Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ULAQH2jWZPVd_Q607EH0SSg6YTg.roa
File: ULAQH2jWZPVd_Q607EH0SSg6YTg.roa (raw, json)
Hash identifier: s5XfNzt6A1jMICfuGQv5NmSt1NuQKc2za+TMQF2Oau8=
Subject key identifier: 50:B0:10:1F:68:D6:64:F5:5D:FD:0E:B4:EC:41:F4:49:28:3A:61:38
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FFE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ULAQH2jWZPVd_Q607EH0SSg6YTg.roa
Signing time: Sat 13 Apr 2024 21:52:52 +0000
ROA not before: Sat 13 Apr 2024 21:52:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16382 (0x3ffe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 21:52:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=50B0101F68D664F55DFD0EB4EC41F449283A6138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c0:f5:95:60:13:7b:b9:12:c9:b2:d4:e6:8d:
7e:1a:ee:f7:42:5b:b6:fd:4e:af:11:42:53:33:65:
c1:71:db:03:c8:af:41:af:c7:5c:e5:19:81:00:aa:
b1:ff:a6:9d:d9:28:22:d9:29:53:38:de:04:52:f2:
69:d6:f5:3d:d3:03:86:95:48:ea:12:2e:5a:7b:78:
b0:67:61:de:a8:d9:36:7d:19:a3:b6:1c:9b:d6:fc:
d3:5d:2d:35:5a:b7:7a:77:3f:ef:a8:b1:1a:08:80:
db:b7:b8:94:fd:79:81:0f:65:05:7c:02:87:e7:04:
ec:09:19:83:f1:9c:ba:1b:b6:92:78:3b:87:da:cb:
00:15:33:bb:8a:3c:64:84:1c:05:0e:00:f9:f8:84:
62:05:c0:51:ce:f9:f2:18:03:8b:16:41:41:ff:a6:
29:bc:cf:35:e5:1c:3d:35:80:76:41:6e:13:4c:17:
59:83:6e:69:e9:32:a9:94:bd:04:fb:a2:ae:34:a6:
57:89:af:ff:52:e2:ef:9a:73:70:28:1b:6d:66:64:
8d:36:ce:20:6a:d3:c0:41:88:72:c7:d4:91:d1:98:
4e:ac:46:02:86:7d:da:c5:dd:68:60:bf:4a:7a:da:
52:4d:4f:e3:c1:39:fc:ed:e5:b5:c4:67:9a:26:1e:
89:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B0:10:1F:68:D6:64:F5:5D:FD:0E:B4:EC:41:F4:49:28:3A:61:38
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ULAQH2jWZPVd_Q607EH0SSg6YTg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:a3:92:36:ae:80:bb:8e:b6:16:6b:5a:25:b0:b8:20:8b:17:
5d:20:67:66:4d:63:ee:f9:35:99:da:59:39:ed:f4:21:1a:f2:
ec:b0:2b:19:14:72:03:df:b7:ff:d3:71:19:a7:ea:3a:ad:e2:
08:73:1f:61:ab:b7:17:0a:88:94:41:ce:96:87:0d:cd:b0:f1:
ca:bc:27:40:99:69:bb:7d:9f:00:18:56:ae:df:31:22:fd:43:
fa:6e:30:7c:a1:d2:cd:8a:76:85:23:09:a1:9e:96:97:b8:09:
35:d0:34:72:e8:7f:0b:31:ad:0c:7b:79:e4:a4:d9:6a:4b:20:
35:db:e8:9f:64:e1:f7:aa:d6:fa:f0:61:21:40:5b:d1:ed:73:
95:be:cb:f1:5f:a8:26:84:7a:b9:1d:13:9f:10:01:f0:f0:e4:
9e:ef:db:d3:ac:84:ed:61:49:62:9c:ad:9d:92:fb:dc:a3:9d:
80:aa:09:1f:69:39:b9:15:46:9d:49:06:c4:aa:2a:d2:44:b7:
4d:7f:69:b5:f1:ad:5a:df:29:15:74:e0:7f:e4:92:05:3b:b9:
16:c5:d4:76:ee:74:4c:f3:dc:4b:46:6d:22:04:ed:5e:17:ee:
2c:e0:97:d1:42:31:23:3c:e5:ce:12:55:25:ab:b3:a5:56:e8:
dc:b6:d8:b0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMy
MTUyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUwQjAxMDFGNjhENjY0
RjU1REZEMEVCNEVDNDFGNDQ5MjgzQTYxMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqwPWVYBN7uRLJstTmjX4a7vdCW7b9Tq8RQlMzZcFx2wPIr0Gv
x1zlGYEAqrH/pp3ZKCLZKVM43gRS8mnW9T3TA4aVSOoSLlp7eLBnYd6o2TZ9GaO2
HJvW/NNdLTVat3p3P++osRoIgNu3uJT9eYEPZQV8AofnBOwJGYPxnLobtpJ4O4fa
ywAVM7uKPGSEHAUOAPn4hGIFwFHO+fIYA4sWQUH/pim8zzXlHD01gHZBbhNMF1mD
bmnpMqmUvQT7oq40pleJr/9S4u+ac3AoG21mZI02ziBq08BBiHLH1JHRmE6sRgKG
fdrF3Whgv0p62lJNT+PBOfzt5bXEZ5omHom5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUULAQH2jWZPVd/Q607EH0SSg6YTgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VMQVFIMmpXWlBWZF9R
NjA3RUgwU1NnNllUZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEARqOSNq6Au462FmtaJbC4IIsXXSBnZk1j
7vk1mdpZOe30IRry7LArGRRyA9+3/9NxGafqOq3iCHMfYau3FwqIlEHOlocNzbDx
yrwnQJlpu32fABhWrt8xIv1D+m4wfKHSzYp2hSMJoZ6Wl7gJNdA0cuh/CzGtDHt5
5KTZaksgNdvon2Th96rW+vBhIUBb0e1zlb7L8V+oJoR6uR0TnxAB8PDknu/b06yE
7WFJYpytnZL73KOdgKoJH2k5uRVGnUkGxKoq0kS3TX9ptfGtWt8pFXTgf+SSBTu5
FsXUdu50TPPcS0ZtIgTtXhfuLOCX0UIxIzzlzhJVJauzpVbo3LbYsA==
-----END CERTIFICATE-----
Generated at Sun Apr 14 06:02:48 2024 by rpki-client on console.sobornost.net