Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kfP5s6W-U6mRm_4-z4xXGjWmmWc.roa
File: kfP5s6W-U6mRm_4-z4xXGjWmmWc.roa (raw, json)
Hash identifier: EvLBzBbto/qzB9OXkcc8Tj5oHdjT/ChmgkXaZqbw6ys=
Subject key identifier: 91:F3:F9:B3:A5:BE:53:A9:91:9B:FE:3E:CF:8C:57:1A:35:A6:99:67
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34BA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kfP5s6W-U6mRm_4-z4xXGjWmmWc.roa
Signing time: Fri 29 Mar 2024 21:22:35 +0000
ROA not before: Fri 29 Mar 2024 21:22:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13498 (0x34ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 21:22:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=91F3F9B3A5BE53A9919BFE3ECF8C571A35A69967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:3e:30:8a:ce:01:a4:f8:38:0f:92:56:93:d6:
fe:67:94:05:a1:3a:5b:98:2b:27:42:68:e4:5c:75:
83:6f:ea:84:0c:06:bb:e2:78:c4:41:0e:9f:1c:27:
4e:59:6c:3c:6c:76:0a:4b:7e:17:bc:45:63:75:84:
12:66:e3:7a:66:9a:9a:6b:ec:d3:5b:e8:64:71:c0:
af:0a:6e:6f:05:07:f5:ba:2e:c0:66:49:50:80:38:
13:81:ea:69:c5:77:b5:4c:c9:43:3e:c8:98:92:a4:
29:d8:d2:d7:c6:52:da:fb:b5:b0:2f:9c:74:95:bc:
e3:c0:0f:51:11:30:81:d4:17:45:9f:49:1d:0f:42:
3a:16:5b:b1:1b:60:e4:41:2f:17:e9:fe:ba:af:75:
bf:60:03:9f:89:56:29:9d:ae:c1:41:3c:c1:f0:11:
ed:dd:30:58:4c:88:22:04:51:29:ba:55:c2:8a:d4:
03:c6:18:6d:a6:73:65:0e:31:12:13:8d:d9:f0:e6:
13:d9:2b:f3:bd:1a:f6:e4:a1:8d:07:7c:34:fa:5c:
15:2b:4c:24:4b:25:2f:c7:a1:ed:be:25:93:ab:ab:
18:61:b9:1f:24:44:1c:12:32:16:0d:f4:9e:d9:4e:
33:a2:9d:f3:c4:2d:49:9a:a1:13:01:9e:22:b7:c2:
81:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F3:F9:B3:A5:BE:53:A9:91:9B:FE:3E:CF:8C:57:1A:35:A6:99:67
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kfP5s6W-U6mRm_4-z4xXGjWmmWc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:fd:d9:b1:74:18:59:77:71:a5:d1:94:eb:6e:d6:35:f4:d0:
29:0a:e1:c4:af:32:e8:b6:bb:fe:d7:db:fa:e4:45:3d:6e:6a:
3f:96:ab:14:a7:dd:72:eb:ba:0c:5f:9a:93:fe:e4:72:9e:48:
3d:91:8b:7d:5d:cf:90:71:cd:f5:46:6b:67:b7:94:ef:1c:71:
26:89:b1:5c:48:24:fd:98:46:b0:7c:94:88:5d:ee:e1:31:61:
1c:00:ae:50:7b:70:97:f3:54:c5:d7:56:6d:fb:57:da:0a:71:
3b:da:64:a2:f3:d8:37:71:58:a4:86:88:b6:54:e8:a8:bf:67:
d4:61:92:06:0e:ae:c1:23:c2:d4:ad:2f:57:9a:4d:20:e3:98:
aa:8f:59:a5:82:7c:e3:8a:6a:fc:5f:a4:cd:0c:d1:92:f4:f7:
20:eb:b4:a3:fe:8e:60:b3:b3:47:b8:4b:31:fa:39:d8:49:10:
e6:1f:01:40:1a:c4:67:42:fb:08:4a:b2:ee:bb:64:89:4f:48:
6c:8f:19:eb:96:41:8a:44:de:f3:fa:40:26:8e:4e:5d:d7:24:
a7:24:14:d5:bb:34:28:17:1c:cd:e3:b9:ec:bb:ef:5b:2e:0b:
95:d1:04:64:70:0b:3d:15:61:f9:76:64:3b:2d:a1:34:ba:b9:
33:69:ff:48
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNLowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjky
MTIyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxRjNGOUIzQTVCRTUz
QTk5MTlCRkUzRUNGOEM1NzFBMzVBNjk5NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXPjCKzgGk+DgPklaT1v5nlAWhOluYKydCaORcdYNv6oQMBrvi
eMRBDp8cJ05ZbDxsdgpLfhe8RWN1hBJm43pmmppr7NNb6GRxwK8Kbm8FB/W6LsBm
SVCAOBOB6mnFd7VMyUM+yJiSpCnY0tfGUtr7tbAvnHSVvOPAD1ERMIHUF0WfSR0P
QjoWW7EbYORBLxfp/rqvdb9gA5+JVimdrsFBPMHwEe3dMFhMiCIEUSm6VcKK1APG
GG2mc2UOMRITjdnw5hPZK/O9GvbkoY0HfDT6XBUrTCRLJS/Hoe2+JZOrqxhhuR8k
RBwSMhYN9J7ZTjOinfPELUmaoRMBniK3woGZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkfP5s6W+U6mRm/4+z4xXGjWmmWcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tmUDVzNlctVTZtUm1f
NC16NHhYR2pXbW1XYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAgf3ZsXQYWXdxpdGU627WNfTQKQrhxK8y
6La7/tfb+uRFPW5qP5arFKfdcuu6DF+ak/7kcp5IPZGLfV3PkHHN9UZrZ7eU7xxx
JomxXEgk/ZhGsHyUiF3u4TFhHACuUHtwl/NUxddWbftX2gpxO9pkovPYN3FYpIaI
tlToqL9n1GGSBg6uwSPC1K0vV5pNIOOYqo9ZpYJ844pq/F+kzQzRkvT3IOu0o/6O
YLOzR7hLMfo52EkQ5h8BQBrEZ0L7CEqy7rtkiU9IbI8Z65ZBikTe8/pAJo5OXdck
pyQU1bs0KBcczeO57LvvWy4LldEEZHALPRVh+XZkOy2hNLq5M2n/SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org