Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BEtNbJaqvzknXFFk0X95vIGPK4Q.roa
File: BEtNbJaqvzknXFFk0X95vIGPK4Q.roa (raw, json)
Hash identifier: JLc1J8MBzSL7+O+WZ3QBnuJEej15JM4GV0tbo3BYCWw=
Subject key identifier: 04:4B:4D:6C:96:AA:BF:39:27:5C:51:64:D1:7F:79:BC:81:8F:2B:84
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36FA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BEtNbJaqvzknXFFk0X95vIGPK4Q.roa
Signing time: Mon 01 Apr 2024 21:22:14 +0000
ROA not before: Mon 01 Apr 2024 21:22:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14074 (0x36fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 21:22:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=044B4D6C96AABF39275C5164D17F79BC818F2B84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3f:ce:15:29:62:50:52:8e:4c:8a:97:98:31:
b1:f4:28:ba:95:f1:ef:21:c6:50:9f:dc:05:98:c6:
e9:cd:55:91:4c:a0:dd:f5:81:4f:88:3c:32:65:d1:
1b:26:ec:11:ce:8b:1a:70:f2:e2:51:13:fa:94:30:
5d:3f:1f:5b:bd:67:3d:e2:e6:50:70:d6:17:ff:43:
22:ce:19:46:ab:a1:d1:e9:37:11:81:4b:6a:9e:2f:
e0:c2:86:42:31:fb:0b:06:4f:1f:a0:e5:b2:71:8b:
78:1d:ac:a8:b3:a9:5e:64:21:fb:0f:53:fc:2d:49:
40:ce:70:ed:83:61:65:20:10:d1:c5:c8:1b:87:32:
0c:09:d1:71:bf:b2:e6:13:a4:95:b4:c8:cf:40:8f:
f0:67:37:80:0c:e6:61:ab:56:3c:f9:f2:02:85:c5:
3a:31:2a:4e:6d:d4:7e:01:6e:88:a7:00:ac:1f:49:
c3:3f:98:2b:ae:5f:fe:b3:93:a3:c6:19:e7:c3:87:
c2:70:cf:82:de:ee:dc:39:83:c2:09:97:6d:95:77:
ee:9e:78:0f:11:92:e7:5d:0a:64:93:75:80:e7:85:
5a:6d:23:c4:47:4a:cb:1f:48:e3:15:22:b8:37:57:
e5:62:65:30:9f:25:54:c8:4c:8f:bc:1a:f5:fd:c3:
6e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:4B:4D:6C:96:AA:BF:39:27:5C:51:64:D1:7F:79:BC:81:8F:2B:84
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BEtNbJaqvzknXFFk0X95vIGPK4Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:0c:ef:ca:bb:11:62:3e:52:49:a9:9e:1b:62:f5:13:a5:b8:
b5:58:bf:71:b8:66:22:82:32:75:8d:41:7f:59:08:e7:3e:91:
ad:29:72:8a:46:43:d5:36:bc:ca:b8:75:24:40:06:da:f8:92:
35:2b:f6:24:05:02:ba:bd:a8:34:a2:7d:49:01:15:e8:f1:7f:
3d:63:33:f3:84:aa:50:b2:8d:e6:a1:65:0f:12:7c:3a:78:b4:
26:bb:59:8f:30:a8:54:fe:cd:26:4c:d5:69:38:ba:ca:cd:99:
e2:94:53:d5:ac:ef:31:09:a6:46:5e:cc:3d:f7:49:b3:1e:21:
bb:b5:38:1b:32:89:82:60:00:0d:cd:25:28:2e:e5:b7:2d:48:
47:97:f9:27:67:e8:aa:31:ea:81:eb:d9:10:d7:3d:73:5a:e7:
3f:a3:f2:8f:20:12:67:82:32:c3:37:01:15:b9:12:db:c4:4d:
0f:d4:54:8c:f7:49:e6:b2:a8:a3:4d:ef:52:3c:68:8c:e6:21:
7e:23:03:f1:14:fa:ba:31:5b:fb:6c:66:01:7b:b0:df:a3:6f:
76:d4:88:3a:f6:11:47:84:0d:90:25:8e:d4:13:12:c9:87:e8:
25:30:50:14:e0:1e:54:08:d7:e6:7d:d3:41:ef:37:68:c3:e2:
05:e2:39:36
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNvowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEy
MTIyMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA0NEI0RDZDOTZBQUJG
MzkyNzVDNTE2NEQxN0Y3OUJDODE4RjJCODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmP84VKWJQUo5MipeYMbH0KLqV8e8hxlCf3AWYxunNVZFMoN31
gU+IPDJl0Rsm7BHOixpw8uJRE/qUMF0/H1u9Zz3i5lBw1hf/QyLOGUarodHpNxGB
S2qeL+DChkIx+wsGTx+g5bJxi3gdrKizqV5kIfsPU/wtSUDOcO2DYWUgENHFyBuH
MgwJ0XG/suYTpJW0yM9Aj/BnN4AM5mGrVjz58gKFxToxKk5t1H4BboinAKwfScM/
mCuuX/6zk6PGGefDh8Jwz4Le7tw5g8IJl22Vd+6eeA8RkuddCmSTdYDnhVptI8RH
SssfSOMVIrg3V+ViZTCfJVTITI+8GvX9w26FAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBEtNbJaqvzknXFFk0X95vIGPK4QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JFdE5iSmFxdnprblhG
RmswWDk1dklHUEs0US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEANQzvyrsRYj5SSameG2L1E6W4tVi/cbhm
IoIydY1Bf1kI5z6RrSlyikZD1Ta8yrh1JEAG2viSNSv2JAUCur2oNKJ9SQEV6PF/
PWMz84SqULKN5qFlDxJ8Oni0JrtZjzCoVP7NJkzVaTi6ys2Z4pRT1azvMQmmRl7M
PfdJsx4hu7U4GzKJgmAADc0lKC7lty1IR5f5J2foqjHqgevZENc9c1rnP6PyjyAS
Z4IywzcBFbkS28RND9RUjPdJ5rKoo03vUjxojOYhfiMD8RT6ujFb+2xmAXuw36Nv
dtSIOvYRR4QNkCWO1BMSyYfoJTBQFOAeVAjX5n3TQe83aMPiBeI5Ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:11 2024 by rpki-client on console-fra.rpki-client.org