Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kvAyY2zUF97qFmoU7QJho-9486k.roa
File: kvAyY2zUF97qFmoU7QJho-9486k.roa (raw, json)
Hash identifier: O7i+TqSUqCYklr0OGq8rrX7KOLrLMtBvuu6hDzqDVV8=
Subject key identifier: 92:F0:32:63:6C:D4:17:DE:EA:16:6A:14:ED:02:61:A3:EF:78:F3:A9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35EA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kvAyY2zUF97qFmoU7QJho-9486k.roa
Signing time: Sun 31 Mar 2024 11:22:10 +0000
ROA not before: Sun 31 Mar 2024 11:22:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13802 (0x35ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 11:22:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=92F032636CD417DEEA166A14ED0261A3EF78F3A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d0:91:6d:00:34:77:50:9f:a3:f4:c4:18:8d:
2c:9c:91:dd:10:ce:12:80:77:1f:c8:95:b5:88:33:
56:a7:69:69:ae:9e:6e:b0:97:f5:12:77:2c:6a:8e:
ab:a0:e2:f6:bc:ae:cf:6c:57:75:e8:cc:8e:80:ee:
1b:c5:6c:0d:86:68:70:9b:36:6f:d9:26:2e:68:a2:
a3:cc:f5:1b:31:42:35:88:17:4d:15:71:19:35:43:
aa:88:6f:77:7e:aa:60:9d:93:e6:6e:5f:06:89:c1:
74:95:54:c3:cc:9a:e6:7e:2e:33:a7:40:a6:4d:3e:
11:e1:bf:2d:69:47:84:00:a6:fa:37:4d:51:a4:a3:
a1:b0:58:cd:4e:b0:f2:5d:d4:3f:a1:61:44:55:42:
50:07:f3:94:ca:e2:07:f8:d3:d6:34:36:fc:15:bb:
dd:6a:b7:b7:66:f0:0c:07:51:7f:82:a5:a1:17:eb:
2d:89:68:a5:26:97:c1:0b:24:a6:f7:2c:78:3a:fa:
f1:b9:d7:23:01:a4:85:97:ba:85:d8:f8:28:3b:5d:
f0:6a:38:e7:92:0d:b5:89:e6:24:4d:34:a7:ce:f3:
e6:34:5a:2b:82:cb:bc:3a:6a:46:64:bd:db:42:8d:
29:1a:78:e9:b1:69:f4:c0:e0:22:84:a2:af:5a:97:
5f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F0:32:63:6C:D4:17:DE:EA:16:6A:14:ED:02:61:A3:EF:78:F3:A9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kvAyY2zUF97qFmoU7QJho-9486k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:6d:92:26:0e:b8:d0:a6:ef:a8:2c:14:84:bf:40:ce:0e:40:
1e:a7:1b:51:1b:5c:d0:0d:76:2a:3a:6d:b8:b8:04:95:04:49:
47:35:78:fd:57:00:4e:8f:65:bc:e5:c4:14:8f:6e:9b:98:8b:
78:17:2b:74:e6:cb:5b:a8:a1:dc:bd:ba:59:51:24:37:74:7e:
1c:a8:39:9e:70:7a:3b:2e:23:e9:35:8a:18:7f:70:e5:60:f9:
cf:1b:b5:a8:b1:e1:9e:cd:ee:c5:81:94:d9:75:c8:3f:ec:f7:
5f:7c:e9:54:47:18:c9:92:33:f9:75:5e:3a:d2:c2:54:a6:a6:
bb:5e:2f:14:8e:38:4e:1a:52:c0:e1:2b:73:82:08:a1:98:94:
ac:1c:f2:89:03:45:9a:c9:c8:91:54:77:67:27:a8:a3:12:4a:
f9:63:1f:8b:5b:65:e5:ea:d1:50:c4:0b:14:8b:45:c2:fc:7f:
17:46:2a:b5:a9:d2:51:34:b6:da:f1:e0:e8:6d:da:a4:24:30:
37:da:69:29:bb:1c:9d:9d:27:e3:43:a2:c8:f2:a6:77:9e:3b:
dc:59:89:01:bd:22:45:b5:d8:26:06:27:0a:36:63:ec:ca:9e:
c2:da:a2:6f:49:09:f0:8d:96:90:6d:b1:5a:e8:f5:91:fc:fc:
c3:3b:ea:7a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNeowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
MTIyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkyRjAzMjYzNkNENDE3
REVFQTE2NkExNEVEMDI2MUEzRUY3OEYzQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJ0JFtADR3UJ+j9MQYjSyckd0QzhKAdx/IlbWIM1anaWmunm6w
l/USdyxqjqug4va8rs9sV3XozI6A7hvFbA2GaHCbNm/ZJi5ooqPM9RsxQjWIF00V
cRk1Q6qIb3d+qmCdk+ZuXwaJwXSVVMPMmuZ+LjOnQKZNPhHhvy1pR4QApvo3TVGk
o6GwWM1OsPJd1D+hYURVQlAH85TK4gf409Y0NvwVu91qt7dm8AwHUX+CpaEX6y2J
aKUml8ELJKb3LHg6+vG51yMBpIWXuoXY+Cg7XfBqOOeSDbWJ5iRNNKfO8+Y0WiuC
y7w6akZkvdtCjSkaeOmxafTA4CKEoq9al1+BAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkvAyY2zUF97qFmoU7QJho+9486kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2t2QXlZMnpVRjk3cUZt
b1U3UUpoby05NDg2ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAW22SJg640KbvqCwUhL9Azg5AHqcbURtc
0A12KjptuLgElQRJRzV4/VcATo9lvOXEFI9um5iLeBcrdObLW6ih3L26WVEkN3R+
HKg5nnB6Oy4j6TWKGH9w5WD5zxu1qLHhns3uxYGU2XXIP+z3X3zpVEcYyZIz+XVe
OtLCVKamu14vFI44ThpSwOErc4IIoZiUrBzyiQNFmsnIkVR3ZyeooxJK+WMfi1tl
5erRUMQLFItFwvx/F0YqtanSUTS22vHg6G3apCQwN9ppKbscnZ0n40OiyPKmd547
3FmJAb0iRbXYJgYnCjZj7Mqewtqib0kJ8I2WkG2xWuj1kfz8wzvqeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:06 2024 by rpki-client on console-ams.rpki-client.org