Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/krNvsh19I77UVBrrggybdmtCg5Q.roa
File: krNvsh19I77UVBrrggybdmtCg5Q.roa (raw, json)
Hash identifier: lD4w602gd59szuVOwCHNVSCnn+vWVMyplLNtoBso0y8=
Subject key identifier: 92:B3:6F:B2:1D:7D:23:BE:D4:54:1A:EB:82:0C:9B:76:6B:42:83:94
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47FE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/krNvsh19I77UVBrrggybdmtCg5Q.roa
Signing time: Wed 24 Apr 2024 13:53:14 +0000
ROA not before: Wed 24 Apr 2024 13:53:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18430 (0x47fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 13:53:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=92B36FB21D7D23BED4541AEB820C9B766B428394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6a:5b:a0:c8:28:c2:d4:68:13:74:30:e4:5e:
e4:6c:cd:28:d6:52:58:de:1f:a3:fa:ad:33:ab:e9:
df:4e:e4:1a:8d:9c:fa:94:f9:a8:08:25:bb:e8:ae:
34:3b:af:d3:d1:3a:77:4c:25:b2:f2:11:9e:06:99:
02:e0:52:6d:cc:e2:c3:df:bd:4c:4e:9b:be:04:94:
ba:44:a3:f4:94:67:87:77:29:ee:89:c2:1c:e9:ca:
38:bd:04:c5:fe:37:56:a8:a3:0b:4d:2d:92:cb:fc:
f6:0d:33:33:7a:a5:29:d3:5b:6c:0f:a7:28:c5:66:
56:44:c1:c1:6d:df:e1:a0:3c:5d:34:93:d1:57:7e:
f4:99:dd:18:f5:9a:c7:f9:9d:fb:ec:9f:44:2c:0a:
3c:27:f2:eb:86:f5:a0:ce:7d:75:67:7f:0c:4c:d8:
df:f7:b4:7d:d4:45:09:c8:8c:0b:eb:3a:00:0e:30:
49:b2:3f:8b:a3:05:f3:0e:85:9f:ef:f9:cf:05:67:
20:75:a3:64:c8:eb:9e:01:a1:9a:19:ae:98:89:83:
89:0d:63:0f:4d:4f:ed:f2:d4:44:54:2b:14:de:3f:
dd:ea:c2:d1:9f:f4:eb:a3:24:cd:29:4c:b3:96:10:
63:68:0f:33:51:11:be:e3:ca:25:c1:d0:2b:eb:9c:
13:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B3:6F:B2:1D:7D:23:BE:D4:54:1A:EB:82:0C:9B:76:6B:42:83:94
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/krNvsh19I77UVBrrggybdmtCg5Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:16:3f:38:a3:9c:14:bc:82:ad:85:e5:37:67:0e:01:13:1b:
39:ce:37:5d:40:bc:8e:bb:16:27:e1:01:07:cc:65:5b:0a:98:
db:f2:ed:c3:81:1b:b8:d4:b4:57:03:3d:a0:01:a3:c8:c0:18:
6e:89:08:73:e6:4f:e0:d2:77:03:9d:a4:0f:05:eb:5c:25:eb:
44:89:7a:0c:6d:93:49:ee:e9:f6:ad:9c:66:f3:ae:1e:a5:f6:
01:72:45:9f:7d:5a:16:24:ea:8f:c4:5b:1e:68:1d:74:ce:cb:
57:34:8a:95:44:6b:b6:b5:5d:1c:11:62:51:c7:d5:44:4c:da:
2e:10:8d:02:03:6f:c6:0d:c7:45:b7:50:ad:1e:7d:35:46:20:
f9:d3:33:9c:b1:ed:b3:7c:2a:68:cf:ba:0e:54:17:86:10:3c:
54:7d:5f:b5:07:2e:2c:16:ed:47:2a:1c:0f:39:45:57:18:a5:
d9:da:72:8a:20:eb:63:30:4b:e7:73:8c:24:26:58:c4:63:82:
db:fe:26:75:1b:ab:a1:0d:82:13:c9:5b:68:43:d6:62:c4:8c:
44:97:6a:b9:96:6c:2a:6c:43:f6:56:26:74:6b:3e:15:50:0c:
32:42:25:e3:b1:83:6a:7d:1b:76:e5:60:69:dc:c6:05:08:df:
d8:cb:49:4c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICR/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQx
MzUzMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkyQjM2RkIyMUQ3RDIz
QkVENDU0MUFFQjgyMEM5Qjc2NkI0MjgzOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKalugyCjC1GgTdDDkXuRszSjWUljeH6P6rTOr6d9O5BqNnPqU
+agIJbvorjQ7r9PROndMJbLyEZ4GmQLgUm3M4sPfvUxOm74ElLpEo/SUZ4d3Ke6J
whzpyji9BMX+N1aoowtNLZLL/PYNMzN6pSnTW2wPpyjFZlZEwcFt3+GgPF00k9FX
fvSZ3Rj1msf5nfvsn0QsCjwn8uuG9aDOfXVnfwxM2N/3tH3URQnIjAvrOgAOMEmy
P4ujBfMOhZ/v+c8FZyB1o2TI654BoZoZrpiJg4kNYw9NT+3y1ERUKxTeP93qwtGf
9OujJM0pTLOWEGNoDzNREb7jyiXB0CvrnBOdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkrNvsh19I77UVBrrggybdmtCg5QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tyTnZzaDE5STc3VVZC
cnJnZ3liZG10Q2c1US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEATRY/OKOcFLyCrYXlN2cOARMbOc43XUC8
jrsWJ+EBB8xlWwqY2/Ltw4EbuNS0VwM9oAGjyMAYbokIc+ZP4NJ3A52kDwXrXCXr
RIl6DG2TSe7p9q2cZvOuHqX2AXJFn31aFiTqj8RbHmgddM7LVzSKlURrtrVdHBFi
UcfVREzaLhCNAgNvxg3HRbdQrR59NUYg+dMznLHts3wqaM+6DlQXhhA8VH1ftQcu
LBbtRyocDzlFVxil2dpyiiDrYzBL53OMJCZYxGOC2/4mdRuroQ2CE8lbaEPWYsSM
RJdquZZsKmxD9lYmdGs+FVAMMkIl47GDan0bduVgadzGBQjf2MtJTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org