Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kIdhoXZTQkXbvRzSlSZpdORqC8Y.roa
File: kIdhoXZTQkXbvRzSlSZpdORqC8Y.roa (raw, json)
Hash identifier: znhBBqqqp5MpzRE+ov7+xeVe1+G+V3rhjIwKHiIA4RY=
Subject key identifier: 90:87:61:A1:76:53:42:45:DB:BD:1C:D2:95:26:69:74:E4:6A:0B:C6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3CAE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kIdhoXZTQkXbvRzSlSZpdORqC8Y.roa
Signing time: Tue 09 Apr 2024 11:52:37 +0000
ROA not before: Tue 09 Apr 2024 11:52:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15534 (0x3cae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 11:52:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=908761A176534245DBBD1CD295266974E46A0BC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5b:95:7d:de:4a:9a:b6:aa:af:ed:11:fd:1d:
34:98:60:4f:36:d9:31:4a:67:ad:3b:e1:07:bf:e0:
9c:ba:95:17:3f:3e:78:d1:bf:d2:68:9d:95:53:40:
1e:86:99:62:35:46:f2:f9:78:3d:c7:70:0b:13:41:
64:25:58:40:29:9f:b9:b4:38:28:f2:a8:c3:ec:85:
5d:72:3a:f2:32:ac:b5:bc:b0:91:eb:93:fc:1e:ca:
8a:6a:67:5f:cf:9b:73:0c:c0:f8:20:84:a4:16:34:
1b:a0:27:d9:51:e3:55:31:13:f6:10:a9:ab:19:bc:
f6:57:d5:f6:a6:58:30:02:76:d4:32:74:aa:86:f2:
76:c9:b1:ce:ee:cd:7e:52:d1:73:7b:b1:0d:de:c8:
c7:c7:b3:01:3c:70:92:a3:b3:e2:19:42:c5:9e:6d:
a3:00:19:e7:24:2c:2c:74:3c:6c:eb:3d:7e:c3:ed:
8c:57:0e:0e:05:f5:c3:31:84:aa:35:34:0f:b8:a9:
84:37:2a:9b:23:f3:f2:77:96:4e:77:e5:3f:e5:1c:
d3:2f:e9:16:d3:03:39:af:aa:ee:38:5d:b9:be:65:
14:a2:61:8b:20:6a:09:fe:1d:e4:1b:c9:fd:68:3a:
63:6b:be:ac:a0:6b:9d:03:fd:4e:ba:c3:48:57:4d:
c5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:87:61:A1:76:53:42:45:DB:BD:1C:D2:95:26:69:74:E4:6A:0B:C6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kIdhoXZTQkXbvRzSlSZpdORqC8Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:c1:ed:6d:c7:61:ec:5a:7c:e9:0f:f3:3d:8d:a5:22:51:3a:
d7:e5:8a:ed:2d:e8:cc:a8:ab:a2:0a:7b:f0:d8:2e:33:11:83:
d5:e0:51:40:10:38:70:68:49:06:a4:ae:b2:2b:37:d4:09:e6:
a1:52:61:bc:d9:e6:5a:f7:53:a3:80:06:3c:8c:9c:48:e7:fe:
50:7f:2f:7a:0e:17:a3:1c:62:1e:e0:ab:31:65:53:8e:40:e3:
17:a1:82:e4:03:1f:b6:18:1c:69:58:83:c2:a1:82:c0:c4:b4:
b9:92:8e:4a:28:47:ea:8b:bf:9c:73:42:f1:24:7c:36:5f:44:
8f:76:16:6d:fa:44:aa:a5:8d:e5:c8:4a:f7:85:9e:2c:5e:71:
f5:79:63:66:53:e8:83:12:2e:61:fa:10:ab:8e:72:aa:1b:f9:
91:43:7e:2b:91:77:c2:1e:e5:ae:5e:58:be:1d:67:9d:73:9d:
cb:69:91:be:1e:40:35:42:da:3d:cd:ab:0a:fd:a4:ad:32:d3:
cb:1c:fd:29:91:d9:4d:c2:32:92:16:86:9f:9e:df:77:4b:77:
af:b9:43:80:07:c4:73:12:7c:33:3a:66:b6:c7:8f:59:99:9e:
ee:10:e0:72:89:44:65:57:4d:8c:03:44:9b:5f:e5:ce:17:a3:
93:84:8a:ea
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPK4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkx
MTUyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwODc2MUExNzY1MzQy
NDVEQkJEMUNEMjk1MjY2OTc0RTQ2QTBCQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2W5V93kqatqqv7RH9HTSYYE822TFKZ6074Qe/4Jy6lRc/PnjR
v9JonZVTQB6GmWI1RvL5eD3HcAsTQWQlWEApn7m0OCjyqMPshV1yOvIyrLW8sJHr
k/weyopqZ1/Pm3MMwPgghKQWNBugJ9lR41UxE/YQqasZvPZX1famWDACdtQydKqG
8nbJsc7uzX5S0XN7sQ3eyMfHswE8cJKjs+IZQsWebaMAGeckLCx0PGzrPX7D7YxX
Dg4F9cMxhKo1NA+4qYQ3Kpsj8/J3lk535T/lHNMv6RbTAzmvqu44Xbm+ZRSiYYsg
agn+HeQbyf1oOmNrvqyga50D/U66w0hXTcVjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkIdhoXZTQkXbvRzSlSZpdORqC8YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tJZGhvWFpUUWtYYnZS
elNsU1pwZE9ScUM4WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAMMHtbcdh7Fp86Q/zPY2lIlE61+WK7S3o
zKirogp78NguMxGD1eBRQBA4cGhJBqSusis31AnmoVJhvNnmWvdTo4AGPIycSOf+
UH8veg4XoxxiHuCrMWVTjkDjF6GC5AMfthgcaViDwqGCwMS0uZKOSihH6ou/nHNC
8SR8Nl9Ej3YWbfpEqqWN5chK94WeLF5x9XljZlPogxIuYfoQq45yqhv5kUN+K5F3
wh7lrl5Yvh1nnXOdy2mRvh5ANULaPc2rCv2krTLTyxz9KZHZTcIykhaGn57fd0t3
r7lDgAfEcxJ8MzpmtsePWZme7hDgcolEZVdNjANEm1/lzhejk4SK6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org