Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Fh-mV9cJnIgjuX6lyr9TSmE0qLY.roa
File: Fh-mV9cJnIgjuX6lyr9TSmE0qLY.roa (raw, json)
Hash identifier: orDL9VuGHvixvlGm4sP8pKU9b7fs01wjDPVGhORrHK4=
Subject key identifier: 16:1F:A6:57:D7:09:9C:88:23:B9:7E:A5:CA:BF:53:4A:61:34:A8:B6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 39EE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Fh-mV9cJnIgjuX6lyr9TSmE0qLY.roa
Signing time: Fri 05 Apr 2024 19:52:24 +0000
ROA not before: Fri 05 Apr 2024 19:52:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14830 (0x39ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 19:52:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=161FA657D7099C8823B97EA5CABF534A6134A8B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:77:da:79:c2:9c:b0:4f:b3:03:a3:0a:d7:91:
f0:e0:30:da:66:a8:29:4e:83:1b:78:a8:72:52:b1:
2e:06:47:a2:86:7e:36:c9:bf:70:c6:21:8a:4c:e3:
3e:ff:86:79:25:61:c9:f8:db:0e:7b:74:18:91:c6:
13:43:ff:a5:83:ae:99:4f:17:de:86:db:ae:a0:c5:
79:2c:ba:ba:e6:55:bf:82:c4:07:a8:4a:1b:ea:c4:
2d:1c:ce:34:ec:5f:73:0c:7b:20:28:b6:da:04:cc:
14:56:c6:48:60:15:69:9b:37:8a:aa:1c:28:dc:bb:
b8:bb:7d:da:58:43:ad:1e:77:ca:9f:1c:b8:d4:45:
0a:cf:e4:05:91:79:c1:69:cf:03:f0:23:fb:16:46:
98:84:c4:5a:27:fe:73:d0:51:0f:b4:9d:66:54:82:
ab:7f:fc:66:dc:d9:8d:08:38:38:bc:95:4b:32:52:
20:4c:3b:4a:35:b5:16:a7:9d:3a:c2:9e:f0:23:32:
b1:33:43:ac:60:0d:f6:15:9c:c9:bd:3c:8d:56:c4:
49:a9:72:d4:5f:a7:1d:4f:f5:17:7a:24:90:dc:1d:
2f:33:a2:90:51:1d:21:fb:7e:70:d2:d3:92:8c:06:
eb:54:e8:a7:9e:33:49:1c:70:36:48:2d:6f:46:e4:
06:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:1F:A6:57:D7:09:9C:88:23:B9:7E:A5:CA:BF:53:4A:61:34:A8:B6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Fh-mV9cJnIgjuX6lyr9TSmE0qLY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:f2:17:50:86:fa:46:86:e5:d0:d7:6b:57:e6:cd:e5:29:e7:
c3:36:95:e3:27:99:1d:f9:7b:fa:27:27:f0:16:e1:b2:7d:2e:
a6:69:67:f9:73:01:d6:1f:fc:c1:29:1d:d3:db:b8:db:0b:c2:
1c:5b:40:2e:7a:67:33:c5:62:23:6d:d4:b5:97:e5:14:73:eb:
d9:53:30:5e:43:67:34:5e:2c:f5:4c:44:e0:41:4e:19:fa:54:
1b:e6:5e:e3:58:15:cf:a0:bb:78:e2:eb:41:6f:d1:04:37:2b:
61:e9:fd:a2:12:ee:0a:96:cb:6b:a3:15:29:74:ea:5f:5b:8c:
a0:9e:e4:e6:72:da:c4:c7:17:c6:04:f8:6c:7d:bc:34:61:f1:
8d:84:a0:2e:85:fe:d3:cc:d8:29:99:04:9c:cb:76:44:67:ac:
da:3e:88:91:b1:6f:bc:9f:6a:4b:06:6c:57:f0:ea:c8:3d:34:
f5:fe:de:40:a4:aa:d3:2e:c2:e1:a8:b1:9f:1f:1a:81:cb:eb:
9a:16:38:20:4c:45:be:f8:69:e4:49:49:82:2c:b7:d0:fa:91:
da:86:03:d4:75:df:1c:98:61:aa:9f:d0:cb:4a:59:59:ae:2c:
73:56:a0:91:b6:7a:54:b8:3e:13:f9:73:13:a0:9e:06:a1:80:
cd:34:78:16
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUx
OTUyMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE2MUZBNjU3RDcwOTlD
ODgyM0I5N0VBNUNBQkY1MzRBNjEzNEE4QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCad9p5wpywT7MDowrXkfDgMNpmqClOgxt4qHJSsS4GR6KGfjbJ
v3DGIYpM4z7/hnklYcn42w57dBiRxhND/6WDrplPF96G266gxXksurrmVb+CxAeo
ShvqxC0czjTsX3MMeyAottoEzBRWxkhgFWmbN4qqHCjcu7i7fdpYQ60ed8qfHLjU
RQrP5AWRecFpzwPwI/sWRpiExFon/nPQUQ+0nWZUgqt//Gbc2Y0IODi8lUsyUiBM
O0o1tRannTrCnvAjMrEzQ6xgDfYVnMm9PI1WxEmpctRfpx1P9Rd6JJDcHS8zopBR
HSH7fnDS05KMButU6KeeM0kccDZILW9G5AYvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUFh+mV9cJnIgjuX6lyr9TSmE0qLYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZoLW1WOWNKbklnanVY
Nmx5cjlUU21FMHFMWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAZfIXUIb6Robl0NdrV+bN5SnnwzaV4yeZ
Hfl7+icn8Bbhsn0upmln+XMB1h/8wSkd09u42wvCHFtALnpnM8ViI23UtZflFHPr
2VMwXkNnNF4s9UxE4EFOGfpUG+Ze41gVz6C7eOLrQW/RBDcrYen9ohLuCpbLa6MV
KXTqX1uMoJ7k5nLaxMcXxgT4bH28NGHxjYSgLoX+08zYKZkEnMt2RGes2j6IkbFv
vJ9qSwZsV/DqyD009f7eQKSq0y7C4aixnx8agcvrmhY4IExFvvhp5ElJgiy30PqR
2oYD1HXfHJhhqp/Qy0pZWa4sc1agkbZ6VLg+E/lzE6CeBqGAzTR4Fg==
-----END CERTIFICATE-----
Generated at Sat Apr 6 06:04:28 2024 by rpki-client on console.sobornost.net