Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kXzsd0UCBoYyKx03JdfgskysX_o.roa
File: kXzsd0UCBoYyKx03JdfgskysX_o.roa (raw, json)
Hash identifier: r08fqNb6zeJhyfOHTI1aisuFY1Hj/T88YOyQfrCkHz8=
Subject key identifier: 91:7C:EC:77:45:02:06:86:32:2B:1D:37:25:D7:E0:B2:4C:AC:5F:FA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 376E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kXzsd0UCBoYyKx03JdfgskysX_o.roa
Signing time: Tue 02 Apr 2024 11:52:18 +0000
ROA not before: Tue 02 Apr 2024 11:52:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14190 (0x376e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 11:52:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=917CEC7745020686322B1D3725D7E0B24CAC5FFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:1b:bc:7e:ca:17:8e:6e:96:e1:68:05:88:d5:
17:6d:74:73:16:82:5c:fe:0e:ce:a9:4a:5e:2d:82:
27:68:dc:1c:46:c4:1b:ca:db:6b:9a:5c:da:c0:48:
f2:dd:e6:25:7b:f5:7f:11:d3:01:6b:87:3d:7b:1a:
df:7a:ea:bc:5c:a7:88:e3:80:48:66:d9:86:83:06:
ef:53:67:32:57:2d:f3:96:e7:37:23:bf:05:01:15:
2f:f7:f9:7e:a7:86:06:aa:72:8e:2f:ff:f1:e7:f5:
f0:45:e7:81:81:ce:a0:b2:03:35:4c:e6:78:f3:94:
83:d6:52:98:2d:a0:7f:36:06:66:5d:92:b9:57:f2:
5e:8b:9e:80:cc:cf:23:4c:19:c0:04:b6:0b:bf:0f:
34:a8:ab:4d:1e:a9:2c:c6:a0:a9:af:30:b3:ab:20:
02:40:00:ae:3e:26:6f:f0:c2:ea:d4:00:53:50:83:
47:8d:59:a1:5a:fd:b0:e1:00:c7:e3:b1:24:4d:5a:
45:09:e5:21:67:20:c9:f8:b0:83:2b:7f:30:5c:f2:
ef:75:da:b0:2a:2e:60:79:a3:a7:d3:53:c7:4e:07:
5b:a7:95:08:33:30:c2:f5:80:4f:e1:1d:c8:36:64:
5a:bf:35:e0:85:eb:fc:13:93:ff:32:f4:09:5b:8d:
39:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7C:EC:77:45:02:06:86:32:2B:1D:37:25:D7:E0:B2:4C:AC:5F:FA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kXzsd0UCBoYyKx03JdfgskysX_o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a3:8d:63:2f:45:d6:ec:88:de:2d:5a:39:e7:19:a0:94:99:c7:
76:01:89:b5:88:d5:49:45:b1:fa:9f:17:5a:62:87:84:36:e2:
fd:bc:b8:82:84:53:b8:91:18:f5:c1:75:b1:7e:b1:23:1b:0a:
17:5c:48:b1:93:63:b6:d9:6d:61:54:9b:b6:98:8d:89:6f:56:
96:65:05:c6:40:20:92:33:90:8b:4d:27:65:c8:89:8b:76:18:
5a:7e:da:7c:30:51:11:43:2e:3d:bd:b0:2b:08:9f:0b:4d:ec:
07:30:db:6f:d8:77:fe:90:f7:11:53:f8:69:3f:11:52:20:69:
fa:c9:c8:57:34:fe:31:07:c1:f0:66:67:a4:d3:fa:58:67:c4:
ea:2d:68:9b:22:49:51:59:b2:86:db:42:b8:06:47:11:34:6b:
09:37:b5:7a:93:ca:27:bf:8a:a9:63:dc:a2:b7:82:95:56:54:
bb:f7:30:89:7b:b8:5c:08:cd:61:7c:cb:2e:ee:5b:cc:56:0c:
41:e8:42:70:dd:01:be:f6:40:bf:ba:ee:55:5c:7b:7a:10:91:
11:8b:7e:78:be:dc:bf:f9:49:79:76:5b:e4:4d:72:61:72:2f:
60:7a:20:3f:c7:82:9d:b3:b3:1b:05:46:a8:85:a7:0b:f0:91:
7e:4b:9f:81
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICN24wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIx
MTUyMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxN0NFQzc3NDUwMjA2
ODYzMjJCMUQzNzI1RDdFMEIyNENBQzVGRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsG7x+yheObpbhaAWI1RdtdHMWglz+Ds6pSl4tgido3BxGxBvK
22uaXNrASPLd5iV79X8R0wFrhz17Gt966rxcp4jjgEhm2YaDBu9TZzJXLfOW5zcj
vwUBFS/3+X6nhgaqco4v//Hn9fBF54GBzqCyAzVM5njzlIPWUpgtoH82BmZdkrlX
8l6LnoDMzyNMGcAEtgu/DzSoq00eqSzGoKmvMLOrIAJAAK4+Jm/wwurUAFNQg0eN
WaFa/bDhAMfjsSRNWkUJ5SFnIMn4sIMrfzBc8u912rAqLmB5o6fTU8dOB1unlQgz
MML1gE/hHcg2ZFq/NeCF6/wTk/8y9AlbjTmRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkXzsd0UCBoYyKx03JdfgskysX/owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tYenNkMFVDQm9ZeUt4
MDNKZGZnc2t5c1hfby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAo41jL0XW7IjeLVo55xmglJnHdgGJtYjV
SUWx+p8XWmKHhDbi/by4goRTuJEY9cF1sX6xIxsKF1xIsZNjttltYVSbtpiNiW9W
lmUFxkAgkjOQi00nZciJi3YYWn7afDBREUMuPb2wKwifC03sBzDbb9h3/pD3EVP4
aT8RUiBp+snIVzT+MQfB8GZnpNP6WGfE6i1omyJJUVmyhttCuAZHETRrCTe1epPK
J7+KqWPcoreClVZUu/cwiXu4XAjNYXzLLu5bzFYMQehCcN0BvvZAv7ruVVx7ehCR
EYt+eL7cv/lJeXZb5E1yYXIvYHogP8eCnbOzGwVGqIWnC/CRfkufgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org