Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sp8eaBHx56J1N5CxMcr5E1XTgM0.roa
File: sp8eaBHx56J1N5CxMcr5E1XTgM0.roa (raw, json)
Hash identifier: ianXQlcC/XnB1AZ468llZkOWlFO5S1QL4BQXssnxzbQ=
Subject key identifier: B2:9F:1E:68:11:F1:E7:A2:75:37:90:B1:31:CA:F9:13:55:D3:80:CD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53BA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sp8eaBHx56J1N5CxMcr5E1XTgM0.roa
Signing time: Fri 10 May 2024 05:24:00 +0000
ROA not before: Fri 10 May 2024 05:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21434 (0x53ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 05:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B29F1E6811F1E7A2753790B131CAF91355D380CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:07:2b:ef:37:ee:0b:24:86:f1:b3:b6:84:c5:
cf:56:85:2b:e9:ca:c9:6c:e7:e0:31:49:03:55:08:
96:6c:48:e9:b7:b0:1a:68:4d:a9:f5:1d:72:d1:7f:
4f:e2:08:00:10:a1:a6:db:5d:ac:95:d1:c6:4b:40:
99:d7:6d:dd:00:1d:fc:3a:c3:04:9a:b5:78:c3:4d:
e2:dd:67:f8:f1:b5:67:c5:be:ec:c4:2a:0f:4d:d6:
46:f0:55:40:b8:a6:d0:8e:ae:76:ab:34:39:6a:3a:
b0:f5:10:c5:d6:c3:cd:fb:b9:51:7d:aa:2a:39:aa:
bc:1e:94:50:25:8e:33:21:d3:65:96:ff:9f:13:a0:
05:13:8d:c8:cb:e1:8a:4f:f8:79:7c:ec:be:f7:4e:
6b:1c:64:72:f2:d4:97:b1:e3:f6:70:b8:86:48:de:
d2:bc:c9:f9:69:e4:73:98:68:b7:64:2a:41:0c:d3:
18:f2:f9:0b:4d:fc:57:d2:01:2b:d9:4f:de:12:cf:
66:42:c1:61:b3:ea:82:03:c1:94:e0:4a:5e:d0:ff:
a4:21:28:52:65:0a:31:89:b1:9f:8b:40:34:29:51:
75:e3:59:d6:28:03:a0:91:8d:de:35:5c:28:c0:80:
bd:9e:8e:2f:2e:3e:83:c3:a8:ad:cc:30:44:43:11:
86:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9F:1E:68:11:F1:E7:A2:75:37:90:B1:31:CA:F9:13:55:D3:80:CD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sp8eaBHx56J1N5CxMcr5E1XTgM0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:af:62:5e:ff:14:27:34:70:1b:5f:d6:44:1a:b5:b0:d1:86:
db:b6:72:8e:5c:23:f6:ea:e7:4b:d0:47:6a:88:9c:41:b6:bf:
d4:8e:f2:ed:35:4c:f9:7c:10:70:c9:0a:0c:b2:2d:3c:14:6f:
47:34:bf:b4:0a:e0:33:3e:c9:6e:8e:b7:6d:10:13:7f:38:ac:
eb:9c:21:39:db:c7:86:5a:35:34:d0:4a:ac:86:6b:3a:cd:1a:
13:eb:38:07:ba:fc:f0:3d:54:52:7c:e0:9d:9f:c8:98:ca:73:
a8:13:6f:1e:ce:67:57:a4:db:2d:fa:a9:bb:ff:cf:c6:02:e0:
6f:ae:af:25:c3:48:41:08:12:96:f7:e2:b8:bc:fd:4a:4d:2a:
bf:17:09:e4:ee:f0:a5:fd:f1:c7:dd:fb:88:26:21:db:a1:1c:
50:4f:ff:2c:5f:b2:5a:ca:a1:93:ee:4d:4d:36:49:85:d2:b8:
61:06:e6:ad:a6:31:ac:66:71:d2:64:77:be:18:c6:07:31:93:
61:33:0a:f6:b9:50:fd:f0:3f:30:d6:17:06:10:fa:ce:f6:c6:
f8:59:d9:14:0b:f6:a8:93:45:d6:85:c7:3f:f2:19:f5:f6:ff:
0e:8c:bc:85:15:df:62:10:e2:5b:0c:a5:62:33:c8:f4:25:5c:
ce:ab:3b:cc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICU7owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
NTI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIyOUYxRTY4MTFGMUU3
QTI3NTM3OTBCMTMxQ0FGOTEzNTVEMzgwQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvByvvN+4LJIbxs7aExc9WhSvpysls5+AxSQNVCJZsSOm3sBpo
Tan1HXLRf0/iCAAQoabbXayV0cZLQJnXbd0AHfw6wwSatXjDTeLdZ/jxtWfFvuzE
Kg9N1kbwVUC4ptCOrnarNDlqOrD1EMXWw837uVF9qio5qrwelFAljjMh02WW/58T
oAUTjcjL4YpP+Hl87L73TmscZHLy1Jex4/ZwuIZI3tK8yflp5HOYaLdkKkEM0xjy
+QtN/FfSASvZT94Sz2ZCwWGz6oIDwZTgSl7Q/6QhKFJlCjGJsZ+LQDQpUXXjWdYo
A6CRjd41XCjAgL2eji8uPoPDqK3MMERDEYZrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUsp8eaBHx56J1N5CxMcr5E1XTgM0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NwOGVhQkh4NTZKMU41
Q3hNY3I1RTFYVGdNMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQK9iXv8UJzRwG1/WRBq1sNGG27Zyjlwj
9urnS9BHaoicQba/1I7y7TVM+XwQcMkKDLItPBRvRzS/tArgMz7Jbo63bRATfzis
65whOdvHhlo1NNBKrIZrOs0aE+s4B7r88D1UUnzgnZ/ImMpzqBNvHs5nV6TbLfqp
u//PxgLgb66vJcNIQQgSlvfiuLz9Sk0qvxcJ5O7wpf3xx937iCYh26EcUE//LF+y
Wsqhk+5NTTZJhdK4YQbmraYxrGZx0mR3vhjGBzGTYTMK9rlQ/fA/MNYXBhD6zvbG
+FnZFAv2qJNF1oXHP/IZ9fb/Doy8hRXfYhDiWwylYjPI9CVczqs7zA==
-----END CERTIFICATE-----
Generated at Fri May 10 14:27:57 2024 by rpki-client on console.sobornost.net