Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kgy65wOjTaRt6HQcM8pc6igUOFI.roa
File: kgy65wOjTaRt6HQcM8pc6igUOFI.roa (raw, json)
Hash identifier: xxTP/8mWStOQyaPrwbfl7HpcZAfZniEhXX4dqy8P45k=
Subject key identifier: 92:0C:BA:E7:03:A3:4D:A4:6D:E8:74:1C:33:CA:5C:EA:28:14:38:52
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47C2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kgy65wOjTaRt6HQcM8pc6igUOFI.roa
Signing time: Wed 24 Apr 2024 06:23:34 +0000
ROA not before: Wed 24 Apr 2024 06:23:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18370 (0x47c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 06:23:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=920CBAE703A34DA46DE8741C33CA5CEA28143852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:80:e6:f9:0c:f6:48:01:32:45:73:a5:c9:63:
64:73:86:72:7a:9a:61:54:a8:e8:de:78:84:66:03:
67:c1:64:f4:72:a6:d1:10:fb:32:e8:0e:d7:d9:91:
dc:00:d0:1b:58:e9:17:17:7b:a2:91:a0:83:17:43:
a4:c0:63:7c:a6:45:6a:5e:dd:23:2e:01:03:d2:92:
6d:60:c1:42:e9:e9:7a:c4:cb:5c:1d:e8:ee:4c:3b:
f2:f9:51:51:6b:94:8a:5f:ea:1e:e7:01:74:10:8d:
ab:36:86:74:fc:c8:aa:09:20:59:32:3b:3f:36:91:
78:dd:2f:4e:35:5f:f0:53:34:4d:d8:c7:29:5a:b7:
bb:90:3a:91:1d:21:23:ae:cf:60:f4:e2:7a:18:ab:
29:d3:ba:7c:b3:4e:c0:e4:9a:71:a3:04:d1:58:12:
32:8e:40:2f:12:2b:7c:80:2c:55:d8:62:ce:0c:1f:
07:17:7d:f4:76:3b:b2:d7:7c:4c:41:03:5a:80:7c:
59:7e:05:0d:27:76:4f:27:6d:88:5e:f6:cc:55:62:
1e:b3:62:1d:fb:97:d3:56:08:4c:d3:c3:3c:3b:97:
ee:eb:bb:a6:a7:79:c0:53:4e:73:ab:a3:58:7c:21:
9f:b9:3e:e0:99:3a:08:ba:5f:64:ec:0f:9d:40:d7:
85:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0C:BA:E7:03:A3:4D:A4:6D:E8:74:1C:33:CA:5C:EA:28:14:38:52
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kgy65wOjTaRt6HQcM8pc6igUOFI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:58:56:4b:25:2b:d9:3f:3f:18:f3:68:6d:67:9f:41:d0:3f:
30:3e:4d:9d:d2:8d:fd:47:36:03:8e:7c:20:03:a3:ef:63:fc:
ef:2d:2e:7d:02:cf:93:3b:2c:70:28:33:dd:2a:9a:2b:5a:39:
6f:ee:98:c1:4b:fd:a9:27:70:6b:7c:a6:14:c4:b1:bc:9f:12:
22:c1:76:fc:24:38:d1:b6:10:f3:42:df:5e:bb:bf:96:f7:e1:
36:68:01:e3:64:69:2e:07:4e:54:fe:3c:7a:7d:25:12:d1:d8:
45:74:64:bf:73:09:80:d3:fa:2f:1c:51:a2:d3:a8:d4:45:c5:
50:27:0c:02:5b:dc:8f:61:7e:9b:d3:1b:12:05:4d:88:a9:d9:
ae:b9:ee:af:58:3a:ef:f3:b7:4d:f5:55:b5:d6:34:aa:b4:9b:
44:de:b4:c1:03:ea:dd:48:9e:41:b9:02:cb:b0:58:e4:1d:ab:
ae:bf:d1:16:0b:2e:3e:74:5c:a6:a9:96:7e:86:29:d6:24:36:
c3:01:8f:7e:3a:e5:0a:bc:03:0b:99:44:51:77:07:9d:9f:33:
6c:eb:0a:48:3e:c7:6b:9e:20:c8:de:de:9a:45:15:74:94:8d:
20:9b:05:a0:e9:21:36:ea:eb:72:03:92:22:e9:e2:6c:c8:62:
23:f2:6f:e7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR8IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
NjIzMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkyMENCQUU3MDNBMzRE
QTQ2REU4NzQxQzMzQ0E1Q0VBMjgxNDM4NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsgOb5DPZIATJFc6XJY2RzhnJ6mmFUqOjeeIRmA2fBZPRyptEQ
+zLoDtfZkdwA0BtY6RcXe6KRoIMXQ6TAY3ymRWpe3SMuAQPSkm1gwULp6XrEy1wd
6O5MO/L5UVFrlIpf6h7nAXQQjas2hnT8yKoJIFkyOz82kXjdL041X/BTNE3Yxyla
t7uQOpEdISOuz2D04noYqynTunyzTsDkmnGjBNFYEjKOQC8SK3yALFXYYs4MHwcX
ffR2O7LXfExBA1qAfFl+BQ0ndk8nbYhe9sxVYh6zYh37l9NWCEzTwzw7l+7ru6an
ecBTTnOro1h8IZ+5PuCZOgi6X2TsD51A14UpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkgy65wOjTaRt6HQcM8pc6igUOFIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tneTY1d09qVGFSdDZI
UWNNOHBjNmlnVU9GSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAClhWSyUr2T8/GPNobWefQdA/MD5NndKN
/Uc2A458IAOj72P87y0ufQLPkzsscCgz3SqaK1o5b+6YwUv9qSdwa3ymFMSxvJ8S
IsF2/CQ40bYQ80LfXru/lvfhNmgB42RpLgdOVP48en0lEtHYRXRkv3MJgNP6LxxR
otOo1EXFUCcMAlvcj2F+m9MbEgVNiKnZrrnur1g67/O3TfVVtdY0qrSbRN60wQPq
3UieQbkCy7BY5B2rrr/RFgsuPnRcpqmWfoYp1iQ2wwGPfjrlCrwDC5lEUXcHnZ8z
bOsKSD7Ha54gyN7emkUVdJSNIJsFoOkhNurrcgOSIunibMhiI/Jv5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org