Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kNKrDR9mOXsdDjnf6eAasAg7Rmo.roa
File: kNKrDR9mOXsdDjnf6eAasAg7Rmo.roa (raw, json)
Hash identifier: BmIUMTBL2AeJS0uaY3Qx4ACyH6Egbg/jMkh/UZkqYwM=
Subject key identifier: 90:D2:AB:0D:1F:66:39:7B:1D:0E:39:DF:E9:E0:1A:B0:08:3B:46:6A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41C2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kNKrDR9mOXsdDjnf6eAasAg7Rmo.roa
Signing time: Tue 16 Apr 2024 06:23:28 +0000
ROA not before: Tue 16 Apr 2024 06:23:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16834 (0x41c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 06:23:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=90D2AB0D1F66397B1D0E39DFE9E01AB0083B466A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:df:aa:d7:6a:ae:7f:26:65:d7:49:8f:39:09:
2c:6d:bf:9d:a2:4b:53:59:47:42:ae:59:cb:47:69:
39:c6:63:1f:92:fb:52:c2:85:fc:ad:5e:b8:1a:f1:
b5:39:a0:26:b3:d2:e7:f0:5d:ab:7c:98:8a:05:36:
95:bc:23:d3:9d:5e:04:58:37:e6:ad:7d:14:08:52:
1c:e1:ab:2b:8f:a2:62:2a:e0:e0:6d:7d:7d:55:bf:
61:e3:5c:57:c5:b5:70:48:ea:c2:fa:92:94:94:c7:
68:be:fb:c3:50:be:25:21:d1:3e:e7:87:60:0c:66:
a2:ac:26:84:47:4b:fc:ff:7b:83:33:90:1c:c5:cf:
80:c6:15:d2:8c:cf:d2:e2:bc:87:c8:96:d2:fc:8a:
0c:f4:05:fe:03:3a:15:f9:41:aa:f4:1d:29:f0:c0:
9b:20:53:20:17:78:ff:8c:2f:9c:99:39:d1:4d:d2:
95:df:a7:c6:ea:ad:b7:10:49:6f:8f:02:67:ef:ed:
7b:6a:11:a9:8e:a7:4d:cb:2b:f3:24:5c:82:63:29:
1d:fd:73:2d:9b:3d:b6:9e:25:a4:c8:c6:36:19:1b:
82:88:3f:1f:c2:84:d9:db:d8:4d:63:ee:34:48:c1:
a9:19:ab:97:90:5a:8f:57:de:31:4d:a2:98:b7:89:
f3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D2:AB:0D:1F:66:39:7B:1D:0E:39:DF:E9:E0:1A:B0:08:3B:46:6A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kNKrDR9mOXsdDjnf6eAasAg7Rmo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:3c:59:5e:87:7d:47:5f:1e:ac:ac:b6:ea:16:6b:f8:43:14:
d0:94:e6:1e:8a:01:36:dd:ae:c1:2f:93:e1:fd:cb:2c:fb:65:
37:9f:75:2e:77:dd:f1:38:d2:4a:49:f2:9f:7c:c3:6b:39:d5:
df:62:45:0b:af:9a:fe:f6:8d:3d:68:3a:da:27:35:4d:a3:7b:
df:0e:5c:62:89:08:ae:9c:98:39:3f:64:33:06:1e:a9:80:a6:
89:eb:3e:8b:fb:50:28:6e:6b:1e:69:d1:15:0e:28:d7:ef:7a:
96:17:7c:9c:5f:af:2b:6c:84:97:5a:8c:28:cf:b9:0e:b2:15:
27:d3:0a:76:27:0e:3f:2c:2b:ed:4c:24:92:b5:7b:3b:29:b9:
5b:5c:46:36:9c:fa:ec:10:3a:78:c3:d0:de:c0:c9:c4:e3:88:
c6:19:9f:91:b0:e5:e6:77:93:69:56:95:c3:24:b1:ca:d2:66:
71:6f:d2:4f:f4:8f:08:2e:7e:dd:0d:5d:9e:24:df:c8:84:48:
20:6f:05:c1:74:86:4d:87:bb:42:05:87:06:bb:7a:a5:e9:73:
70:a0:01:86:42:ce:7e:42:de:4d:7c:43:df:a5:50:5a:88:ce:
92:4e:86:27:49:b4:a8:f9:f2:d3:dd:a1:30:82:93:6e:dc:7b:
02:ba:a9:c6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQcIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
NjIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwRDJBQjBEMUY2NjM5
N0IxRDBFMzlERkU5RTAxQUIwMDgzQjQ2NkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCn36rXaq5/JmXXSY85CSxtv52iS1NZR0KuWctHaTnGYx+S+1LC
hfytXrga8bU5oCaz0ufwXat8mIoFNpW8I9OdXgRYN+atfRQIUhzhqyuPomIq4OBt
fX1Vv2HjXFfFtXBI6sL6kpSUx2i++8NQviUh0T7nh2AMZqKsJoRHS/z/e4MzkBzF
z4DGFdKMz9LivIfIltL8igz0Bf4DOhX5Qar0HSnwwJsgUyAXeP+ML5yZOdFN0pXf
p8bqrbcQSW+PAmfv7XtqEamOp03LK/MkXIJjKR39cy2bPbaeJaTIxjYZG4KIPx/C
hNnb2E1j7jRIwakZq5eQWo9X3jFNopi3ifPhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkNKrDR9mOXsdDjnf6eAasAg7RmowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tOS3JEUjltT1hzZERq
bmY2ZUFhc0FnN1Jtby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAPTxZXod9R18erKy26hZr+EMU0JTmHooB
Nt2uwS+T4f3LLPtlN591Lnfd8TjSSknyn3zDaznV32JFC6+a/vaNPWg62ic1TaN7
3w5cYokIrpyYOT9kMwYeqYCmies+i/tQKG5rHmnRFQ4o1+96lhd8nF+vK2yEl1qM
KM+5DrIVJ9MKdicOPywr7UwkkrV7Oym5W1xGNpz67BA6eMPQ3sDJxOOIxhmfkbDl
5neTaVaVwySxytJmcW/ST/SPCC5+3Q1dniTfyIRIIG8FwXSGTYe7QgWHBrt6pelz
cKABhkLOfkLeTXxD36VQWojOkk6GJ0m0qPny092hMIKTbtx7Arqpxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org