Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mvkD3ztcH9RqJ4pvMAnAeHMW02E.roa
File: mvkD3ztcH9RqJ4pvMAnAeHMW02E.roa (raw, json)
Hash identifier: HNLy4BxTVhoZLsQWPc06vfwqRp3NW+YUNxWsNgi/dhc=
Subject key identifier: 9A:F9:03:DF:3B:5C:1F:D4:6A:27:8A:6F:30:09:C0:78:73:16:D3:61
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 361A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mvkD3ztcH9RqJ4pvMAnAeHMW02E.roa
Signing time: Sun 31 Mar 2024 17:22:11 +0000
ROA not before: Sun 31 Mar 2024 17:22:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13850 (0x361a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 17:22:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9AF903DF3B5C1FD46A278A6F3009C0787316D361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a4:f2:7d:27:41:bf:d1:87:8d:a1:1c:72:24:
09:b7:50:38:cd:99:65:1b:b9:9c:79:8c:fa:46:02:
e2:1c:7f:87:eb:f1:1a:13:73:8d:4f:79:a2:99:6c:
1b:bd:22:33:45:90:f9:dd:ec:8b:3a:f8:e0:50:97:
3d:14:94:65:83:a9:86:b8:71:4e:84:05:dd:e0:69:
9b:7d:57:a9:3d:9a:22:28:29:9b:38:31:70:d6:d2:
0d:4b:b7:25:07:6c:0d:c0:13:bc:ee:be:11:61:e8:
c4:34:69:62:a8:b8:52:03:2c:7f:c0:61:d6:82:2b:
b7:c4:fe:17:28:e3:ec:1c:2e:84:68:34:c5:f9:90:
47:55:4b:c4:20:82:b8:72:11:e2:61:a0:af:5c:62:
53:bf:94:5c:55:15:8a:e3:e8:fe:fe:a3:a6:46:41:
6c:72:3b:5d:5f:ed:37:24:dc:a0:75:1f:06:a2:0f:
d1:76:28:17:e0:da:b2:40:d5:5c:f4:69:b3:b3:95:
04:89:41:b5:b6:d2:f8:96:2e:d8:dd:18:bd:1f:1b:
5a:63:64:b2:8f:77:8b:e0:24:23:8e:aa:59:9b:fb:
a8:2a:62:a1:72:24:80:b1:7d:fd:6e:01:26:16:a3:
f4:c1:a4:87:ca:c5:4b:30:f0:7a:76:2a:25:db:f9:
34:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F9:03:DF:3B:5C:1F:D4:6A:27:8A:6F:30:09:C0:78:73:16:D3:61
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mvkD3ztcH9RqJ4pvMAnAeHMW02E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:01:20:2f:4c:3a:54:59:21:b7:17:3a:22:74:44:41:62:c6:
d1:ce:64:a3:c1:31:44:74:d9:a3:f8:19:92:ec:6a:ee:b7:06:
32:c3:21:d3:73:a8:bb:dc:54:65:17:51:62:dc:49:7b:bd:40:
53:32:17:1a:d6:60:82:f9:89:a1:46:75:6d:15:78:82:9f:18:
c1:70:ad:6e:0c:0b:e5:9e:05:50:ee:88:b0:13:6e:e6:30:2e:
7a:84:b8:6d:c3:cb:a3:1d:c8:be:8d:22:e1:7f:88:04:af:28:
38:12:f9:d3:28:c9:f2:7d:b3:12:94:d7:e8:9f:d1:40:32:8d:
34:31:ef:70:f1:1b:97:2b:f2:2a:60:09:05:f9:e3:bf:2f:35:
5a:aa:cb:ea:eb:2f:da:5b:34:61:a9:5b:b2:11:25:da:0c:a9:
91:19:68:41:06:75:34:02:fb:1b:0e:1b:a7:f5:97:c2:a6:86:
94:d9:3f:6c:fd:fb:d9:46:57:20:c6:fc:82:e5:e8:ef:d5:6c:
c5:6c:29:e2:c2:4b:31:cd:17:9a:ca:bc:74:93:7e:0b:d3:40:
50:40:dd:9b:5e:7d:f9:51:f1:36:7b:75:34:67:29:ea:2b:e1:
2b:58:8a:f9:da:0a:38:c8:b5:d6:78:55:ae:6d:22:5a:f5:65:
cd:60:0e:47
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNhowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
NzIyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlBRjkwM0RGM0I1QzFG
RDQ2QTI3OEE2RjMwMDlDMDc4NzMxNkQzNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9pPJ9J0G/0YeNoRxyJAm3UDjNmWUbuZx5jPpGAuIcf4fr8RoT
c41PeaKZbBu9IjNFkPnd7Is6+OBQlz0UlGWDqYa4cU6EBd3gaZt9V6k9miIoKZs4
MXDW0g1LtyUHbA3AE7zuvhFh6MQ0aWKouFIDLH/AYdaCK7fE/hco4+wcLoRoNMX5
kEdVS8QggrhyEeJhoK9cYlO/lFxVFYrj6P7+o6ZGQWxyO11f7Tck3KB1HwaiD9F2
KBfg2rJA1Vz0abOzlQSJQbW20viWLtjdGL0fG1pjZLKPd4vgJCOOqlmb+6gqYqFy
JICxff1uASYWo/TBpIfKxUsw8Hp2KiXb+TRxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUmvkD3ztcH9RqJ4pvMAnAeHMW02EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L212a0QzenRjSDlScUo0
cHZNQW5BZUhNVzAyRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAJgEgL0w6VFkhtxc6InREQWLG0c5ko8Ex
RHTZo/gZkuxq7rcGMsMh03Oou9xUZRdRYtxJe71AUzIXGtZggvmJoUZ1bRV4gp8Y
wXCtbgwL5Z4FUO6IsBNu5jAueoS4bcPLox3Ivo0i4X+IBK8oOBL50yjJ8n2zEpTX
6J/RQDKNNDHvcPEblyvyKmAJBfnjvy81WqrL6usv2ls0YalbshEl2gypkRloQQZ1
NAL7Gw4bp/WXwqaGlNk/bP372UZXIMb8guXo79VsxWwp4sJLMc0Xmsq8dJN+C9NA
UEDdm159+VHxNnt1NGcp6ivhK1iK+doKOMi11nhVrm0iWvVlzWAORw==
-----END CERTIFICATE-----
Generated at Mon Apr 1 00:22:50 2024 by rpki-client on console.sobornost.net