Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KBJ4II0yVsstKJcuV1eHQpS8Rvo.roa
File: KBJ4II0yVsstKJcuV1eHQpS8Rvo.roa (raw, json)
Hash identifier: bIsMwoCzNcbxSEBfEn097gszVLsmYEdtCKF0vpKgGS8=
Subject key identifier: 28:12:78:20:8D:32:56:CB:2D:28:97:2E:57:57:87:42:94:BC:46:FA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35BA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KBJ4II0yVsstKJcuV1eHQpS8Rvo.roa
Signing time: Sun 31 Mar 2024 05:22:11 +0000
ROA not before: Sun 31 Mar 2024 05:22:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13754 (0x35ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 05:22:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=281278208D3256CB2D28972E5757874294BC46FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:dd:a0:96:24:be:ed:30:66:66:ea:1d:1c:ba:
ee:14:69:dc:cf:c5:e2:7d:a5:a0:4d:1f:e9:05:2c:
6f:5b:6f:1c:86:3e:db:36:cd:6e:73:d7:43:cc:03:
f4:59:59:68:82:ce:80:c2:66:0f:85:8a:3d:4e:bd:
cc:a2:1f:4f:fd:fd:c1:14:98:19:2c:e7:63:c1:ab:
f2:07:cf:cf:c1:49:91:fe:f6:11:38:15:bc:33:89:
59:86:53:67:60:52:dd:e0:7e:4a:4a:ac:97:c7:b0:
4d:16:13:36:ee:b8:ad:61:c2:01:cc:95:33:a1:b0:
2c:cf:98:87:f7:46:f4:62:68:d9:0e:25:40:64:6d:
3b:d9:c6:22:44:e8:00:f0:00:b7:8c:57:e4:ef:c5:
2c:03:2f:55:b2:64:36:22:29:27:5c:33:5a:55:58:
7b:a3:cf:d0:4a:54:27:b3:9e:28:bd:95:52:62:05:
41:ed:95:94:06:97:b4:49:91:20:03:c7:93:25:b5:
d8:05:af:ff:8b:18:8b:0c:84:4d:0e:0f:64:93:02:
a8:fc:cf:d6:c6:0d:ae:92:c9:c0:ea:81:ad:97:4b:
36:4c:78:15:c4:11:3e:96:ab:4a:78:24:e0:38:eb:
84:9a:f6:05:9a:be:b9:6a:eb:ff:15:a6:7b:e9:cf:
eb:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:12:78:20:8D:32:56:CB:2D:28:97:2E:57:57:87:42:94:BC:46:FA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KBJ4II0yVsstKJcuV1eHQpS8Rvo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:c7:3d:d9:3e:2f:6b:30:8d:c2:02:fc:46:fa:d5:41:17:e6:
51:8e:56:18:51:ce:5b:46:c9:51:c2:da:e9:e7:34:47:27:87:
98:8b:23:d5:92:a0:6a:7c:63:8e:94:b8:42:8e:e2:87:38:1e:
16:ce:6b:d8:31:62:0e:05:ed:6d:f6:8a:40:89:8a:e2:bb:70:
a9:16:c7:86:f5:92:b7:a5:b5:3c:48:c4:d0:3b:40:31:45:c4:
69:91:e1:9d:52:70:a0:8b:40:90:85:50:1d:18:f8:cc:d8:09:
83:0d:20:84:0b:13:f3:e3:bc:91:62:a7:1a:f6:3e:3d:f3:f0:
51:6a:85:01:02:de:7a:ea:2c:47:89:f5:3f:39:3c:34:d2:74:
c9:fc:63:fb:72:97:4b:7a:31:5f:4e:8b:41:56:88:68:1e:0f:
a1:1e:b4:92:c9:b2:f2:88:66:cd:a9:7f:5a:f3:f6:a3:f1:08:
c1:98:d6:dc:a6:bd:10:c8:c8:29:9e:dd:6c:50:e9:7d:14:0a:
55:1e:24:1e:61:b0:4a:b6:95:db:aa:fa:20:24:89:35:16:15:
47:ba:7d:69:32:07:9e:5e:01:f6:56:ea:84:f2:39:59:42:8f:
75:c5:fb:aa:54:dd:24:1f:78:d3:59:54:7c:f5:dc:86:54:9d:
6b:b5:40:ec
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNbowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
NTIyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI4MTI3ODIwOEQzMjU2
Q0IyRDI4OTcyRTU3NTc4NzQyOTRCQzQ2RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQ3aCWJL7tMGZm6h0cuu4UadzPxeJ9paBNH+kFLG9bbxyGPts2
zW5z10PMA/RZWWiCzoDCZg+Fij1OvcyiH0/9/cEUmBks52PBq/IHz8/BSZH+9hE4
FbwziVmGU2dgUt3gfkpKrJfHsE0WEzbuuK1hwgHMlTOhsCzPmIf3RvRiaNkOJUBk
bTvZxiJE6ADwALeMV+TvxSwDL1WyZDYiKSdcM1pVWHujz9BKVCeznii9lVJiBUHt
lZQGl7RJkSADx5MltdgFr/+LGIsMhE0OD2STAqj8z9bGDa6SycDqga2XSzZMeBXE
ET6Wq0p4JOA464Sa9gWavrlq6/8Vpnvpz+udAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKBJ4II0yVsstKJcuV1eHQpS8RvowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tCSjRJSTB5VnNzdEtK
Y3VWMWVIUXBTOFJ2by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAaMc92T4vazCNwgL8RvrVQRfmUY5WGFHO
W0bJUcLa6ec0RyeHmIsj1ZKganxjjpS4Qo7ihzgeFs5r2DFiDgXtbfaKQImK4rtw
qRbHhvWSt6W1PEjE0DtAMUXEaZHhnVJwoItAkIVQHRj4zNgJgw0ghAsT8+O8kWKn
GvY+PfPwUWqFAQLeeuosR4n1Pzk8NNJ0yfxj+3KXS3oxX06LQVaIaB4PoR60ksmy
8ohmzal/WvP2o/EIwZjW3Ka9EMjIKZ7dbFDpfRQKVR4kHmGwSraV26r6ICSJNRYV
R7p9aTIHnl4B9lbqhPI5WUKPdcX7qlTdJB9401lUfPXchlSda7VA7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:19 2024 by rpki-client on console-fra.rpki-client.org