Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/k4qlIuBej-zBIIrgDeJPP82BjB8.roa
File: k4qlIuBej-zBIIrgDeJPP82BjB8.roa (raw, json)
Hash identifier: p/MbymnR5u3JkpJioPTvnZKyM086HXZST2TfD/3L92o=
Subject key identifier: 93:8A:A5:22:E0:5E:8F:EC:C1:20:8A:E0:0D:E2:4F:3F:CD:81:8C:1F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 526E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/k4qlIuBej-zBIIrgDeJPP82BjB8.roa
Signing time: Wed 08 May 2024 11:53:57 +0000
ROA not before: Wed 08 May 2024 11:53:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21102 (0x526e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 11:53:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=938AA522E05E8FECC1208AE00DE24F3FCD818C1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b8:e0:dd:c2:df:d3:8c:0a:23:59:d0:38:f9:
7a:d7:b4:5f:9c:94:f8:fd:c4:e7:59:fa:0d:14:27:
d6:b0:cb:64:4b:b5:55:cd:7d:10:31:20:11:13:9d:
41:dc:f9:dc:b4:0e:25:f3:76:fc:4d:56:e9:ad:82:
9c:3b:5e:13:66:a5:c2:bf:bf:c4:30:2e:0f:88:64:
9e:61:db:77:a4:a9:74:6a:d0:80:f9:40:a1:7e:5d:
f7:c5:d1:5d:d1:dd:26:94:e8:2e:0f:6a:66:ce:fa:
f6:57:5e:ca:92:6f:07:1a:65:72:32:fd:5d:1f:29:
b6:1c:5f:a3:05:95:71:49:f7:4a:60:af:ed:e0:3a:
17:27:ee:6d:af:5c:03:5b:c3:3c:2c:68:5e:aa:61:
e6:35:55:af:3e:ce:36:6c:c2:b2:08:cc:c8:42:c4:
7d:27:ef:f6:43:4b:55:08:a3:d8:ce:15:e5:c3:70:
86:22:ed:ab:ac:e8:bd:a1:f2:a2:a4:79:ff:b4:62:
6a:26:79:cb:b1:33:a8:5c:4b:eb:e3:d5:34:66:65:
98:97:da:39:21:70:05:c1:95:8c:62:e4:3d:f2:9e:
9f:5e:73:ab:3b:4b:4f:fb:71:f4:80:c2:c4:a8:32:
5d:a8:1d:c8:7d:3f:1d:2d:cb:68:c0:94:80:a4:9e:
13:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:8A:A5:22:E0:5E:8F:EC:C1:20:8A:E0:0D:E2:4F:3F:CD:81:8C:1F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/k4qlIuBej-zBIIrgDeJPP82BjB8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:20:a4:05:00:39:df:8f:f9:5d:81:5c:c3:80:0c:d4:c4:83:
8e:70:14:fd:e3:10:fa:3b:63:bc:61:07:ae:03:a5:98:64:92:
1c:bc:a8:60:7e:be:fb:98:92:9a:93:80:9e:67:42:7b:0c:26:
b0:82:f8:f8:2f:d5:1f:28:4c:15:02:9f:fb:6e:37:b8:ce:05:
c0:f0:1a:ec:b6:44:87:41:0b:6d:6c:a7:30:c8:13:68:57:f5:
0a:4c:e7:cf:84:d4:5a:d9:3c:0e:2b:0e:65:d7:b2:a4:9a:56:
b0:55:fd:9e:ec:0f:f2:4a:7a:6e:4f:07:89:40:87:69:fa:1b:
7d:83:e8:b5:78:ff:c1:02:bc:e1:89:d5:c3:5d:bb:fe:d9:89:
bb:a5:7a:58:ea:bc:42:66:45:20:dc:c3:8b:24:56:77:88:b7:
50:56:ad:4c:ac:be:15:dc:a7:38:30:bc:e6:c8:c0:ae:ac:e3:
7a:2e:e6:42:71:f7:fd:db:fb:82:60:66:fd:b5:15:74:7f:ff:
fe:ab:33:d8:43:d3:45:e5:93:d7:d1:50:df:8a:15:9a:97:40:
63:00:b1:6b:37:de:eb:98:fa:12:13:ab:5a:91:c8:b6:88:f2:
98:3f:ac:13:58:d7:bb:b0:d1:e7:be:77:7a:8b:31:d7:77:1b:
45:58:6d:62
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUm4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgx
MTUzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkzOEFBNTIyRTA1RThG
RUNDMTIwOEFFMDBERTI0RjNGQ0Q4MThDMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyuODdwt/TjAojWdA4+XrXtF+clPj9xOdZ+g0UJ9awy2RLtVXN
fRAxIBETnUHc+dy0DiXzdvxNVumtgpw7XhNmpcK/v8QwLg+IZJ5h23ekqXRq0ID5
QKF+XffF0V3R3SaU6C4PambO+vZXXsqSbwcaZXIy/V0fKbYcX6MFlXFJ90pgr+3g
Ohcn7m2vXANbwzwsaF6qYeY1Va8+zjZswrIIzMhCxH0n7/ZDS1UIo9jOFeXDcIYi
7aus6L2h8qKkef+0YmomecuxM6hcS+vj1TRmZZiX2jkhcAXBlYxi5D3ynp9ec6s7
S0/7cfSAwsSoMl2oHch9Px0ty2jAlICknhMJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUk4qlIuBej+zBIIrgDeJPP82BjB8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2s0cWxJdUJlai16QklJ
cmdEZUpQUDgyQmpCOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAMyCkBQA534/5XYFcw4AM1MSDjnAU/eMQ
+jtjvGEHrgOlmGSSHLyoYH6++5iSmpOAnmdCewwmsIL4+C/VHyhMFQKf+243uM4F
wPAa7LZEh0ELbWynMMgTaFf1Ckznz4TUWtk8DisOZdeypJpWsFX9nuwP8kp6bk8H
iUCHafobfYPotXj/wQK84YnVw127/tmJu6V6WOq8QmZFINzDiyRWd4i3UFatTKy+
FdynODC85sjArqzjei7mQnH3/dv7gmBm/bUVdH///qsz2EPTReWT19FQ34oVmpdA
YwCxazfe65j6EhOrWpHItojymD+sE1jXu7DR5753eosx13cbRVhtYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org