Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_kER-5lBVHoO6L0WuQDz1b6bnSc.roa
File: _kER-5lBVHoO6L0WuQDz1b6bnSc.roa (raw, json)
Hash identifier: Lmf4+I4ddBCrbgsx4uyq2dtInfVAMrr2biEEFMFQQiQ=
Subject key identifier: FE:41:11:FB:99:41:54:7A:0E:E8:BD:16:B9:00:F3:D5:BE:9B:9D:27
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5662
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_kER-5lBVHoO6L0WuQDz1b6bnSc.roa
Signing time: Mon 13 May 2024 18:24:08 +0000
ROA not before: Mon 13 May 2024 18:24:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22114 (0x5662)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 18:24:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FE4111FB9941547A0EE8BD16B900F3D5BE9B9D27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:df:a1:da:64:9f:26:9f:a7:9d:3a:66:7a:55:
1f:0b:ba:5b:86:60:d0:3b:cb:90:69:10:b3:b6:80:
48:61:45:9a:7d:82:34:90:87:e3:da:89:6b:a0:e0:
b2:58:f3:73:c7:e5:bd:8a:7d:cd:d8:b3:30:cd:7a:
61:a5:a9:a8:94:0e:bf:f9:79:d4:06:2a:63:aa:98:
29:48:33:bb:1e:bd:54:6b:f3:d2:38:5d:d1:e7:2f:
3d:10:1a:97:b1:49:cc:24:1d:a2:28:5a:8c:7c:82:
da:1b:51:ef:66:aa:e0:39:12:8c:b9:bc:18:d4:80:
20:ed:8d:84:56:14:87:a2:82:d2:9d:c0:d0:bb:17:
00:dc:81:8c:33:15:b1:ab:7c:8c:ae:54:bf:3c:1b:
cc:55:7f:0e:47:47:ef:0c:3c:a7:08:f5:2e:31:0c:
05:0e:b9:6c:04:c1:26:2b:76:57:0c:c8:9c:9d:b1:
bb:e3:62:40:e5:44:f0:a1:52:64:ba:29:73:54:5c:
f7:33:56:72:cc:06:4e:d7:4d:7c:32:cc:7f:bb:5a:
31:61:44:14:e4:c6:07:ab:17:b0:27:db:49:62:a0:
7a:5f:ef:06:0a:91:7f:91:b8:66:8f:7e:95:e7:54:
23:6f:6a:0a:61:41:55:c3:5a:79:17:ed:08:12:0b:
b8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:41:11:FB:99:41:54:7A:0E:E8:BD:16:B9:00:F3:D5:BE:9B:9D:27
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_kER-5lBVHoO6L0WuQDz1b6bnSc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:44:e2:bc:1c:71:2e:37:f8:41:b3:31:bb:0d:5f:62:59:14:
1d:68:43:86:3b:84:9d:33:39:20:d5:a3:a5:a3:59:ef:3b:d1:
1e:65:61:46:ea:6a:2c:c1:29:d8:d3:09:c7:cd:05:1f:8d:df:
fa:85:ff:1a:9d:c1:2f:20:47:b4:da:9b:1f:65:b1:14:b7:2a:
8f:61:5f:ab:d3:4b:4d:23:8f:4d:fb:45:d1:25:ab:44:60:37:
14:f1:39:20:b2:65:48:9f:56:bf:10:a8:05:29:c1:4d:8b:9d:
13:56:46:72:89:36:d5:70:7b:f3:34:17:73:39:34:f3:13:29:
00:89:ef:ed:84:dd:2c:99:2d:20:8a:e2:e2:ae:5a:ba:05:65:
86:49:c5:f9:f0:e9:c2:12:cc:b7:a9:23:e5:33:67:a3:78:01:
31:7b:21:53:48:79:ae:87:68:8b:10:17:43:df:08:f0:c9:63:
e2:33:1b:ff:6b:d5:6e:79:7e:1b:0f:c6:81:e7:73:f9:4f:98:
d1:fa:59:f4:f3:d4:78:77:88:3f:f9:69:7b:56:d9:6e:c6:27:
43:c4:ef:49:f3:cd:91:f5:a6:37:51:01:10:e3:67:f0:2d:e4:
c8:37:3a:7b:f2:be:f2:ff:62:32:57:c4:f0:18:75:22:f9:67:
03:85:d1:d2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVmIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMx
ODI0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZFNDExMUZCOTk0MTU0
N0EwRUU4QkQxNkI5MDBGM0Q1QkU5QjlEMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC336HaZJ8mn6edOmZ6VR8LuluGYNA7y5BpELO2gEhhRZp9gjSQ
h+PaiWug4LJY83PH5b2Kfc3YszDNemGlqaiUDr/5edQGKmOqmClIM7sevVRr89I4
XdHnLz0QGpexScwkHaIoWox8gtobUe9mquA5Eoy5vBjUgCDtjYRWFIeigtKdwNC7
FwDcgYwzFbGrfIyuVL88G8xVfw5HR+8MPKcI9S4xDAUOuWwEwSYrdlcMyJydsbvj
YkDlRPChUmS6KXNUXPczVnLMBk7XTXwyzH+7WjFhRBTkxgerF7An20lioHpf7wYK
kX+RuGaPfpXnVCNvagphQVXDWnkX7QgSC7hZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU/kER+5lBVHoO6L0WuQDz1b6bnScwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19rRVItNWxCVkhvTzZM
MFd1UUR6MWI2Ym5TYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAW0TivBxxLjf4QbMxuw1fYlkUHWhDhjuE
nTM5INWjpaNZ7zvRHmVhRupqLMEp2NMJx80FH43f+oX/Gp3BLyBHtNqbH2WxFLcq
j2Ffq9NLTSOPTftF0SWrRGA3FPE5ILJlSJ9WvxCoBSnBTYudE1ZGcok21XB78zQX
czk08xMpAInv7YTdLJktIIri4q5augVlhknF+fDpwhLMt6kj5TNno3gBMXshU0h5
rodoixAXQ98I8Mlj4jMb/2vVbnl+Gw/Ggedz+U+Y0fpZ9PPUeHeIP/lpe1bZbsYn
Q8TvSfPNkfWmN1EBEONn8C3kyDc6e/K+8v9iMlfE8Bh1IvlnA4XR0g==
-----END CERTIFICATE-----
Generated at Mon May 13 23:37:17 2024 by rpki-client on console.sobornost.net