Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KVq2_ip8TdX7_hfFr3_cT-A2dKY.roa
File: KVq2_ip8TdX7_hfFr3_cT-A2dKY.roa (raw, json)
Hash identifier: 4LlmBaXTXsgVYZgwPTNE210GC5JlB/J5wE9FINv3uY8=
Subject key identifier: 29:5A:B6:FE:2A:7C:4D:D5:FB:FE:17:C5:AF:7F:DC:4F:E0:36:74:A6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A16
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KVq2_ip8TdX7_hfFr3_cT-A2dKY.roa
Signing time: Sat 06 Apr 2024 00:52:25 +0000
ROA not before: Sat 06 Apr 2024 00:52:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14870 (0x3a16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 00:52:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=295AB6FE2A7C4DD5FBFE17C5AF7FDC4FE03674A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:00:be:5c:72:16:0d:17:b9:ab:80:f2:ef:97:
3b:87:5b:be:42:d6:91:5d:3f:82:d2:0b:2f:2b:3d:
00:f3:4d:69:c2:c6:ef:a3:cf:0d:1c:8b:9f:be:f8:
f6:c3:b5:a9:42:e0:ba:79:f1:75:a9:e8:93:a2:f2:
60:c7:14:19:3b:15:54:b6:70:d8:c4:25:83:48:69:
02:6d:ac:10:ee:8e:42:7c:23:ac:09:74:fe:a2:0f:
89:58:d4:eb:41:f4:a7:da:24:cf:7b:82:77:9d:66:
e9:f7:a4:f7:30:22:c9:b8:17:a6:96:4a:4b:6b:3f:
3f:63:0b:9c:42:41:48:3a:8a:5c:7a:08:02:7b:55:
b9:53:06:71:60:2a:61:7e:fd:15:f4:3c:c9:61:06:
da:b6:88:f2:be:85:71:c4:1f:ba:5b:3c:99:15:9b:
ba:54:e2:a7:98:4f:ff:36:db:6e:77:4a:20:54:49:
2b:d9:d4:a7:ad:9b:c1:37:3c:d9:a9:14:77:d6:9f:
a4:c4:a0:20:eb:d3:bd:5f:11:6b:6d:d0:af:90:1e:
50:2e:07:65:40:35:0b:a8:4a:96:80:14:73:ac:41:
54:db:00:81:64:a9:aa:9b:d1:14:54:b5:dc:58:bc:
ed:3a:c9:c4:46:f3:a1:76:1d:e3:ac:02:c4:54:f3:
69:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5A:B6:FE:2A:7C:4D:D5:FB:FE:17:C5:AF:7F:DC:4F:E0:36:74:A6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KVq2_ip8TdX7_hfFr3_cT-A2dKY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:c2:17:30:db:4c:c0:b2:44:b0:78:31:e2:36:3c:33:1e:31:
a9:23:74:40:51:c5:6f:65:69:93:5e:62:64:e6:24:72:76:1f:
a8:db:4e:45:3f:a3:97:be:90:6d:cb:fd:fe:8a:a8:69:0a:ac:
f7:e2:fd:bd:69:27:1b:13:eb:62:cc:1d:a7:4b:4f:c3:25:67:
67:a3:b1:be:25:36:bf:38:17:e6:6f:a9:65:62:52:d7:c1:39:
e5:6f:4e:0d:4b:fe:3c:7b:26:d5:cc:61:cf:fd:7f:86:94:da:
8f:7a:ec:8a:63:af:9e:aa:7d:47:ab:a4:60:cd:8d:fe:fe:64:
f1:71:2c:68:82:bc:f9:a4:83:c3:08:29:fb:ce:f8:28:f9:71:
ab:6b:8d:3f:d9:21:ca:fc:8a:77:2d:d2:8f:ab:1d:00:6d:5f:
5c:7c:54:92:09:d8:43:c0:eb:53:dd:d6:84:6e:d7:88:45:57:
22:c8:86:27:3b:bc:0f:cf:04:1b:20:d0:dc:18:38:f4:d1:80:
46:86:52:a7:94:26:42:b3:de:a4:29:08:0d:59:eb:7a:52:8a:
1c:26:7a:2a:bf:11:6b:38:c5:d3:4f:27:e2:4f:c6:10:22:78:
3a:20:ca:db:0f:be:b6:1a:a6:a6:9f:be:fb:48:ee:b3:8b:13:
b6:d1:6f:04
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYw
MDUyMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5NUFCNkZFMkE3QzRE
RDVGQkZFMTdDNUFGN0ZEQzRGRTAzNjc0QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiAL5cchYNF7mrgPLvlzuHW75C1pFdP4LSCy8rPQDzTWnCxu+j
zw0ci5+++PbDtalC4Lp58XWp6JOi8mDHFBk7FVS2cNjEJYNIaQJtrBDujkJ8I6wJ
dP6iD4lY1OtB9KfaJM97gnedZun3pPcwIsm4F6aWSktrPz9jC5xCQUg6ilx6CAJ7
VblTBnFgKmF+/RX0PMlhBtq2iPK+hXHEH7pbPJkVm7pU4qeYT/822253SiBUSSvZ
1Ketm8E3PNmpFHfWn6TEoCDr071fEWtt0K+QHlAuB2VANQuoSpaAFHOsQVTbAIFk
qaqb0RRUtdxYvO06ycRG86F2HeOsAsRU82mxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKVq2/ip8TdX7/hfFr3/cT+A2dKYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tWcTJfaXA4VGRYN19o
ZkZyM19jVC1BMmRLWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAhsIXMNtMwLJEsHgx4jY8Mx4xqSN0QFHF
b2Vpk15iZOYkcnYfqNtORT+jl76Qbcv9/oqoaQqs9+L9vWknGxPrYswdp0tPwyVn
Z6OxviU2vzgX5m+pZWJS18E55W9ODUv+PHsm1cxhz/1/hpTaj3rsimOvnqp9R6uk
YM2N/v5k8XEsaIK8+aSDwwgp+874KPlxq2uNP9khyvyKdy3Sj6sdAG1fXHxUkgnY
Q8DrU93WhG7XiEVXIsiGJzu8D88EGyDQ3Bg49NGARoZSp5QmQrPepCkIDVnrelKK
HCZ6Kr8RazjF008n4k/GECJ4OiDK2w++thqmpp+++0jus4sTttFvBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:19 2024 by rpki-client on console-fra.rpki-client.org