Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/9kKmNxVfoGfTttDB02mSKeUhYLM.roa
File: 9kKmNxVfoGfTttDB02mSKeUhYLM.roa (raw, json)
Hash identifier: 1FDnHOaRmxkhjLIX3MpJpEuOVYf2h97RZ6pJ0Nvw93A=
Subject key identifier: F6:42:A6:37:15:5F:A0:67:D3:B6:D0:C1:D3:69:92:29:E5:21:60:B3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 48BE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9kKmNxVfoGfTttDB02mSKeUhYLM.roa
Signing time: Thu 25 Apr 2024 13:53:18 +0000
ROA not before: Thu 25 Apr 2024 13:53:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18622 (0x48be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 13:53:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F642A637155FA067D3B6D0C1D3699229E52160B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:26:01:0b:22:9f:78:41:64:d5:b0:2c:83:d5:
af:a9:a6:9b:f0:3b:3e:1e:ba:2d:0a:e6:f3:e6:c3:
f8:34:72:6b:81:c8:f6:48:93:72:d3:1f:0d:21:7b:
8f:82:f0:57:0d:b0:91:b8:2d:2a:d9:cf:d9:fb:3f:
d7:74:c2:e1:4f:ae:25:1c:73:75:6c:9a:bc:df:a7:
23:48:de:31:e5:79:29:75:36:71:e7:e7:19:f6:9c:
06:3e:04:61:1a:99:b3:b4:cb:24:62:f9:18:ec:10:
68:44:d7:a8:1f:a5:59:a0:53:86:68:a9:f8:69:9d:
3b:7a:a8:34:4b:12:76:e0:e5:25:4c:ec:9b:3e:11:
d0:65:13:7b:86:43:06:fe:c4:cb:70:96:ce:92:ed:
32:2b:90:90:35:78:05:be:5e:c2:87:17:36:47:11:
c6:03:c4:01:2f:94:df:53:d5:3a:5a:d6:f3:3a:81:
9d:34:ae:22:07:8b:09:c7:d1:8a:3a:d9:9e:41:99:
94:73:e8:46:2c:a6:d3:b7:f8:7c:58:ef:cd:b2:b4:
ed:88:13:92:f8:1c:28:94:da:1c:b4:03:7e:37:76:
96:9c:88:bd:69:bd:3b:fb:6c:52:aa:39:57:51:73:
1e:0c:27:7b:86:c6:13:1b:55:54:f3:d9:9f:a1:76:
64:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:42:A6:37:15:5F:A0:67:D3:B6:D0:C1:D3:69:92:29:E5:21:60:B3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9kKmNxVfoGfTttDB02mSKeUhYLM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:eb:64:da:3e:04:8b:3b:d9:8c:0e:0d:7f:39:54:41:5c:78:
e2:04:8f:33:69:a6:64:89:66:ba:3c:f4:50:d3:5f:c4:f1:0e:
7f:19:27:32:d9:39:a9:94:ca:8e:4c:87:a0:df:ca:c3:8c:e7:
8c:7d:aa:bd:e3:ee:74:83:9e:d0:49:2e:e4:26:4e:ee:68:2e:
ed:3f:10:e1:58:2c:42:78:84:c4:05:80:b1:28:60:96:3e:9a:
ac:49:d0:46:64:35:82:04:db:68:52:19:7c:aa:59:10:c0:db:
d6:8c:e1:69:81:e0:b2:4d:f6:4d:ee:78:0d:1e:ec:3e:d8:89:
e5:70:18:84:ce:78:0f:a4:6b:61:c5:b6:45:ec:bc:93:a4:52:
a2:9b:59:d7:49:7d:3f:39:a5:66:b1:30:d0:69:23:7a:eb:cd:
b0:86:90:ae:37:c4:86:06:12:22:c9:75:6d:a6:b7:14:e5:47:
7f:82:a8:8b:17:04:88:47:32:dc:50:2c:c5:da:38:3a:9a:b6:
6b:3e:ba:0b:83:ce:52:ae:1d:ba:83:e5:21:2e:79:c6:27:fc:
a5:47:58:cf:b9:30:98:74:fc:74:ab:90:ee:ce:d3:97:fa:35:
51:90:d9:fe:09:ef:81:a4:78:e7:98:f5:e7:19:5c:74:d5:a8:
39:56:60:a3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSL4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUx
MzUzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY2NDJBNjM3MTU1RkEw
NjdEM0I2RDBDMUQzNjk5MjI5RTUyMTYwQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5JgELIp94QWTVsCyD1a+pppvwOz4eui0K5vPmw/g0cmuByPZI
k3LTHw0he4+C8FcNsJG4LSrZz9n7P9d0wuFPriUcc3VsmrzfpyNI3jHleSl1NnHn
5xn2nAY+BGEambO0yyRi+RjsEGhE16gfpVmgU4ZoqfhpnTt6qDRLEnbg5SVM7Js+
EdBlE3uGQwb+xMtwls6S7TIrkJA1eAW+XsKHFzZHEcYDxAEvlN9T1Tpa1vM6gZ00
riIHiwnH0Yo62Z5BmZRz6EYsptO3+HxY782ytO2IE5L4HCiU2hy0A343dpaciL1p
vTv7bFKqOVdRcx4MJ3uGxhMbVVTz2Z+hdmTrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9kKmNxVfoGfTttDB02mSKeUhYLMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzlrS21OeFZmb0dmVHR0
REIwMm1TS2VVaFlMTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQetk2j4EizvZjA4NfzlUQVx44gSPM2mm
ZIlmujz0UNNfxPEOfxknMtk5qZTKjkyHoN/Kw4znjH2qvePudIOe0Eku5CZO7mgu
7T8Q4VgsQniExAWAsShglj6arEnQRmQ1ggTbaFIZfKpZEMDb1ozhaYHgsk32Te54
DR7sPtiJ5XAYhM54D6RrYcW2Rey8k6RSoptZ10l9PzmlZrEw0GkjeuvNsIaQrjfE
hgYSIsl1baa3FOVHf4KoixcEiEcy3FAsxdo4Opq2az66C4POUq4duoPlIS55xif8
pUdYz7kwmHT8dKuQ7s7Tl/o1UZDZ/gnvgaR455j15xlcdNWoOVZgow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:10 2024 by rpki-client on console-fra.rpki-client.org