Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Kg91KYcOkb0mQSK8EJuJWjJbn_Q.roa
File: Kg91KYcOkb0mQSK8EJuJWjJbn_Q.roa (raw, json)
Hash identifier: McSwQ2y898JX0mI83vwlRnMa8v7BH0RwxeDKheIu1jY=
Subject key identifier: 2A:0F:75:29:87:0E:91:BD:26:41:22:BC:10:9B:89:5A:32:5B:9F:F4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3512
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Kg91KYcOkb0mQSK8EJuJWjJbn_Q.roa
Signing time: Sat 30 Mar 2024 08:22:17 +0000
ROA not before: Sat 30 Mar 2024 08:22:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13586 (0x3512)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 08:22:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2A0F7529870E91BD264122BC109B895A325B9FF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:07:04:32:df:f7:a0:5c:fa:54:b4:de:18:8b:
3e:51:e6:06:70:26:23:75:40:8f:b3:d0:7f:f8:2a:
ab:fb:e7:20:91:1a:5a:67:8f:90:8f:a4:52:f0:c2:
b7:fc:6f:9d:6c:30:79:c5:da:a7:7a:9a:f0:b7:8c:
2f:3d:da:51:64:50:b0:70:96:da:6c:7f:38:b9:63:
db:04:c1:b4:96:42:47:45:73:07:07:1e:97:90:64:
e0:76:56:b3:9e:b6:23:83:c4:b2:18:b6:d0:97:38:
28:9b:55:34:33:42:64:db:de:39:4e:41:3f:ec:23:
b6:fd:44:4e:da:00:f6:58:f5:f6:8b:eb:bd:f3:9a:
cd:76:49:95:11:cd:d2:ed:31:2a:85:e0:05:2a:14:
2f:b2:d7:25:b6:de:1f:a2:20:a6:c9:94:34:2f:1b:
9d:80:92:b5:4f:d1:b1:37:0b:f4:fc:6a:1f:83:4d:
65:d0:90:6e:28:8f:45:3c:0a:da:ef:9d:8d:78:15:
c4:28:9a:5d:c6:cc:c0:e5:bf:32:eb:2f:84:bf:ac:
b1:7f:d3:50:85:d3:80:b5:35:43:48:70:ab:9e:e9:
61:19:37:3a:95:5b:e1:89:3b:77:36:ed:45:29:51:
b9:d5:73:4d:14:f4:05:04:da:12:91:a4:c9:22:d7:
52:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0F:75:29:87:0E:91:BD:26:41:22:BC:10:9B:89:5A:32:5B:9F:F4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Kg91KYcOkb0mQSK8EJuJWjJbn_Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:fa:24:86:ff:e9:3c:0d:b4:5c:1e:25:f4:31:72:d8:16:13:
94:65:7d:17:46:8e:4f:91:45:54:63:f8:e1:74:31:b1:c1:bd:
14:96:61:9b:61:22:b4:04:86:0c:4e:3b:9f:d2:c2:60:4f:5d:
29:e7:ee:42:e7:48:de:89:3b:ed:39:07:b8:42:af:eb:ae:4d:
3a:c1:8a:8f:26:3a:e0:7b:5d:99:b1:f2:d9:c6:d9:8e:2e:2b:
d2:c8:a9:7e:40:6c:d8:8f:ae:7d:f2:7b:f4:4f:6a:3e:c9:42:
f3:17:38:1d:61:53:c5:4d:17:68:4d:c5:2c:20:13:72:5d:d5:
29:6e:1f:96:cd:a4:c6:f6:5a:62:a1:00:c5:a2:07:dd:0e:fc:
e5:b9:f0:f6:94:b0:44:a7:ad:bf:7c:2c:b6:8c:c4:b3:3f:ed:
8c:e3:f0:00:d7:f7:65:a6:8a:3e:41:bd:f2:6f:59:0a:06:3e:
36:3f:d9:4e:a5:b2:98:d4:e1:f8:03:79:e1:7f:72:f8:ba:1a:
f6:25:a7:1c:33:38:72:62:7d:da:1b:0f:b0:f2:c6:b4:0c:fa:
35:46:0c:0f:af:8d:f1:8c:4c:cb:62:b8:33:3e:fe:de:b1:10:
2b:aa:a9:ed:76:ad:8c:ec:b2:5b:58:13:b8:9d:aa:94:82:83:
f7:7c:8c:af
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNRIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
ODIyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJBMEY3NTI5ODcwRTkx
QkQyNjQxMjJCQzEwOUI4OTVBMzI1QjlGRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3BwQy3/egXPpUtN4Yiz5R5gZwJiN1QI+z0H/4Kqv75yCRGlpn
j5CPpFLwwrf8b51sMHnF2qd6mvC3jC892lFkULBwltpsfzi5Y9sEwbSWQkdFcwcH
HpeQZOB2VrOetiODxLIYttCXOCibVTQzQmTb3jlOQT/sI7b9RE7aAPZY9faL673z
ms12SZURzdLtMSqF4AUqFC+y1yW23h+iIKbJlDQvG52AkrVP0bE3C/T8ah+DTWXQ
kG4oj0U8CtrvnY14FcQoml3GzMDlvzLrL4S/rLF/01CF04C1NUNIcKue6WEZNzqV
W+GJO3c27UUpUbnVc00U9AUE2hKRpMki11KBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKg91KYcOkb0mQSK8EJuJWjJbn/QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tnOTFLWWNPa2IwbVFT
SzhFSnVKV2pKYm5fUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQPokhv/pPA20XB4l9DFy2BYTlGV9F0aO
T5FFVGP44XQxscG9FJZhm2EitASGDE47n9LCYE9dKefuQudI3ok77TkHuEKv665N
OsGKjyY64HtdmbHy2cbZji4r0sipfkBs2I+uffJ79E9qPslC8xc4HWFTxU0XaE3F
LCATcl3VKW4fls2kxvZaYqEAxaIH3Q785bnw9pSwRKetv3wstozEsz/tjOPwANf3
ZaaKPkG98m9ZCgY+Nj/ZTqWymNTh+AN54X9y+Loa9iWnHDM4cmJ92hsPsPLGtAz6
NUYMD6+N8YxMy2K4Mz7+3rEQK6qp7XatjOyyW1gTuJ2qlIKD93yMrw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:32 2024 by rpki-client on console-ams.rpki-client.org