Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kgIXuLrlU73OxgT4tKkxjc3sSJk.roa
File: kgIXuLrlU73OxgT4tKkxjc3sSJk.roa (raw, json)
Hash identifier: KdQYKpOnva918xgFsLbFhTyqPBbrscqJXfvOs6SkJZk=
Subject key identifier: 92:02:17:B8:BA:E5:53:BD:CE:C6:04:F8:B4:A9:31:8D:CD:EC:48:99
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 523A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kgIXuLrlU73OxgT4tKkxjc3sSJk.roa
Signing time: Wed 08 May 2024 05:23:56 +0000
ROA not before: Wed 08 May 2024 05:23:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21050 (0x523a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 05:23:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=920217B8BAE553BDCEC604F8B4A9318DCDEC4899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:92:30:88:45:20:b0:5d:9e:c0:c3:fa:78:73:
5b:50:12:03:cd:b7:99:c2:99:43:2f:e0:71:83:63:
fe:77:c6:52:e5:36:5b:07:13:c4:b0:cc:0b:23:d3:
d0:64:e7:70:f4:f4:56:a0:50:cd:17:62:a6:3e:cb:
3c:cc:72:47:d5:27:04:ad:7d:73:82:3e:6d:8f:f3:
86:40:3e:20:d3:55:e5:67:65:ce:15:b0:0b:03:3b:
58:d5:7c:2f:59:31:2c:9e:d2:95:58:17:a5:7e:61:
59:0f:8b:94:b4:8b:b3:e9:0e:c5:fe:23:29:a2:84:
2f:3c:41:a1:17:bb:7f:bc:26:ba:20:a0:9b:fb:64:
dc:d1:cf:cf:5c:a3:17:22:54:3c:ec:67:0d:95:f1:
56:ac:88:50:f7:b0:42:7c:f6:9c:c1:ff:c8:8a:76:
2e:a7:c9:84:17:4c:de:5e:e2:08:b8:a9:cf:90:91:
b3:24:ad:c2:7d:d0:ed:a4:d5:a4:c6:0b:5f:c6:14:
ad:39:e8:9e:0a:0b:21:e1:2c:ba:a8:1d:17:be:98:
00:3d:ed:a1:10:ed:cc:34:f2:2d:c6:b5:44:d8:6e:
93:6c:9e:1d:c3:85:42:87:54:0d:20:1a:93:5e:fe:
a3:5e:fa:bf:3a:59:71:b4:9a:47:c8:01:d7:e5:61:
84:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:02:17:B8:BA:E5:53:BD:CE:C6:04:F8:B4:A9:31:8D:CD:EC:48:99
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kgIXuLrlU73OxgT4tKkxjc3sSJk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:01:21:23:b9:79:a7:f9:73:bc:7c:00:0d:e1:18:48:c8:0c:
71:f1:b3:4f:cc:8e:43:88:72:2d:42:96:b3:53:67:8b:2e:54:
13:83:c5:a1:ae:ec:0b:4a:e7:fc:b1:04:1e:39:fa:da:e8:c2:
f1:aa:79:66:e6:2d:72:d1:44:af:c1:13:00:09:de:f3:f2:6a:
23:a2:fb:47:b0:72:c7:e3:4d:49:2d:5e:0d:d4:64:38:58:33:
22:e3:e9:4e:66:97:97:c3:e3:c0:0b:9e:7b:96:1e:09:1a:e0:
19:c4:ee:f4:87:59:e7:ad:ff:71:2d:e8:f4:f1:1a:f8:e4:c3:
e1:35:14:46:8c:fb:6d:99:1f:98:60:1e:ca:ed:c1:24:66:c2:
0a:ab:41:64:14:9f:6a:03:c1:f1:bf:b0:0d:f2:a3:bb:13:88:
23:51:7b:93:57:a9:52:ab:e8:1b:08:9a:d3:25:96:c4:50:d4:
50:72:95:02:e9:e0:e3:eb:50:d6:85:6a:a2:28:60:a6:1e:83:
33:24:5e:c9:b3:e0:13:c1:96:38:fa:7b:e9:cc:c2:9e:55:d2:
d8:a2:45:f3:91:4a:78:d6:25:f5:df:ac:67:8b:66:8e:ca:df:
40:30:6f:6e:21:8d:ed:33:79:18:66:ef:33:43:b8:42:38:0d:
f7:b6:d5:52
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUjowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw
NTIzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkyMDIxN0I4QkFFNTUz
QkRDRUM2MDRGOEI0QTkzMThEQ0RFQzQ4OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbkjCIRSCwXZ7Aw/p4c1tQEgPNt5nCmUMv4HGDY/53xlLlNlsH
E8SwzAsj09Bk53D09FagUM0XYqY+yzzMckfVJwStfXOCPm2P84ZAPiDTVeVnZc4V
sAsDO1jVfC9ZMSye0pVYF6V+YVkPi5S0i7PpDsX+IymihC88QaEXu3+8JrogoJv7
ZNzRz89coxciVDzsZw2V8VasiFD3sEJ89pzB/8iKdi6nyYQXTN5e4gi4qc+QkbMk
rcJ90O2k1aTGC1/GFK056J4KCyHhLLqoHRe+mAA97aEQ7cw08i3GtUTYbpNsnh3D
hUKHVA0gGpNe/qNe+r86WXG0mkfIAdflYYTPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkgIXuLrlU73OxgT4tKkxjc3sSJkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tnSVh1THJsVTczT3hn
VDR0S2t4amMzc1NKay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKQEhI7l5p/lzvHwADeEYSMgMcfGzT8yO
Q4hyLUKWs1Nniy5UE4PFoa7sC0rn/LEEHjn62ujC8ap5ZuYtctFEr8ETAAne8/Jq
I6L7R7Byx+NNSS1eDdRkOFgzIuPpTmaXl8PjwAuee5YeCRrgGcTu9IdZ563/cS3o
9PEa+OTD4TUURoz7bZkfmGAeyu3BJGbCCqtBZBSfagPB8b+wDfKjuxOII1F7k1ep
UqvoGwia0yWWxFDUUHKVAung4+tQ1oVqoihgph6DMyReybPgE8GWOPp76czCnlXS
2KJF85FKeNYl9d+sZ4tmjsrfQDBvbiGN7TN5GGbvM0O4QjgN97bVUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org