Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kR7bS8J73S41hupJ2v1mqRZwQPU.roa
File: kR7bS8J73S41hupJ2v1mqRZwQPU.roa (raw, json)
Hash identifier: Qqf5JFd6g1qnh6kXlx7f80G7H/EdDoS5CVYDSvf3uM4=
Subject key identifier: 91:1E:DB:4B:C2:7B:DD:2E:35:86:EA:49:DA:FD:66:A9:16:70:40:F5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C66
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kR7bS8J73S41hupJ2v1mqRZwQPU.roa
Signing time: Tue 09 Apr 2024 02:52:51 +0000
ROA not before: Tue 09 Apr 2024 02:52:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15462 (0x3c66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 02:52:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=911EDB4BC27BDD2E3586EA49DAFD66A9167040F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:cd:08:94:6c:95:43:0e:d7:bd:7c:74:03:95:
64:04:83:32:c1:83:05:cd:ad:12:03:32:4a:25:4b:
3b:54:08:6b:6c:ed:e5:58:20:e7:22:c3:58:d4:f8:
14:25:a3:e6:e4:ad:cc:5d:13:df:0a:08:70:11:5e:
0c:83:2d:4e:fe:87:3e:f2:17:85:10:4d:a0:bd:04:
24:54:74:1e:cc:c4:3b:44:57:ca:72:39:65:f2:a7:
b0:0c:b3:b7:3f:73:53:af:b5:f4:74:88:6c:fa:d5:
7b:96:cd:da:1f:3d:8a:91:97:c9:97:c3:12:44:86:
9f:a4:fa:a4:2b:df:45:19:e9:64:83:3d:51:9f:a6:
fb:d8:83:c4:90:89:9a:2d:a5:5d:41:66:34:99:b0:
bf:06:b5:d9:13:50:0c:c6:2a:fd:a7:8c:eb:4b:8c:
25:eb:63:cc:98:20:01:ea:b6:35:7e:f6:dc:60:b8:
a2:87:2a:cf:d7:ca:20:5a:c1:17:1b:15:db:5d:a1:
df:17:fe:34:e6:0e:bb:fe:17:68:48:48:03:40:fb:
dd:91:7a:05:c0:0b:9c:4a:af:64:e3:79:1a:48:c4:
da:fa:a8:e0:4b:4f:9d:d3:95:63:38:97:21:c7:a2:
09:ee:44:1d:14:b6:2b:8d:1d:7d:95:1b:63:8b:df:
f9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1E:DB:4B:C2:7B:DD:2E:35:86:EA:49:DA:FD:66:A9:16:70:40:F5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kR7bS8J73S41hupJ2v1mqRZwQPU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:f0:7b:6b:2a:78:04:1b:72:c4:58:9f:51:68:28:21:6a:11:
64:cc:b6:56:b8:49:bd:14:cc:67:2e:85:e5:3a:df:91:f3:58:
aa:f3:06:fa:46:99:1b:87:38:3f:cb:19:9d:4f:d7:d1:be:64:
14:30:42:38:39:3b:06:f5:ac:a0:67:3d:1c:15:4c:16:5e:b5:
00:5a:d0:19:37:3c:4e:18:c6:09:c2:8c:10:ac:61:5a:59:ea:
81:03:eb:bd:96:64:c6:3d:b1:42:32:3a:b1:b6:fa:fe:d7:bc:
b2:d0:44:3d:1e:95:8b:f8:e1:ba:79:c0:96:2d:0f:5c:e3:9b:
48:d9:a6:6e:fa:17:e6:77:e6:a3:d5:62:55:1e:7c:ac:af:8f:
11:81:76:99:66:1d:2d:c9:3d:ff:f2:d0:27:d1:ce:e5:c3:00:
c5:e8:48:39:be:04:80:1b:35:6c:53:60:15:24:67:68:48:7d:
f3:2f:80:5e:20:e9:c0:46:13:ff:61:53:40:03:e8:1f:58:15:
25:ca:d8:52:5a:63:2a:3b:ad:69:ee:38:11:63:bf:b5:e0:74:
d9:a3:59:60:ea:77:71:a1:19:69:3b:0b:4d:3c:6f:e3:9a:f3:
83:a3:e8:0f:95:48:6f:69:f5:60:54:f0:65:a2:47:2d:18:6e:
3c:b2:11:bf
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkw
MjUyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxMUVEQjRCQzI3QkRE
MkUzNTg2RUE0OURBRkQ2NkE5MTY3MDQwRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhzQiUbJVDDte9fHQDlWQEgzLBgwXNrRIDMkolSztUCGts7eVY
IOciw1jU+BQlo+bkrcxdE98KCHARXgyDLU7+hz7yF4UQTaC9BCRUdB7MxDtEV8py
OWXyp7AMs7c/c1OvtfR0iGz61XuWzdofPYqRl8mXwxJEhp+k+qQr30UZ6WSDPVGf
pvvYg8SQiZotpV1BZjSZsL8GtdkTUAzGKv2njOtLjCXrY8yYIAHqtjV+9txguKKH
Ks/XyiBawRcbFdtdod8X/jTmDrv+F2hISANA+92RegXAC5xKr2TjeRpIxNr6qOBL
T53TlWM4lyHHognuRB0UtiuNHX2VG2OL3/l/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkR7bS8J73S41hupJ2v1mqRZwQPUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tSN2JTOEo3M1M0MWh1
cEoydjFtcVJad1FQVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAhvB7ayp4BBtyxFifUWgoIWoRZMy2VrhJ
vRTMZy6F5TrfkfNYqvMG+kaZG4c4P8sZnU/X0b5kFDBCODk7BvWsoGc9HBVMFl61
AFrQGTc8ThjGCcKMEKxhWlnqgQPrvZZkxj2xQjI6sbb6/te8stBEPR6Vi/jhunnA
li0PXOObSNmmbvoX5nfmo9ViVR58rK+PEYF2mWYdLck9//LQJ9HO5cMAxehIOb4E
gBs1bFNgFSRnaEh98y+AXiDpwEYT/2FTQAPoH1gVJcrYUlpjKjutae44EWO/teB0
2aNZYOp3caEZaTsLTTxv45rzg6PoD5VIb2n1YFTwZaJHLRhuPLIRvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org