Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kRnQpVr431j2GIJ-llvC_iV7x88.roa
File: kRnQpVr431j2GIJ-llvC_iV7x88.roa (raw, json)
Hash identifier: xnQP23p4H8SAea4nmDP1a1b54WxciiBs1SXJ6BRLfvg=
Subject key identifier: 91:19:D0:A5:5A:F8:DF:58:F6:18:82:7E:96:5B:C2:FE:25:7B:C7:CF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4442
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kRnQpVr431j2GIJ-llvC_iV7x88.roa
Signing time: Fri 19 Apr 2024 14:23:01 +0000
ROA not before: Fri 19 Apr 2024 14:23:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17474 (0x4442)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 14:23:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9119D0A55AF8DF58F618827E965BC2FE257BC7CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:23:c7:0c:d8:e1:d7:64:09:8b:c3:4e:c4:88:
4e:6f:50:6d:31:2f:bc:9f:0e:39:c2:5a:2c:3a:ac:
54:1b:09:d1:4e:13:f6:d5:42:57:ae:8c:b1:04:05:
a3:14:4e:d7:ac:ad:52:9c:55:77:45:21:e4:ea:21:
86:0e:e9:fd:f8:34:77:cb:36:3a:89:c5:0a:b3:6b:
cc:af:e7:f6:68:f1:30:82:3f:92:70:ec:ff:ef:2b:
62:90:e4:22:78:59:4f:3d:65:23:c6:67:8d:34:69:
4d:7d:51:e5:67:2d:fc:54:9e:8f:00:96:17:8f:f9:
c5:2b:a4:f7:fd:be:d0:33:55:f2:4e:0b:4d:be:96:
ca:d7:19:24:29:cb:30:06:2e:0f:e1:a2:6f:dd:de:
81:d0:63:ee:4e:1b:1d:7a:74:bb:78:b2:2e:33:1e:
d3:a0:8d:4a:41:c8:5e:55:80:39:fd:90:4c:44:cb:
bd:c9:5a:f7:13:7d:9d:d1:81:56:c3:34:73:9f:ea:
2c:df:2a:f9:d9:e1:6b:45:8d:6d:3b:75:fc:6a:e7:
2f:c0:a2:1a:a9:e3:4c:e3:c4:aa:b3:b5:1c:1c:28:
ed:6d:8a:4e:ac:52:68:08:43:29:d6:bf:d1:b7:51:
3e:03:4e:bf:8e:d1:a3:d0:21:ae:85:d8:85:10:df:
79:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:19:D0:A5:5A:F8:DF:58:F6:18:82:7E:96:5B:C2:FE:25:7B:C7:CF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kRnQpVr431j2GIJ-llvC_iV7x88.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:b4:57:4e:9f:36:cd:f7:b1:fb:ed:34:6a:da:d3:c1:43:30:
e0:7a:d4:17:22:74:13:f2:c2:ef:de:40:fd:31:16:2c:bd:26:
b7:67:0b:3d:e0:16:a7:19:c9:d8:34:d2:a5:d9:a4:b6:66:d3:
f9:74:92:c0:88:1e:a1:e2:9e:f6:56:8f:91:cf:24:25:7a:15:
e8:4b:bd:85:c3:cd:7f:aa:bd:98:01:82:c4:b8:36:51:88:91:
25:49:c1:a4:d3:1b:79:a3:77:ad:80:53:9c:44:a7:a3:8d:bf:
e6:49:6c:45:ee:2b:30:17:f2:38:d5:c2:af:c6:6e:29:76:73:
29:7d:4c:c8:b5:71:76:ec:c3:ef:e3:3b:98:16:21:77:57:6e:
99:a4:65:65:fd:23:f9:15:44:34:7d:5b:ed:66:01:b5:49:02:
0b:a4:7e:0e:24:9a:6e:70:c7:76:cd:b5:af:73:02:0a:4e:7f:
b6:d9:ca:a0:da:aa:70:56:e8:8f:d9:72:68:25:58:4e:de:c7:
1c:90:4a:b0:83:45:03:be:1a:66:62:cb:42:48:0f:c3:1f:0b:
28:4c:39:fa:cf:1c:f4:08:e1:c5:73:0b:01:80:1a:15:1d:0c:
f1:2b:b1:d8:ea:77:1b:db:61:53:54:ef:0e:e5:e4:03:6a:41:
6c:0f:aa:64
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICREIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkx
NDIzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxMTlEMEE1NUFGOERG
NThGNjE4ODI3RTk2NUJDMkZFMjU3QkM3Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6I8cM2OHXZAmLw07EiE5vUG0xL7yfDjnCWiw6rFQbCdFOE/bV
QleujLEEBaMUTtesrVKcVXdFIeTqIYYO6f34NHfLNjqJxQqza8yv5/Zo8TCCP5Jw
7P/vK2KQ5CJ4WU89ZSPGZ400aU19UeVnLfxUno8AlheP+cUrpPf9vtAzVfJOC02+
lsrXGSQpyzAGLg/hom/d3oHQY+5OGx16dLt4si4zHtOgjUpByF5VgDn9kExEy73J
WvcTfZ3RgVbDNHOf6izfKvnZ4WtFjW07dfxq5y/Aohqp40zjxKqztRwcKO1tik6s
UmgIQynWv9G3UT4DTr+O0aPQIa6F2IUQ33kPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkRnQpVr431j2GIJ+llvC/iV7x88wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tSblFwVnI0MzFqMkdJ
Si1sbHZDX2lWN3g4OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEACLRXTp82zfex++00atrTwUMw4HrUFyJ0
E/LC795A/TEWLL0mt2cLPeAWpxnJ2DTSpdmktmbT+XSSwIgeoeKe9laPkc8kJXoV
6Eu9hcPNf6q9mAGCxLg2UYiRJUnBpNMbeaN3rYBTnESno42/5klsRe4rMBfyONXC
r8ZuKXZzKX1MyLVxduzD7+M7mBYhd1dumaRlZf0j+RVENH1b7WYBtUkCC6R+DiSa
bnDHds21r3MCCk5/ttnKoNqqcFboj9lyaCVYTt7HHJBKsINFA74aZmLLQkgPwx8L
KEw5+s8c9AjhxXMLAYAaFR0M8Sux2Op3G9thU1TvDuXkA2pBbA+qZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org