Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BgPq4MHsJk09rK8u52qxYDlHwbo.roa
File: BgPq4MHsJk09rK8u52qxYDlHwbo.roa (raw, json)
Hash identifier: fmnKWPslH9HJR4jMFVn4gBbnOzn2lY5BHlbx5UxIgPs=
Subject key identifier: 06:03:EA:E0:C1:EC:26:4D:3D:AC:AF:2E:E7:6A:B1:60:39:47:C1:BA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 354A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BgPq4MHsJk09rK8u52qxYDlHwbo.roa
Signing time: Sat 30 Mar 2024 15:22:13 +0000
ROA not before: Sat 30 Mar 2024 15:22:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13642 (0x354a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 15:22:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0603EAE0C1EC264D3DACAF2EE76AB1603947C1BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:30:62:b7:f9:e4:1c:9b:37:b8:38:06:ee:4b:
a3:99:6a:0c:93:fb:a2:8b:63:3b:47:e3:79:1f:c5:
62:44:b0:6a:e5:29:7b:58:2e:ce:38:95:e4:54:90:
4f:1d:52:55:01:36:21:60:10:68:59:56:b8:27:81:
8d:eb:57:4d:2c:18:be:09:46:1c:4a:0e:79:49:80:
52:28:90:5b:3d:07:31:fa:83:78:eb:f4:2b:7e:c4:
be:45:18:98:70:4b:d1:83:7e:83:12:03:a4:72:c4:
18:e3:09:e3:ae:9b:25:3a:f9:5e:99:7f:22:0f:3c:
f2:2c:ad:ab:f3:fc:df:b2:10:31:90:31:14:a2:12:
fd:2a:17:57:e7:9a:5e:4a:5d:12:26:e6:53:19:38:
f9:94:f7:39:86:be:c4:0d:07:9c:80:bd:ae:9a:ad:
59:ea:08:13:89:e5:3b:00:de:65:4f:45:7a:a0:99:
7c:74:6d:bd:e0:fc:fc:99:bf:3d:c5:34:f4:f6:fa:
1f:e4:6b:20:05:a8:30:17:bb:60:9c:ae:9f:99:67:
8e:16:31:aa:5d:70:96:25:5f:b2:86:57:7b:a2:95:
d5:0e:37:49:fe:48:f9:db:25:ea:e3:26:c4:76:cc:
f6:36:a9:e5:c1:f0:3f:31:93:38:21:b4:fb:22:21:
3e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:03:EA:E0:C1:EC:26:4D:3D:AC:AF:2E:E7:6A:B1:60:39:47:C1:BA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BgPq4MHsJk09rK8u52qxYDlHwbo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ab:3d:dd:b6:be:63:70:98:e4:be:02:71:b6:72:04:18:b1:15:
1a:10:eb:0d:b5:01:6c:c9:20:71:7c:3e:34:5a:42:0e:b2:2a:
dd:32:07:a5:6f:ad:5b:29:45:bb:e0:6d:23:de:ec:3b:63:12:
89:b4:e1:49:93:62:a4:fc:2e:a7:95:74:ef:fb:59:40:eb:83:
c5:b1:f2:16:a1:9c:82:f1:db:2e:c9:2f:41:12:42:c9:ec:f3:
31:4d:a4:8f:db:0b:90:91:da:20:28:ca:0d:13:fb:95:8e:6a:
5d:7f:58:1a:6f:dd:4a:81:ec:82:b7:45:65:22:91:58:74:1b:
02:1d:0b:b6:50:f7:e9:5a:af:8d:ad:20:9e:61:c0:26:19:e2:
75:77:30:86:78:21:25:e2:d2:86:e1:77:6f:46:3c:81:e2:f2:
ec:34:a7:80:f7:1c:e9:d6:c7:42:a8:96:f6:62:2c:08:83:e9:
c2:52:1f:d3:0e:81:d0:f5:70:bd:31:c4:9e:1c:c6:2d:f6:0a:
e7:1d:12:38:3f:a3:c9:78:cc:91:d0:90:23:ed:89:34:4f:0e:
00:c4:3a:ca:3f:06:62:21:6d:ec:21:25:88:00:06:68:2a:09:
04:94:ab:fa:c2:83:bb:f5:20:3c:1e:1a:ea:1d:11:eb:66:d8:
85:b6:8f:c7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNUowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
NTIyMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA2MDNFQUUwQzFFQzI2
NEQzREFDQUYyRUU3NkFCMTYwMzk0N0MxQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0MGK3+eQcmze4OAbuS6OZagyT+6KLYztH43kfxWJEsGrlKXtY
Ls44leRUkE8dUlUBNiFgEGhZVrgngY3rV00sGL4JRhxKDnlJgFIokFs9BzH6g3jr
9Ct+xL5FGJhwS9GDfoMSA6RyxBjjCeOumyU6+V6ZfyIPPPIsravz/N+yEDGQMRSi
Ev0qF1fnml5KXRIm5lMZOPmU9zmGvsQNB5yAva6arVnqCBOJ5TsA3mVPRXqgmXx0
bb3g/PyZvz3FNPT2+h/kayAFqDAXu2Ccrp+ZZ44WMapdcJYlX7KGV3uildUON0n+
SPnbJerjJsR2zPY2qeXB8D8xkzghtPsiIT6XAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBgPq4MHsJk09rK8u52qxYDlHwbowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JnUHE0TUhzSmswOXJL
OHU1MnF4WURsSHdiby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAqz3dtr5jcJjkvgJxtnIEGLEVGhDrDbUB
bMkgcXw+NFpCDrIq3TIHpW+tWylFu+BtI97sO2MSibThSZNipPwup5V07/tZQOuD
xbHyFqGcgvHbLskvQRJCyezzMU2kj9sLkJHaICjKDRP7lY5qXX9YGm/dSoHsgrdF
ZSKRWHQbAh0LtlD36Vqvja0gnmHAJhnidXcwhnghJeLShuF3b0Y8geLy7DSngPcc
6dbHQqiW9mIsCIPpwlIf0w6B0PVwvTHEnhzGLfYK5x0SOD+jyXjMkdCQI+2JNE8O
AMQ6yj8GYiFt7CEliAAGaCoJBJSr+sKDu/UgPB4a6h0R62bYhbaPxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:12 2024 by rpki-client on console-fra.rpki-client.org