Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KRe4y8C58EbuoB9xsk5-ilF-4lo.roa
File: KRe4y8C58EbuoB9xsk5-ilF-4lo.roa (raw, json)
Hash identifier: cl+Xz/5ME8ERdokJz/MQNNNDD5BJSpXZtjs5oB++Kl0=
Subject key identifier: 29:17:B8:CB:C0:B9:F0:46:EE:A0:1F:71:B2:4E:7E:8A:51:7E:E2:5A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5176
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KRe4y8C58EbuoB9xsk5-ilF-4lo.roa
Signing time: Tue 07 May 2024 04:53:57 +0000
ROA not before: Tue 07 May 2024 04:53:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20854 (0x5176)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 04:53:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2917B8CBC0B9F046EEA01F71B24E7E8A517EE25A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:52:c1:aa:bb:ad:7a:d7:13:ae:0a:11:ab:b0:
5f:6d:d5:3a:65:a1:7a:b0:c3:13:6e:8b:6d:90:4b:
53:42:ce:0e:d6:9e:8c:6b:5e:6c:e0:ac:f2:8d:f7:
f6:18:00:23:e8:6e:75:a7:60:b6:2e:00:04:05:13:
a8:c7:38:9b:03:cb:e4:e0:42:6e:70:2e:5b:cb:ae:
e3:6a:7b:88:83:f1:95:60:08:21:25:b9:e7:d1:ef:
27:26:fe:d8:b2:7d:fb:f7:ce:68:2b:7d:fb:bc:eb:
9e:d9:7c:d9:4c:85:8d:ef:ba:d4:14:0b:d1:1f:9f:
f4:76:13:f0:d6:90:86:5a:20:19:e0:ac:69:d8:62:
57:9a:c1:0e:1f:2c:13:27:4f:a8:cc:1f:1f:9b:5f:
84:cf:ba:27:cd:1d:18:61:eb:08:9b:8a:2d:fb:b8:
85:f2:13:b0:ca:be:b3:ef:0d:2e:cd:6e:27:39:df:
19:9c:25:c8:ba:81:b1:bd:e6:1e:a9:34:3c:2c:e8:
79:92:8a:f4:b2:b9:71:fa:3a:03:5e:e6:78:79:c8:
e7:41:cf:39:c5:36:6b:ee:b1:90:e2:61:6f:41:96:
9b:88:7f:0d:83:87:77:1c:c7:4c:f1:2f:72:99:67:
84:c0:61:73:98:f5:bb:b9:9d:75:7d:2a:e5:aa:cb:
66:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:17:B8:CB:C0:B9:F0:46:EE:A0:1F:71:B2:4E:7E:8A:51:7E:E2:5A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KRe4y8C58EbuoB9xsk5-ilF-4lo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:f4:91:e5:ca:f4:0b:d5:1a:27:db:fd:6e:68:5a:8c:71:7f:
28:16:8d:22:25:e2:a7:eb:14:43:f6:05:35:f6:f5:59:38:4c:
01:b0:c5:93:3e:0a:4e:a2:20:6d:67:d3:ee:2c:d5:24:84:ae:
60:ff:b4:07:e0:72:24:52:0f:8d:ed:45:39:65:bf:34:7b:19:
4d:d8:a2:43:6b:fb:b2:f7:c4:8b:a3:2f:28:21:bc:49:dc:f0:
0e:b9:04:96:25:2b:b4:a4:28:0a:06:94:7d:dd:1d:d6:66:a3:
fc:cc:5b:70:20:ce:4b:22:0e:18:6e:37:8c:60:d0:e3:c6:4b:
f5:2a:3d:f5:4b:b1:eb:02:cb:03:2b:a5:b3:2a:62:47:42:55:
21:6a:6a:75:af:00:a2:16:2e:72:e6:5f:c9:43:7e:f6:5c:dc:
a9:b9:84:b5:7e:a6:35:1d:41:20:4d:2b:b7:0b:26:2f:81:17:
a1:e4:49:b0:5c:36:6e:99:9c:c5:fd:e5:50:eb:be:bf:b0:1b:
04:9e:46:0e:d4:68:0b:67:76:60:ba:05:cd:60:04:52:98:b1:
92:06:6e:7a:12:95:c0:0c:1b:21:11:5c:29:b7:08:a8:20:29:
51:0f:ca:a3:06:8f:2d:06:4b:bd:a1:f0:b5:f7:11:40:a0:3b:
6a:08:46:5a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcw
NDUzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5MTdCOENCQzBCOUYw
NDZFRUEwMUY3MUIyNEU3RThBNTE3RUUyNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlUsGqu6161xOuChGrsF9t1TploXqwwxNui22QS1NCzg7Wnoxr
XmzgrPKN9/YYACPobnWnYLYuAAQFE6jHOJsDy+TgQm5wLlvLruNqe4iD8ZVgCCEl
uefR7ycm/tiyffv3zmgrffu8657ZfNlMhY3vutQUC9Efn/R2E/DWkIZaIBngrGnY
YleawQ4fLBMnT6jMHx+bX4TPuifNHRhh6wibii37uIXyE7DKvrPvDS7Nbic53xmc
Jci6gbG95h6pNDws6HmSivSyuXH6OgNe5nh5yOdBzznFNmvusZDiYW9BlpuIfw2D
h3ccx0zxL3KZZ4TAYXOY9bu5nXV9KuWqy2b5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKRe4y8C58EbuoB9xsk5+ilF+4lowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tSZTR5OEM1OEVidW9C
OXhzazUtaWxGLTRsby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAOvSR5cr0C9UaJ9v9bmhajHF/KBaNIiXi
p+sUQ/YFNfb1WThMAbDFkz4KTqIgbWfT7izVJISuYP+0B+ByJFIPje1FOWW/NHsZ
TdiiQ2v7svfEi6MvKCG8SdzwDrkEliUrtKQoCgaUfd0d1maj/MxbcCDOSyIOGG43
jGDQ48ZL9So99Uux6wLLAyulsypiR0JVIWpqda8AohYucuZfyUN+9lzcqbmEtX6m
NR1BIE0rtwsmL4EXoeRJsFw2bpmcxf3lUOu+v7AbBJ5GDtRoC2d2YLoFzWAEUpix
kgZuehKVwAwbIRFcKbcIqCApUQ/KowaPLQZLvaHwtfcRQKA7aghGWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:19 2024 by rpki-client on console-fra.rpki-client.org