Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/JQ0Bvacx7ytH7hDwREYGPxW0Lw0.roa
File: JQ0Bvacx7ytH7hDwREYGPxW0Lw0.roa (raw, json)
Hash identifier: bnrA3zFii+bOnf2dWf6uQpoFkeN3YjFB14t3s55835E=
Subject key identifier: 25:0D:01:BD:A7:31:EF:2B:47:EE:10:F0:44:46:06:3F:15:B4:2F:0D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C1A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JQ0Bvacx7ytH7hDwREYGPxW0Lw0.roa
Signing time: Mon 08 Apr 2024 17:22:36 +0000
ROA not before: Mon 08 Apr 2024 17:22:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15386 (0x3c1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 17:22:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=250D01BDA731EF2B47EE10F04446063F15B42F0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:47:a6:1d:fa:a5:0a:9b:2a:bf:f4:a2:b9:1b:
ff:94:f6:eb:a8:a5:f9:35:05:b6:51:87:1a:fd:8b:
3d:82:f5:b9:bb:32:fa:23:e8:35:37:ad:23:cb:67:
6b:ef:a3:4d:d3:9b:be:5d:5c:74:78:4a:79:84:5b:
e5:07:cc:2a:0c:1d:96:a6:21:10:9e:d0:db:c2:49:
79:3e:82:af:05:1f:0c:d5:c4:f2:f6:5f:02:bb:a2:
78:5e:c2:59:ca:96:ab:ac:da:59:3d:ec:44:43:53:
cd:97:a5:85:80:c5:a9:69:f1:5a:a4:57:47:25:fd:
b1:74:17:c2:33:00:39:02:4a:f7:f6:8b:3b:6a:94:
e7:3c:22:9b:0a:9f:09:ae:e3:5a:09:97:12:5e:59:
6b:25:73:62:a6:90:61:f2:48:23:c9:02:ed:3d:6b:
85:db:2c:69:c3:b4:c7:b7:07:7a:29:64:ae:67:b6:
01:19:5e:c7:74:04:f5:34:2f:ad:60:11:3c:97:7c:
45:42:f3:39:14:ee:5e:05:a0:22:3c:1b:94:99:b1:
d3:aa:7e:24:80:45:e7:51:9a:09:14:77:01:1d:07:
9e:58:f7:26:79:df:1f:5f:9e:05:84:27:77:19:16:
ca:40:f0:bf:69:45:ad:6d:f6:9d:a1:4a:54:a4:24:
ed:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:0D:01:BD:A7:31:EF:2B:47:EE:10:F0:44:46:06:3F:15:B4:2F:0D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JQ0Bvacx7ytH7hDwREYGPxW0Lw0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
82:83:34:8c:21:b2:37:12:3f:7a:9f:7b:5b:c2:62:38:9b:86:
ad:68:09:89:c7:dc:45:40:9b:23:e5:e3:2e:22:df:7a:f3:fb:
70:f0:0f:01:71:79:e6:8f:81:ae:19:5e:03:6e:99:2e:1e:61:
f6:8a:78:9d:81:34:3d:26:1d:ef:38:2f:6b:43:c3:19:29:75:
ae:39:c4:c1:14:c3:81:78:7b:58:7e:ac:ee:05:e3:5e:25:48:
7d:ea:71:7b:3f:1b:91:32:63:a8:a9:20:50:ec:fe:21:37:61:
eb:91:29:5b:a0:68:4f:4d:04:a9:fc:f4:8f:46:d0:06:13:33:
8d:a8:fd:d2:d9:ef:f1:0a:36:0e:33:73:c1:87:3f:40:71:5d:
94:3d:ad:36:6b:37:54:28:60:94:58:5e:58:d9:1a:a3:e7:4e:
29:9d:58:cc:32:22:00:84:d9:84:cb:9c:90:b4:a5:ec:7e:08:
74:fe:f4:46:9f:d3:3d:88:93:6c:4c:cc:d0:2c:88:4a:6d:3e:
f4:f8:3f:ba:5a:88:42:9f:6d:80:a4:f4:8e:65:d8:d8:09:a4:
0a:91:75:8b:92:75:47:ef:3c:d9:7d:36:67:b3:2d:4d:ee:0d:
1e:13:c9:eb:03:f3:bc:26:4d:9f:76:c6:e3:da:50:84:8e:0c:
9b:6a:76:13
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPBowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgx
NzIyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI1MEQwMUJEQTczMUVG
MkI0N0VFMTBGMDQ0NDYwNjNGMTVCNDJGMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwR6Yd+qUKmyq/9KK5G/+U9uuopfk1BbZRhxr9iz2C9bm7Mvoj
6DU3rSPLZ2vvo03Tm75dXHR4SnmEW+UHzCoMHZamIRCe0NvCSXk+gq8FHwzVxPL2
XwK7onhewlnKlqus2lk97ERDU82XpYWAxalp8VqkV0cl/bF0F8IzADkCSvf2iztq
lOc8IpsKnwmu41oJlxJeWWslc2KmkGHySCPJAu09a4XbLGnDtMe3B3opZK5ntgEZ
Xsd0BPU0L61gETyXfEVC8zkU7l4FoCI8G5SZsdOqfiSARedRmgkUdwEdB55Y9yZ5
3x9fngWEJ3cZFspA8L9pRa1t9p2hSlSkJO2xAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUJQ0Bvacx7ytH7hDwREYGPxW0Lw0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0pRMEJ2YWN4N3l0SDdo
RHdSRVlHUHhXMEx3MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAgoM0jCGyNxI/ep97W8JiOJuGrWgJicfc
RUCbI+XjLiLfevP7cPAPAXF55o+BrhleA26ZLh5h9op4nYE0PSYd7zgva0PDGSl1
rjnEwRTDgXh7WH6s7gXjXiVIfepxez8bkTJjqKkgUOz+ITdh65EpW6BoT00Eqfz0
j0bQBhMzjaj90tnv8Qo2DjNzwYc/QHFdlD2tNms3VChglFheWNkao+dOKZ1YzDIi
AITZhMuckLSl7H4IdP70Rp/TPYiTbEzM0CyISm0+9Pg/ulqIQp9tgKT0jmXY2Amk
CpF1i5J1R+882X02Z7MtTe4NHhPJ6wPzvCZNn3bG49pQhI4Mm2p2Ew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:18 2024 by rpki-client on console-fra.rpki-client.org