Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kArNrzvzIdS-jU_oJ6DoV3T87ik.roa
File: kArNrzvzIdS-jU_oJ6DoV3T87ik.roa (raw, json)
Hash identifier: XH1izXPakeRHQlZzjR0snRd4soxKLIIQpzAvcNmePXw=
Subject key identifier: 90:0A:CD:AF:3B:F3:21:D4:BE:8D:4F:E8:27:A0:E8:57:74:FC:EE:29
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 418E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kArNrzvzIdS-jU_oJ6DoV3T87ik.roa
Signing time: Mon 15 Apr 2024 23:52:58 +0000
ROA not before: Mon 15 Apr 2024 23:52:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16782 (0x418e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 23:52:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=900ACDAF3BF321D4BE8D4FE827A0E85774FCEE29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0f:76:16:15:15:ac:42:10:b9:62:f7:e0:cf:
35:10:73:5c:e8:3c:98:ff:9a:f0:64:52:a4:08:82:
62:40:9d:a2:05:e5:b4:8f:bf:2f:20:18:8e:ee:32:
15:21:16:4c:7a:23:e9:43:dd:be:5b:b0:e4:c9:54:
29:b6:5a:2c:a0:68:29:0d:6b:63:ee:8c:d8:1a:1d:
fe:20:87:26:03:17:42:b6:2d:92:54:c2:83:c7:51:
90:f4:d5:d0:cf:44:3b:a8:95:f5:45:ec:e4:77:d8:
2b:74:77:f1:f4:f5:76:af:5c:96:bd:a4:bc:af:30:
7c:d1:20:77:7f:cb:97:c2:5b:7e:b0:7a:a2:12:f9:
10:0f:2a:1d:77:b5:22:6c:55:62:23:13:a4:a2:fe:
8f:60:c9:bd:7e:b1:eb:3b:3f:65:bf:c0:cc:fb:97:
4c:d9:60:ac:ce:38:72:dc:9d:c6:a0:54:92:31:49:
ac:ff:16:f8:7c:50:4e:f7:3c:43:ca:66:14:54:c0:
23:bd:87:ff:1f:67:80:2c:6e:c0:10:f6:e3:aa:53:
6b:eb:ec:34:3a:fc:95:54:76:37:61:a0:48:75:85:
86:6b:7f:b3:62:6c:6c:b1:c4:cc:28:91:2a:42:a5:
1f:fc:5a:5e:0f:0a:13:31:f2:40:a9:c1:06:91:b0:
59:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0A:CD:AF:3B:F3:21:D4:BE:8D:4F:E8:27:A0:E8:57:74:FC:EE:29
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kArNrzvzIdS-jU_oJ6DoV3T87ik.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:7c:9b:d9:40:6e:a9:a0:5a:99:24:5a:b5:34:0a:71:ca:31:
e2:5e:78:d1:bb:a6:38:a1:71:a1:28:20:8b:53:5f:d5:7c:d3:
22:44:51:94:16:cb:54:da:b6:ca:0a:da:5a:4f:3c:90:d1:42:
07:04:64:92:33:94:46:79:c6:2b:18:38:e0:db:87:17:4c:f0:
4d:75:ef:01:41:79:4a:62:38:96:19:46:16:f7:dd:31:de:37:
7d:01:ec:1b:97:d6:4d:79:2a:1c:64:80:e9:16:e2:58:c4:3a:
a7:d2:af:a5:b9:d0:8a:2a:8b:f6:0d:82:b7:04:57:42:da:23:
6e:b6:d2:77:e9:8a:a3:46:6d:39:18:ea:04:06:06:a4:17:6c:
56:31:63:88:70:95:3b:9d:41:13:77:ad:c0:a6:1b:3d:e1:3d:
66:7d:f3:af:ac:9a:35:3e:ce:f3:56:f1:9c:58:77:34:e9:aa:
2b:fb:7e:fe:11:89:cf:ca:52:20:38:e6:17:31:6d:95:cd:1b:
b4:07:d9:31:a5:62:dc:6f:a9:93:1b:f0:56:6e:6a:a9:6d:41:
4b:44:04:94:03:c6:d6:53:70:b2:51:fa:13:f4:cb:c0:30:f4:
89:50:1d:03:39:9c:0b:10:07:35:ee:1f:78:6e:80:1d:3c:81:
8a:e1:93:83
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQY4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUy
MzUyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwMEFDREFGM0JGMzIx
RDRCRThENEZFODI3QTBFODU3NzRGQ0VFMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAD3YWFRWsQhC5YvfgzzUQc1zoPJj/mvBkUqQIgmJAnaIF5bSP
vy8gGI7uMhUhFkx6I+lD3b5bsOTJVCm2WiygaCkNa2PujNgaHf4ghyYDF0K2LZJU
woPHUZD01dDPRDuolfVF7OR32Ct0d/H09XavXJa9pLyvMHzRIHd/y5fCW36weqIS
+RAPKh13tSJsVWIjE6Si/o9gyb1+ses7P2W/wMz7l0zZYKzOOHLcncagVJIxSaz/
Fvh8UE73PEPKZhRUwCO9h/8fZ4AsbsAQ9uOqU2vr7DQ6/JVUdjdhoEh1hYZrf7Ni
bGyxxMwokSpCpR/8Wl4PChMx8kCpwQaRsFkXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkArNrzvzIdS+jU/oJ6DoV3T87ikwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tBck5yenZ6SWRTLWpV
X29KNkRvVjNUODdpay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAAHyb2UBuqaBamSRatTQKccox4l540bum
OKFxoSggi1Nf1XzTIkRRlBbLVNq2ygraWk88kNFCBwRkkjOURnnGKxg44NuHF0zw
TXXvAUF5SmI4lhlGFvfdMd43fQHsG5fWTXkqHGSA6RbiWMQ6p9KvpbnQiiqL9g2C
twRXQtojbrbSd+mKo0ZtORjqBAYGpBdsVjFjiHCVO51BE3etwKYbPeE9Zn3zr6ya
NT7O81bxnFh3NOmqK/t+/hGJz8pSIDjmFzFtlc0btAfZMaVi3G+pkxvwVm5qqW1B
S0QElAPG1lNwslH6E/TLwDD0iVAdAzmcCxAHNe4feG6AHTyBiuGTgw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:05 2024 by rpki-client on console-ams.rpki-client.org