Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/asNKE4k5Jct6DHJfHx4z0Z073XQ.roa
File: asNKE4k5Jct6DHJfHx4z0Z073XQ.roa (raw, json)
Hash identifier: 4En7X0zHKgJTN0l0jWZkkw7qv7MHU6HPqp8zfD8lY64=
Subject key identifier: 6A:C3:4A:13:89:39:25:CB:7A:0C:72:5F:1F:1E:33:D1:9D:3B:DD:74
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3566
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/asNKE4k5Jct6DHJfHx4z0Z073XQ.roa
Signing time: Sat 30 Mar 2024 18:52:08 +0000
ROA not before: Sat 30 Mar 2024 18:52:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13670 (0x3566)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 18:52:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6AC34A13893925CB7A0C725F1F1E33D19D3BDD74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5b:1f:68:9b:1c:f6:ec:b6:81:b8:25:45:8f:
c9:9d:2f:3e:f4:19:61:e3:8f:8d:67:19:a4:9b:1a:
7c:36:c5:5b:76:a5:25:e2:a0:5d:c8:e7:af:11:2a:
1f:32:04:60:28:46:20:84:5b:72:fa:5a:1c:f0:d1:
0b:d1:41:01:25:2d:91:19:e3:c2:c4:6a:13:b3:5f:
49:28:38:1a:b3:eb:e3:04:73:da:e8:96:b9:2f:fe:
52:8a:24:b6:28:ac:78:df:47:c0:76:06:0d:ba:ef:
d9:a8:3e:02:43:95:52:ff:e6:87:c9:4f:85:82:11:
23:10:bb:ba:09:bf:4a:4a:d7:53:72:8c:2c:68:41:
a3:d7:ba:67:7d:64:94:07:1a:43:a6:8d:d5:51:f6:
bf:1b:9e:08:a1:d2:10:27:e9:aa:52:f9:14:ea:cd:
37:35:42:70:69:4b:97:b6:81:e9:83:ac:46:1e:4b:
d4:9e:b7:43:a7:cb:97:9d:27:bb:94:8e:ba:c5:84:
a8:5f:d1:00:fd:64:7b:3d:27:d9:e6:98:52:35:23:
99:cf:10:e6:9f:5a:02:0f:a6:7b:c4:b0:66:ef:13:
22:ac:f8:b7:b3:f2:77:29:12:25:96:e3:ff:e3:3a:
2f:e2:6e:ce:d5:87:fd:93:ff:99:19:9f:69:a6:0e:
01:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C3:4A:13:89:39:25:CB:7A:0C:72:5F:1F:1E:33:D1:9D:3B:DD:74
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/asNKE4k5Jct6DHJfHx4z0Z073XQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8f:f3:34:88:e3:37:c9:f9:4e:9b:e2:f8:51:16:16:fa:8b:83:
0a:f5:11:17:62:b6:ce:0d:17:a0:7a:18:ba:8b:7e:df:40:73:
ad:19:ff:ce:21:c8:9d:7b:8c:1c:63:d8:7c:59:2b:96:df:7e:
65:02:0a:c0:57:90:9a:f3:2d:87:8f:aa:e0:bf:3b:52:6c:49:
f8:41:a5:c8:ec:c5:23:d1:ee:f6:29:7d:ae:08:70:2c:5a:ac:
81:b6:b8:79:94:b4:35:87:2d:38:94:db:65:f3:fd:12:75:8d:
68:69:05:88:4b:1e:94:17:ad:7b:ca:fd:51:a2:47:fe:9c:21:
3f:cc:ee:af:a5:13:c0:66:e9:d6:d1:f3:64:f0:15:87:8b:63:
bf:42:24:7d:9d:5e:2b:e3:94:44:b2:49:06:d8:0c:77:69:34:
52:80:e3:57:47:5c:b0:ff:5a:31:68:5a:d4:67:12:d3:c3:81:
24:f3:76:c0:03:d2:6b:93:1c:17:46:26:20:1c:58:a7:2d:23:
fa:99:3c:4b:90:2b:20:2d:c6:31:3d:9a:52:f4:2e:e4:6b:d6:
38:37:14:dc:0d:24:17:81:94:fe:65:f8:26:4c:77:fc:a7:20:
d2:ec:b3:cb:1d:e5:a8:fd:a2:c9:70:e6:57:50:3a:c8:d7:7a:
b2:48:90:9a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNWYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
ODUyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBQzM0QTEzODkzOTI1
Q0I3QTBDNzI1RjFGMUUzM0QxOUQzQkRENzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPWx9omxz27LaBuCVFj8mdLz70GWHjj41nGaSbGnw2xVt2pSXi
oF3I568RKh8yBGAoRiCEW3L6Whzw0QvRQQElLZEZ48LEahOzX0koOBqz6+MEc9ro
lrkv/lKKJLYorHjfR8B2Bg2679moPgJDlVL/5ofJT4WCESMQu7oJv0pK11NyjCxo
QaPXumd9ZJQHGkOmjdVR9r8bngih0hAn6apS+RTqzTc1QnBpS5e2gemDrEYeS9Se
t0Ony5edJ7uUjrrFhKhf0QD9ZHs9J9nmmFI1I5nPEOafWgIPpnvEsGbvEyKs+Lez
8ncpEiWW4//jOi/ibs7Vh/2T/5kZn2mmDgGFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUasNKE4k5Jct6DHJfHx4z0Z073XQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FzTktFNGs1SmN0NkRI
SmZIeDR6MFowNzNYUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAj/M0iOM3yflOm+L4URYW+ouDCvURF2K2
zg0XoHoYuot+30BzrRn/ziHInXuMHGPYfFkrlt9+ZQIKwFeQmvMth4+q4L87UmxJ
+EGlyOzFI9Hu9il9rghwLFqsgba4eZS0NYctOJTbZfP9EnWNaGkFiEselBete8r9
UaJH/pwhP8zur6UTwGbp1tHzZPAVh4tjv0IkfZ1eK+OURLJJBtgMd2k0UoDjV0dc
sP9aMWha1GcS08OBJPN2wAPSa5McF0YmIBxYpy0j+pk8S5ArIC3GMT2aUvQu5GvW
ODcU3A0kF4GU/mX4Jkx3/Kcg0uyzyx3lqP2iyXDmV1A6yNd6skiQmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:34 2024 by rpki-client on console-fra.rpki-client.org