Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BEsxbbXu8f67z4XncekMKLFrWEY.roa
File: BEsxbbXu8f67z4XncekMKLFrWEY.roa (raw, json)
Hash identifier: XEiw5kQjZJp198Ft3EOUY/JJgH5F8+qWLofqvuUbzc0=
Subject key identifier: 04:4B:31:6D:B5:EE:F1:FE:BB:CF:85:E7:71:E9:0C:28:B1:6B:58:46
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FEA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BEsxbbXu8f67z4XncekMKLFrWEY.roa
Signing time: Sun 05 May 2024 03:23:49 +0000
ROA not before: Sun 05 May 2024 03:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20458 (0x4fea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 03:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=044B316DB5EEF1FEBBCF85E771E90C28B16B5846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2c:33:ea:37:ef:c0:36:76:40:66:7d:f8:9b:
58:99:c5:f5:4d:26:e4:ce:f5:8e:83:fc:52:98:c1:
47:cb:e6:6e:86:7a:1a:5f:5c:67:63:85:8c:0e:4c:
38:ba:17:74:90:3e:1f:77:00:3b:c7:af:1b:2a:33:
77:33:93:1b:d5:66:55:a6:95:7e:99:b9:f8:c1:ff:
f6:0f:71:b3:4d:b1:7e:93:ef:25:38:a2:31:02:1b:
88:49:6e:76:8a:01:af:b3:73:18:89:d4:7f:e1:3e:
4c:a3:0f:b1:9f:18:49:9d:9e:17:48:af:99:2c:37:
ae:9b:5b:7b:11:4f:51:7c:01:85:38:a0:df:61:ad:
94:30:57:cc:31:a4:80:81:94:41:67:b2:0c:86:3a:
0b:1c:26:60:4e:a3:0f:76:ed:cb:c3:94:f6:3f:3d:
55:67:fa:33:9b:1e:9a:f7:a2:5b:57:ca:6e:a6:0b:
22:f4:60:aa:cb:be:70:f5:71:52:39:84:e8:fb:78:
95:26:23:a9:48:2b:28:96:3b:54:14:95:04:da:77:
20:db:bf:ef:3e:4d:24:cb:b5:d8:1e:12:f6:dc:f2:
0f:e0:c8:67:04:9b:27:60:61:81:04:89:1f:17:a5:
6b:5e:9f:a4:7e:58:5e:8a:06:04:23:65:5d:0b:cf:
6b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:4B:31:6D:B5:EE:F1:FE:BB:CF:85:E7:71:E9:0C:28:B1:6B:58:46
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BEsxbbXu8f67z4XncekMKLFrWEY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:88:11:d9:c5:10:a1:fb:92:66:cc:57:46:63:71:54:7d:25:
3a:89:12:c4:53:2d:5d:88:ca:b1:bf:65:64:b1:73:ef:a9:86:
67:ac:bb:bc:95:08:64:c1:24:99:44:84:59:4f:92:34:ed:6a:
7d:77:93:b5:7f:af:d5:71:12:70:0d:bb:3b:8b:e4:8b:c8:c9:
5d:b9:e0:28:c1:72:9d:2e:2c:e1:96:0c:25:29:09:df:67:de:
62:0b:30:00:43:71:3d:07:4d:24:a0:7e:c0:f3:a0:bd:2e:2b:
00:8e:de:2e:e3:18:64:30:04:92:6e:a5:47:80:f7:ff:1d:bc:
96:f9:35:00:04:07:e4:48:35:53:d5:08:37:63:00:66:74:a0:
8c:d5:b8:74:5b:13:2c:26:9d:80:12:cc:a4:7d:92:08:14:97:
d1:fe:e8:ee:69:1e:14:54:44:63:0b:ed:cc:2b:aa:f7:42:0b:
3d:b3:9b:55:aa:06:e8:58:54:94:ad:ff:c4:a8:d4:9b:74:f2:
ed:69:64:1c:8c:6b:10:61:5b:12:ef:d7:ce:d9:d1:79:49:40:
89:42:aa:3e:07:93:36:2d:ce:e9:87:c0:14:93:34:42:6d:bc:
79:ce:be:ed:ad:dc:38:7b:d5:da:ed:dc:4c:53:40:a7:cb:95:
c3:cd:65:00
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICT+owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUw
MzIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA0NEIzMTZEQjVFRUYx
RkVCQkNGODVFNzcxRTkwQzI4QjE2QjU4NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCVLDPqN+/ANnZAZn34m1iZxfVNJuTO9Y6D/FKYwUfL5m6Gehpf
XGdjhYwOTDi6F3SQPh93ADvHrxsqM3czkxvVZlWmlX6ZufjB//YPcbNNsX6T7yU4
ojECG4hJbnaKAa+zcxiJ1H/hPkyjD7GfGEmdnhdIr5ksN66bW3sRT1F8AYU4oN9h
rZQwV8wxpICBlEFnsgyGOgscJmBOow927cvDlPY/PVVn+jObHpr3oltXym6mCyL0
YKrLvnD1cVI5hOj7eJUmI6lIKyiWO1QUlQTadyDbv+8+TSTLtdgeEvbc8g/gyGcE
mydgYYEEiR8XpWten6R+WF6KBgQjZV0Lz2vfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBEsxbbXu8f67z4XncekMKLFrWEYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JFc3hiYlh1OGY2N3o0
WG5jZWtNS0xGcldFWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAJYgR2cUQofuSZsxXRmNxVH0lOokSxFMt
XYjKsb9lZLFz76mGZ6y7vJUIZMEkmUSEWU+SNO1qfXeTtX+v1XEScA27O4vki8jJ
XbngKMFynS4s4ZYMJSkJ32feYgswAENxPQdNJKB+wPOgvS4rAI7eLuMYZDAEkm6l
R4D3/x28lvk1AAQH5Eg1U9UIN2MAZnSgjNW4dFsTLCadgBLMpH2SCBSX0f7o7mke
FFREYwvtzCuq90ILPbObVaoG6FhUlK3/xKjUm3Ty7WlkHIxrEGFbEu/XztnReUlA
iUKqPgeTNi3O6YfAFJM0Qm28ec6+7a3cOHvV2u3cTFNAp8uVw81lAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:22 2024 by rpki-client on console-ams.rpki-client.org