Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/keKhpRLmP_vkQu6TNi5Sz98eivM.roa
File: keKhpRLmP_vkQu6TNi5Sz98eivM.roa (raw, json)
Hash identifier: skFmTXJGOmep/OZv+0QI3mGop7QACQoPkIFiKod4aG8=
Subject key identifier: 91:E2:A1:A5:12:E6:3F:FB:E4:42:EE:93:36:2E:52:CF:DF:1E:8A:F3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D02
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/keKhpRLmP_vkQu6TNi5Sz98eivM.roa
Signing time: Wed 01 May 2024 06:23:37 +0000
ROA not before: Wed 01 May 2024 06:23:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19714 (0x4d02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 06:23:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=91E2A1A512E63FFBE442EE93362E52CFDF1E8AF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:57:8e:a4:fb:0e:be:34:45:df:f0:bb:58:e0:
2e:3b:46:41:83:53:0a:f7:fe:46:bd:8c:e7:99:60:
99:e7:b8:c3:f4:82:33:08:10:ad:fa:e8:2a:d5:b4:
8d:96:4d:f5:fc:88:72:30:31:3c:c3:69:29:b1:e8:
51:0a:db:a1:75:d9:d2:e2:60:8e:3f:38:0c:4a:4c:
6d:d9:2a:b4:87:66:38:62:f2:d5:60:23:7d:76:b7:
7d:86:54:8d:ae:83:7b:22:a3:fa:39:8d:44:4f:e2:
ab:69:da:c4:9e:34:56:37:a5:fa:4d:c0:d2:ad:5e:
a4:9e:6f:16:ee:32:15:38:4b:d6:a5:e8:f6:16:b2:
dc:dd:50:e3:6b:62:a5:56:80:98:76:78:b3:43:ea:
61:20:91:61:98:b3:54:43:19:12:af:ac:bf:bb:9e:
a3:69:7e:85:17:8a:88:0d:22:dc:b7:de:e2:fb:9c:
c6:63:c4:aa:16:16:3d:31:78:bb:43:a3:f7:fa:fc:
97:32:45:aa:58:fe:07:21:2a:8c:88:08:3f:aa:52:
3c:ee:86:7e:72:ef:59:1a:63:bf:03:10:ed:29:5e:
34:d7:85:8d:f4:8b:04:ff:2f:70:21:e9:f0:bf:7e:
dd:66:9f:95:84:3c:3a:92:8b:70:23:3e:54:36:39:
f1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E2:A1:A5:12:E6:3F:FB:E4:42:EE:93:36:2E:52:CF:DF:1E:8A:F3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/keKhpRLmP_vkQu6TNi5Sz98eivM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:47:31:a2:49:8c:f9:3f:7b:a9:1c:5b:76:20:67:ff:27:34:
9a:1f:3d:38:42:69:62:7c:5c:0a:de:c6:02:59:06:5b:7c:47:
6a:39:1c:00:6f:51:6e:c5:93:c1:32:49:04:fa:d4:9f:13:27:
db:b3:55:99:f0:47:60:ce:ae:ca:c3:65:13:7e:82:a8:8d:ad:
99:50:ea:d6:e1:f9:63:0a:9b:27:9d:a7:f6:fd:14:d5:64:98:
80:84:bd:2d:e3:87:77:65:95:72:b6:ff:0a:da:88:06:74:aa:
57:f5:1e:62:69:d2:6d:e5:51:70:a2:6b:e7:8c:ce:43:6f:83:
3d:51:10:ef:98:12:94:76:f2:06:fc:53:53:8e:27:95:18:5a:
c0:11:26:c1:aa:58:78:69:d4:76:d2:44:46:da:ef:51:f1:97:
b9:70:cf:49:43:9e:f1:98:e0:9a:0b:43:31:a1:af:c3:c2:3d:
59:62:4c:ad:97:1f:62:da:ad:ec:f5:ea:3f:54:29:94:f7:23:
5d:a7:01:ee:6c:a1:24:5a:8f:8c:6f:7c:3e:34:ed:4b:29:fd:
3e:1c:79:d5:91:1b:17:1c:bc:d6:45:f7:6c:58:46:1e:0e:00:
89:94:c3:da:48:b3:bd:54:1e:ee:f8:6f:94:be:d1:79:bc:0a:
02:51:05:84
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTQIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEw
NjIzMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxRTJBMUE1MTJFNjNG
RkJFNDQyRUU5MzM2MkU1MkNGREYxRThBRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtV46k+w6+NEXf8LtY4C47RkGDUwr3/ka9jOeZYJnnuMP0gjMI
EK366CrVtI2WTfX8iHIwMTzDaSmx6FEK26F12dLiYI4/OAxKTG3ZKrSHZjhi8tVg
I312t32GVI2ug3sio/o5jURP4qtp2sSeNFY3pfpNwNKtXqSebxbuMhU4S9al6PYW
stzdUONrYqVWgJh2eLND6mEgkWGYs1RDGRKvrL+7nqNpfoUXiogNIty33uL7nMZj
xKoWFj0xeLtDo/f6/JcyRapY/gchKoyICD+qUjzuhn5y71kaY78DEO0pXjTXhY30
iwT/L3Ah6fC/ft1mn5WEPDqSi3AjPlQ2OfE3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkeKhpRLmP/vkQu6TNi5Sz98eivMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tlS2hwUkxtUF92a1F1
NlROaTVTejk4ZWl2TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEArEcxokmM+T97qRxbdiBn/yc0mh89OEJp
YnxcCt7GAlkGW3xHajkcAG9RbsWTwTJJBPrUnxMn27NVmfBHYM6uysNlE36CqI2t
mVDq1uH5YwqbJ52n9v0U1WSYgIS9LeOHd2WVcrb/CtqIBnSqV/UeYmnSbeVRcKJr
54zOQ2+DPVEQ75gSlHbyBvxTU44nlRhawBEmwapYeGnUdtJERtrvUfGXuXDPSUOe
8ZjgmgtDMaGvw8I9WWJMrZcfYtqt7PXqP1QplPcjXacB7myhJFqPjG98PjTtSyn9
Phx51ZEbFxy81kX3bFhGHg4AiZTD2kizvVQe7vhvlL7RebwKAlEFhA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org