Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/K7rao2GoPxit-2G9mPkuc6HGzok.roa
File: K7rao2GoPxit-2G9mPkuc6HGzok.roa (raw, json)
Hash identifier: ypvjplMKdOnaxX9OlcU1gbX4u4zUhGhpecu63AXf8Qg=
Subject key identifier: 2B:BA:DA:A3:61:A8:3F:18:AD:FB:61:BD:98:F9:2E:73:A1:C6:CE:89
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5202
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/K7rao2GoPxit-2G9mPkuc6HGzok.roa
Signing time: Tue 07 May 2024 22:23:56 +0000
ROA not before: Tue 07 May 2024 22:23:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20994 (0x5202)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 22:23:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2BBADAA361A83F18ADFB61BD98F92E73A1C6CE89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:07:86:83:2f:b0:7a:3e:6e:c0:30:04:74:42:
08:1d:88:1d:4e:20:44:c7:1a:5c:0f:56:ba:52:7b:
14:97:a2:dd:c1:1b:19:d8:cd:74:f4:91:10:3f:40:
81:1b:aa:55:79:a8:79:dc:6e:8c:8d:9d:73:f6:68:
16:c2:c5:d3:7c:80:b2:75:8d:49:50:d6:7a:76:e1:
b3:c8:df:8e:d7:52:f4:a1:6c:56:35:ef:fa:05:47:
33:b8:24:bf:6d:bb:6e:cb:8f:2f:b2:de:9f:b0:6e:
9a:f6:ca:c4:7c:05:44:a9:99:8b:de:3e:5e:56:2e:
6b:ff:7b:3d:86:28:07:f8:46:9d:7e:7c:06:39:dd:
80:4a:c0:b5:76:3a:cc:b0:fa:49:54:48:d3:36:c4:
d0:2f:d2:da:b2:29:3a:4d:e3:18:a6:4f:2a:7a:2d:
63:9b:a8:dd:7c:e7:7f:51:0c:24:be:ce:fe:44:6d:
87:c8:9f:b1:a6:21:09:ff:c7:93:0a:a5:9a:4b:b1:
9d:27:08:1d:ea:5c:8d:a3:a4:46:2c:a2:45:15:2a:
9b:ef:8c:7f:57:f9:44:0a:99:80:b6:91:63:92:88:
fd:a0:c8:6f:16:63:54:96:00:2a:15:02:3f:e1:52:
1d:8b:45:3c:fc:b6:10:a4:85:3a:4d:b2:db:01:a9:
84:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BA:DA:A3:61:A8:3F:18:AD:FB:61:BD:98:F9:2E:73:A1:C6:CE:89
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/K7rao2GoPxit-2G9mPkuc6HGzok.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:3c:73:e6:30:b5:0d:86:e6:4d:95:86:ac:59:00:0f:37:f5:
4b:40:52:5e:e6:10:dd:9f:33:ef:53:f7:4e:ba:f7:d3:0e:28:
b5:34:3b:a3:14:da:d5:b0:30:22:59:96:d0:f3:33:f5:66:aa:
81:49:c9:ab:6f:62:a2:3d:16:7a:ba:ab:ea:d4:23:f6:6e:17:
b0:b8:a3:a0:87:fb:5b:35:3a:42:52:d6:e6:21:d4:0f:4a:e6:
10:6d:59:64:8a:1a:7e:d5:c4:3f:fa:df:28:f1:fa:89:bc:42:
ea:b7:b1:34:c0:0b:8f:72:25:c7:b8:52:d7:8b:6e:25:73:27:
01:8a:4e:d0:f9:ea:99:c0:86:75:62:a4:b5:23:d7:37:40:a3:
ea:53:f4:a7:e4:56:0f:02:48:0e:ce:3f:88:5d:84:17:11:0f:
71:d0:ed:79:0f:d4:62:d3:59:b3:da:17:73:c0:c1:fa:83:11:
77:fc:9b:dc:99:92:d3:67:ee:0e:55:e0:5c:36:b0:91:19:ca:
e9:33:bc:02:cd:bb:f0:11:47:a1:1e:b6:fb:23:c1:f8:29:f2:
16:18:04:68:33:11:63:dd:91:31:c1:74:e5:78:1c:a6:16:74:
1b:a3:37:ed:11:60:7f:04:2d:b0:09:ae:80:67:55:11:40:e0:
87:0f:9e:c8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUgIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcy
MjIzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJCQkFEQUEzNjFBODNG
MThBREZCNjFCRDk4RjkyRTczQTFDNkNFODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeB4aDL7B6Pm7AMAR0QggdiB1OIETHGlwPVrpSexSXot3BGxnY
zXT0kRA/QIEbqlV5qHncboyNnXP2aBbCxdN8gLJ1jUlQ1np24bPI347XUvShbFY1
7/oFRzO4JL9tu27Ljy+y3p+wbpr2ysR8BUSpmYvePl5WLmv/ez2GKAf4Rp1+fAY5
3YBKwLV2Osyw+klUSNM2xNAv0tqyKTpN4ximTyp6LWObqN18539RDCS+zv5EbYfI
n7GmIQn/x5MKpZpLsZ0nCB3qXI2jpEYsokUVKpvvjH9X+UQKmYC2kWOSiP2gyG8W
Y1SWACoVAj/hUh2LRTz8thCkhTpNstsBqYR7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUK7rao2GoPxit+2G9mPkuc6HGzokwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0s3cmFvMkdvUHhpdC0y
RzltUGt1YzZIR3pvay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEACTxz5jC1DYbmTZWGrFkADzf1S0BSXuYQ
3Z8z71P3Trr30w4otTQ7oxTa1bAwIlmW0PMz9WaqgUnJq29ioj0Werqr6tQj9m4X
sLijoIf7WzU6QlLW5iHUD0rmEG1ZZIoaftXEP/rfKPH6ibxC6rexNMALj3Ilx7hS
14tuJXMnAYpO0PnqmcCGdWKktSPXN0Cj6lP0p+RWDwJIDs4/iF2EFxEPcdDteQ/U
YtNZs9oXc8DB+oMRd/yb3JmS02fuDlXgXDawkRnK6TO8As278BFHoR62+yPB+Cny
FhgEaDMRY92RMcF05XgcphZ0G6M37RFgfwQtsAmugGdVEUDghw+eyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:19 2024 by rpki-client on console-fra.rpki-client.org