:75:
57:ed:12:d0:a1:0b:50:b0:14:69:43:a7:28:54:fc:f5:7c:cd:
30:8f:26:56:94:a7:a1:15:30:5d:78:49:7f:0c:1a:32:70:c3:
f5:5a:16:e3:c2:0d:61:2e:2e:1b:ea:46:bb:9a:d9:49:f8:ee:
32:26:24:f5:f9:1d:db:2d:c5:94:70:4b:cd:21:a0:71:17:00:
41:ae:dd:10:8f:1f:60:8f:6e:25:6d:e8:92:fb:ee:c3:64:e9:
b4:23:05:b7:ad:3e:88:5f:43:35:49:32:cf:91:cc:28:a3:2a:
ac:32:d1:03:43:3d:7d:83:e9:6c:14:08:80:6d:86:39:04:94:
98:c5:c7:b1:db:d7:e5:47:2e:fe:d0:84:dc:d9:99:46:96:3e:
d2:23:8b:bc:6b:10:f6:c0:db:8d:26:9b:14:90:f4:27:0b:b9:
55:ea:c4:29:e3:4a:ac:0b:56:b4:41:9f:91:4b:4f:6a:3f:c1:
a5:3e:21:c6:a9:8f:9f:58:b4:56:11:32:5c:9e:3b:ac:6f:3f:
99:87:0e:5c:4e:9f:4d:ad:2b:de:43:0b:27:62:1f:a7:ce:04:
4e:68:bf:a9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOTIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQy
MDIyMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBMTM4MzFBNDEwRjc0
NDg1NTRGRDcxMTFFODM0MDU5NTBBMUYzQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZ4wzGv0OwpS7dZ65+tPBMOXeuTRqa7ISwF9uBmA7hVvd+0f+Z
CG6R6Ne9+DxgnMls/H8OgY/AueqTtohRT1SyiUqaHLOAT4bq+Z+Zmwg/LO4t2+BT
Mhfu6GywGRW2yg/r3UNIyvvqEwdRhkl9MRjwQwpe5ZAq9eBaIcgRc/83bfYOmxTc
UM1Xh3qHNllgaNZ1toZlFwFuucl+2fJR/6YvvqBTilgwGSfNj40bThZlZIONKI0/
xJPe2bYEoIc5SjBH8OfdJGl4vYi7BAVWgx9f+orCehEsJfJaSMhEmXBKUrox0Xa4
71TExxiT5e6P03c4jd+/l/xKqb9zHTVE5rrxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUyhODGkEPdEhVT9cRHoNAWVCh888wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3loT0RHa0VQZEVoVlQ5
Y1JIb05BV1ZDaDg4OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAuzLNMCzvVBCuQG3247ehN+AlQH5O7Wi3
x3pzmQ7W0i6tGwh1V+0S0KELULAUaUOnKFT89XzNMI8mVpSnoRUwXXhJfwwaMnDD
9VoW48INYS4uG+pGu5rZSfjuMiYk9fkd2y3FlHBLzSGgcRcAQa7dEI8fYI9uJW3o
kvvuw2TptCMFt60+iF9DNUkyz5HMKKMqrDLRA0M9fYPpbBQIgG2GOQSUmMXHsdvX
5Ucu/tCE3NmZRpY+0iOLvGsQ9sDbjSabFJD0Jwu5VerEKeNKrAtWtEGfkUtPaj/B
pT4hxqmPn1i0VhEyXJ47rG8/mYcOXE6fTa0r3kMLJ2Ifp84ETmi/qQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:21 2024 by rpki-client on console-ams.rpki-client.org