Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BDoolwYLu4ylcTsWrBJ29_ZY1TM.roa
File: BDoolwYLu4ylcTsWrBJ29_ZY1TM.roa (raw, json)
Hash identifier: r53VNcu9SMY8kAj7ArTgndJ514EI7+PhFl0PCjayEVE=
Subject key identifier: 04:3A:28:97:06:0B:BB:8C:A5:71:3B:16:AC:12:76:F7:F6:58:D5:33
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3562
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BDoolwYLu4ylcTsWrBJ29_ZY1TM.roa
Signing time: Sat 30 Mar 2024 18:22:08 +0000
ROA not before: Sat 30 Mar 2024 18:22:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13666 (0x3562)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 18:22:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=043A2897060BBB8CA5713B16AC1276F7F658D533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:66:ec:59:84:f0:77:19:6f:cc:35:64:bb:54:
e3:36:a3:64:e7:81:65:64:7b:c7:6b:83:5e:74:f0:
e3:22:8a:a1:37:0e:ca:31:35:70:fc:37:54:fd:d3:
f7:b0:73:59:fe:6a:ea:af:3c:6e:fc:86:06:cf:37:
eb:fd:13:42:a6:95:c3:47:b1:67:4c:ea:39:ac:fa:
57:e9:38:d7:32:af:36:d2:aa:fb:2a:9e:02:ee:74:
0c:8f:9d:3c:20:f5:07:7c:84:c5:18:89:95:93:d4:
d1:c3:35:69:f4:a8:28:40:39:3b:f7:05:c9:cd:bb:
f3:3c:06:4a:f8:94:df:ce:c1:15:17:11:28:87:d8:
4c:62:c1:04:5c:26:d4:eb:e7:9e:32:ef:60:91:00:
cd:0b:3e:0f:74:48:44:03:87:51:9c:df:19:f5:95:
0e:23:2a:c5:b8:9c:5f:fa:c6:6d:f4:89:32:a4:c6:
e8:84:7c:61:23:fb:ef:e5:3d:f1:cd:f3:0f:df:49:
e2:cd:76:dc:4e:56:b2:2b:46:1e:6a:16:76:69:fc:
8a:d8:f4:8f:14:84:fd:cd:4c:72:52:5f:30:3f:cb:
09:ca:58:1e:bc:33:3b:36:e5:53:33:30:87:52:ae:
14:a8:50:6b:95:44:be:2c:73:cc:b5:25:8b:e4:4a:
16:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:3A:28:97:06:0B:BB:8C:A5:71:3B:16:AC:12:76:F7:F6:58:D5:33
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BDoolwYLu4ylcTsWrBJ29_ZY1TM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b6:1a:b2:67:b5:05:3d:2c:80:4a:15:6d:59:c5:1f:ee:39:61:
56:e4:84:3f:a0:5a:bb:2f:59:0a:5f:28:9f:05:74:59:26:06:
71:25:92:5e:47:60:0a:4f:66:fc:29:7e:d2:e8:33:a5:6d:4a:
f2:86:2f:c1:71:9f:5b:67:29:f9:4b:11:6f:3d:3a:d9:01:97:
6e:18:f5:14:fc:d3:0f:d6:6c:26:e3:8b:40:48:e7:c4:4e:02:
02:27:e3:fe:67:d0:04:ad:7e:94:57:8a:de:58:24:5d:d6:b5:
33:84:ef:ab:7e:10:5f:19:f7:1e:bb:62:b8:68:4f:bb:6a:9d:
68:f5:26:ba:9d:b8:30:0c:2c:f3:7d:c8:6f:2b:c8:ac:86:09:
cf:80:5c:e4:04:30:ea:f1:3c:28:75:ac:c9:a5:d4:34:4a:a8:
66:b2:f7:01:56:a2:e1:2f:29:e6:06:8a:cc:aa:10:9b:c0:c7:
b1:48:b7:55:88:68:94:89:60:66:4d:1e:c5:f0:63:7c:27:dc:
c5:a8:d6:0a:38:6b:fd:e3:76:7b:2a:9e:3d:2a:e7:50:98:79:
91:ae:c3:70:fd:7e:fa:80:b4:e0:c0:ba:ef:6d:0a:a4:0e:f2:
dd:34:95:fc:9e:a3:c8:09:da:fb:49:a0:d9:92:99:c3:33:76:
ba:19:81:7f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
ODIyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA0M0EyODk3MDYwQkJC
OENBNTcxM0IxNkFDMTI3NkY3RjY1OEQ1MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3ZuxZhPB3GW/MNWS7VOM2o2TngWVke8drg1508OMiiqE3Dsox
NXD8N1T90/ewc1n+auqvPG78hgbPN+v9E0KmlcNHsWdM6jms+lfpONcyrzbSqvsq
ngLudAyPnTwg9Qd8hMUYiZWT1NHDNWn0qChAOTv3BcnNu/M8Bkr4lN/OwRUXESiH
2ExiwQRcJtTr554y72CRAM0LPg90SEQDh1Gc3xn1lQ4jKsW4nF/6xm30iTKkxuiE
fGEj++/lPfHN8w/fSeLNdtxOVrIrRh5qFnZp/IrY9I8UhP3NTHJSXzA/ywnKWB68
Mzs25VMzMIdSrhSoUGuVRL4sc8y1JYvkShYPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBDoolwYLu4ylcTsWrBJ29/ZY1TMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JEb29sd1lMdTR5bGNU
c1dyQkoyOV9aWTFUTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAthqyZ7UFPSyAShVtWcUf7jlhVuSEP6Ba
uy9ZCl8onwV0WSYGcSWSXkdgCk9m/Cl+0ugzpW1K8oYvwXGfW2cp+UsRbz062QGX
bhj1FPzTD9ZsJuOLQEjnxE4CAifj/mfQBK1+lFeK3lgkXda1M4Tvq34QXxn3Hrti
uGhPu2qdaPUmup24MAws833IbyvIrIYJz4Bc5AQw6vE8KHWsyaXUNEqoZrL3AVai
4S8p5gaKzKoQm8DHsUi3VYholIlgZk0exfBjfCfcxajWCjhr/eN2eyqePSrnUJh5
ka7DcP1++oC04MC6720KpA7y3TSV/J6jyAna+0mg2ZKZwzN2uhmBfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:11 2024 by rpki-client on console-fra.rpki-client.org