Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BQsGSZyOUVXMAM9AtcaM7cZ5oNo.roa
File: BQsGSZyOUVXMAM9AtcaM7cZ5oNo.roa (raw, json)
Hash identifier: +Ey2yDIC/c7h3myIEj8DBZqA+RCIJh3ppyqfB3hFYhM=
Subject key identifier: 05:0B:06:49:9C:8E:51:55:CC:00:CF:40:B5:C6:8C:ED:C6:79:A0:DA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35AE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BQsGSZyOUVXMAM9AtcaM7cZ5oNo.roa
Signing time: Sun 31 Mar 2024 03:52:15 +0000
ROA not before: Sun 31 Mar 2024 03:52:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13742 (0x35ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 03:52:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=050B06499C8E5155CC00CF40B5C68CEDC679A0DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:04:32:7a:25:8f:65:e4:82:c7:05:df:6f:a4:
35:ee:db:c2:1c:f5:e9:48:ed:1b:a4:4d:fd:e7:f4:
a4:51:da:d7:d9:4e:76:65:12:3e:7a:3c:21:e6:d2:
d3:8a:ff:c1:c4:bd:5f:2e:24:93:6b:c2:fb:ee:7f:
67:ad:70:2b:dc:5b:b7:ec:70:6c:8a:31:c4:1f:46:
68:bc:75:3c:38:c9:bb:f8:4f:ca:52:d6:ad:26:c4:
98:e1:82:b6:40:c8:80:e9:c3:0e:69:d2:1c:14:83:
2d:6d:41:d7:e7:55:70:72:9f:db:ee:b1:0c:9f:69:
71:f8:0f:2d:fd:55:47:ee:58:1c:77:1a:55:d5:8b:
3d:de:88:7a:d0:66:6b:8f:41:cf:81:0d:d7:5c:81:
ca:6c:51:9a:43:60:de:2d:e0:c6:35:78:21:7d:a4:
e9:58:c9:ae:0d:93:ef:76:cc:ff:fd:d6:70:8d:53:
2f:bb:1b:57:01:d0:9a:8d:90:27:7f:e5:7c:39:9b:
12:66:53:9f:43:7e:7c:7a:dc:70:f8:4d:90:2e:5e:
e5:c8:26:8e:43:f7:a4:bb:80:8d:06:54:92:a1:32:
86:fb:8c:e7:4b:ce:30:8a:fd:e8:35:25:3e:e7:16:
2a:85:01:c0:ff:b3:83:bf:36:db:9a:b7:4d:5f:75:
49:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:0B:06:49:9C:8E:51:55:CC:00:CF:40:B5:C6:8C:ED:C6:79:A0:DA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BQsGSZyOUVXMAM9AtcaM7cZ5oNo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6c:c3:96:1a:7c:d3:c2:68:af:60:38:17:21:4b:a1:0b:02:ff:
e3:e8:b2:b5:18:dd:8b:27:8b:8f:ab:b9:81:9c:b7:6e:e8:1c:
a3:c3:01:03:e0:7c:41:52:a3:e7:90:96:6d:c9:c7:99:3b:e3:
23:4c:10:a0:70:e1:af:c1:e0:89:eb:37:2a:64:40:06:d0:c4:
18:c6:8d:ea:74:9d:62:38:2a:75:e1:d3:06:6f:a2:9d:96:14:
86:7f:33:db:67:cd:3b:f1:73:26:10:ee:16:ef:e5:c6:c9:fc:
0c:fb:8b:25:28:1e:88:e9:d7:30:68:40:48:90:e0:c9:4e:5d:
f9:1b:4d:ae:1b:a4:35:28:57:11:ad:27:16:5d:19:9b:e6:ea:
5b:4b:c1:c9:a1:ed:8b:96:96:18:16:f3:82:80:e2:c6:f1:b5:
95:06:aa:4a:13:02:ce:f5:d6:68:73:de:07:1e:47:27:b2:e6:
ae:cf:41:76:7f:04:59:a3:04:e8:b4:71:9b:df:35:69:85:12:
16:85:41:61:69:65:eb:4a:ca:6d:7e:f1:54:73:be:fb:91:92:
38:e6:46:2f:d7:4d:b7:f5:f9:37:91:4c:89:36:12:39:63:77:
49:2c:c8:9a:22:87:8f:a2:ca:33:a5:64:59:ea:f2:11:08:d2:
dd:17:cc:aa
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNa4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
MzUyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA1MEIwNjQ5OUM4RTUx
NTVDQzAwQ0Y0MEI1QzY4Q0VEQzY3OUEwREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyBDJ6JY9l5ILHBd9vpDXu28Ic9elI7RukTf3n9KRR2tfZTnZl
Ej56PCHm0tOK/8HEvV8uJJNrwvvuf2etcCvcW7fscGyKMcQfRmi8dTw4ybv4T8pS
1q0mxJjhgrZAyIDpww5p0hwUgy1tQdfnVXByn9vusQyfaXH4Dy39VUfuWBx3GlXV
iz3eiHrQZmuPQc+BDddcgcpsUZpDYN4t4MY1eCF9pOlYya4Nk+92zP/91nCNUy+7
G1cB0JqNkCd/5Xw5mxJmU59Dfnx63HD4TZAuXuXIJo5D96S7gI0GVJKhMob7jOdL
zjCK/eg1JT7nFiqFAcD/s4O/Ntuat01fdUmZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBQsGSZyOUVXMAM9AtcaM7cZ5oNowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JRc0dTWnlPVVZYTUFN
OUF0Y2FNN2NaNW9Oby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAbMOWGnzTwmivYDgXIUuhCwL/4+iytRjd
iyeLj6u5gZy3bugco8MBA+B8QVKj55CWbcnHmTvjI0wQoHDhr8Hgies3KmRABtDE
GMaN6nSdYjgqdeHTBm+inZYUhn8z22fNO/FzJhDuFu/lxsn8DPuLJSgeiOnXMGhA
SJDgyU5d+RtNrhukNShXEa0nFl0Zm+bqW0vByaHti5aWGBbzgoDixvG1lQaqShMC
zvXWaHPeBx5HJ7Lmrs9Bdn8EWaME6LRxm981aYUSFoVBYWll60rKbX7xVHO++5GS
OOZGL9dNt/X5N5FMiTYSOWN3SSzImiKHj6LKM6VkWeryEQjS3RfMqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:12 2024 by rpki-client on console-fra.rpki-client.org