Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0kQaWXJHtWR9n_mC1FcF4GRYioY.roa
File: 0kQaWXJHtWR9n_mC1FcF4GRYioY.roa (raw, json)
Hash identifier: i/QkCxAwQ+u2ITO5JgECLTD5JkLH6x16xygGmjltkC0=
Subject key identifier: D2:44:1A:59:72:47:B5:64:7D:9F:F9:82:D4:57:05:E0:64:58:8A:86
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A6E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0kQaWXJHtWR9n_mC1FcF4GRYioY.roa
Signing time: Sat 06 Apr 2024 11:52:28 +0000
ROA not before: Sat 06 Apr 2024 11:52:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14958 (0x3a6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 11:52:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D2441A597247B5647D9FF982D45705E064588A86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:22:09:25:ac:e7:6b:7b:c2:0d:86:ae:05:a1:
63:64:4b:4a:5f:17:8b:3d:d4:33:d8:b2:bc:36:03:
f9:43:90:f8:61:d1:13:2d:ce:31:54:91:e7:d9:f5:
8e:16:46:85:10:1a:69:d5:2b:84:d0:73:33:e8:89:
5c:14:27:4d:3a:72:1c:01:32:89:4c:00:09:ab:5c:
89:f4:22:e5:6d:04:18:74:3a:4a:45:e5:9a:c0:c8:
bd:79:87:df:a4:84:2e:62:a8:57:5b:8f:98:06:8a:
f0:e9:0e:57:63:86:bc:90:1f:9d:ac:d2:f1:cf:2e:
04:44:8a:b2:34:13:b3:e0:43:55:88:01:0c:1d:ca:
08:65:f4:36:f6:1c:dd:7c:91:74:9b:8a:81:4f:8f:
84:10:c1:3a:b9:61:24:76:d0:e3:91:78:9f:e4:3d:
e8:c1:ee:cb:30:87:75:cd:df:7d:a4:8f:ed:f4:22:
dd:46:ad:2f:cd:aa:c2:aa:5a:07:c1:d7:0b:8d:7a:
a2:6d:3f:e0:cf:b7:91:30:32:f6:db:f5:84:7d:f0:
a6:7c:40:89:aa:dc:6d:23:f2:1d:bd:35:db:8a:b6:
c9:80:39:d1:e9:13:fd:da:a3:66:43:31:31:88:cc:
19:60:b5:a2:14:94:7f:73:b2:8b:33:ed:55:ba:53:
0b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:44:1A:59:72:47:B5:64:7D:9F:F9:82:D4:57:05:E0:64:58:8A:86
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0kQaWXJHtWR9n_mC1FcF4GRYioY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
96:f2:37:ff:92:5e:54:6f:09:d2:e2:6e:ee:4d:9e:de:4f:d8:
4a:77:1b:c7:5a:2d:30:c0:ed:9e:1b:2e:36:63:f0:7b:f6:19:
ad:17:d1:ca:89:e6:c0:81:f3:a6:17:72:a3:33:e6:ae:fb:7c:
8f:19:da:96:34:f5:00:d8:87:9d:3c:6b:0a:38:ab:ee:0c:11:
54:54:9e:7e:4b:4f:de:7e:78:6f:d4:e1:b7:d9:60:c5:32:6b:
54:f4:9c:82:3e:11:66:68:e5:3c:cd:ee:54:01:13:32:90:20:
08:f0:00:1e:84:25:0c:a8:65:45:4a:f8:e7:9d:f8:c0:15:39:
5c:aa:da:ca:da:7e:78:8f:b0:4e:b8:5d:49:6f:ed:06:5f:19:
40:ef:59:e6:d9:70:bd:a8:4e:60:41:c7:28:11:4f:95:90:be:
6a:c9:07:5f:43:42:91:9c:bb:c2:e8:a1:ef:57:af:1b:95:3c:
d4:4f:a1:7a:27:59:e3:43:bd:db:df:08:28:a1:30:73:26:8b:
56:d7:29:cc:38:b2:58:09:c9:cc:50:67:09:36:be:bc:4f:e0:
92:a6:d8:ee:9c:cb:09:3d:a6:cb:6e:33:a8:84:2f:e0:32:c3:
38:ff:81:4f:9b:70:a7:15:13:9b:df:b4:d8:58:db:d4:44:8f:
cb:9f:af:55
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOm4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYx
MTUyMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQyNDQxQTU5NzI0N0I1
NjQ3RDlGRjk4MkQ0NTcwNUUwNjQ1ODhBODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUIgklrOdre8INhq4FoWNkS0pfF4s91DPYsrw2A/lDkPhh0RMt
zjFUkefZ9Y4WRoUQGmnVK4TQczPoiVwUJ006chwBMolMAAmrXIn0IuVtBBh0OkpF
5ZrAyL15h9+khC5iqFdbj5gGivDpDldjhryQH52s0vHPLgREirI0E7PgQ1WIAQwd
yghl9Db2HN18kXSbioFPj4QQwTq5YSR20OOReJ/kPejB7sswh3XN332kj+30It1G
rS/NqsKqWgfB1wuNeqJtP+DPt5EwMvbb9YR98KZ8QImq3G0j8h29NduKtsmAOdHp
E/3ao2ZDMTGIzBlgtaIUlH9zsosz7VW6UwtbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU0kQaWXJHtWR9n/mC1FcF4GRYioYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBrUWFXWEpIdFdSOW5f
bUMxRmNGNEdSWWlvWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAlvI3/5JeVG8J0uJu7k2e3k/YSncbx1ot
MMDtnhsuNmPwe/YZrRfRyonmwIHzphdyozPmrvt8jxnaljT1ANiHnTxrCjir7gwR
VFSefktP3n54b9Tht9lgxTJrVPScgj4RZmjlPM3uVAETMpAgCPAAHoQlDKhlRUr4
5534wBU5XKraytp+eI+wTrhdSW/tBl8ZQO9Z5tlwvahOYEHHKBFPlZC+askHX0NC
kZy7wuih71evG5U81E+heidZ40O9298IKKEwcyaLVtcpzDiyWAnJzFBnCTa+vE/g
kqbY7pzLCT2my24zqIQv4DLDOP+BT5twpxUTm9+02Fjb1ESPy5+vVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:02 2024 by rpki-client on console-fra.rpki-client.org