Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bEsDu49RWtbMVylD9gerJuzwF8Q.roa
File: bEsDu49RWtbMVylD9gerJuzwF8Q.roa (raw, json)
Hash identifier: 4GOBDtxr/j/9EYuNgv0ct5Ho1a04C7eTIlLOdlML3Ao=
Subject key identifier: 6C:4B:03:BB:8F:51:5A:D6:CC:57:29:43:F6:07:AB:26:EC:F0:17:C4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 434E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bEsDu49RWtbMVylD9gerJuzwF8Q.roa
Signing time: Thu 18 Apr 2024 07:53:25 +0000
ROA not before: Thu 18 Apr 2024 07:53:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17230 (0x434e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 07:53:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6C4B03BB8F515AD6CC572943F607AB26ECF017C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f8:27:b1:50:ab:a3:45:f0:2f:f8:56:47:b2:
25:9b:96:2f:14:d4:b1:dd:2c:be:30:78:40:b6:cd:
8c:a7:4c:f7:ba:73:52:ee:56:9b:d8:e9:6a:1b:5a:
01:71:e8:92:65:68:35:bb:0f:d1:00:76:f5:34:fe:
b9:e7:5a:c4:e4:a6:ae:a8:02:01:4e:a5:0c:77:9c:
89:82:ad:d2:6b:db:ab:5d:e4:63:8e:54:cb:6d:08:
d7:9e:70:bd:01:44:d5:ef:45:29:56:37:d3:96:b8:
7b:f8:ba:99:5a:12:66:28:99:2e:1d:40:dd:52:75:
27:25:48:47:26:de:6e:1e:0f:f0:6a:a1:09:3b:f1:
fd:f8:4d:5d:36:55:97:c7:f4:2d:80:01:bc:c9:b5:
3a:ad:7c:82:d9:c1:59:f3:df:94:a6:27:02:86:40:
28:02:92:25:1e:28:8c:1c:a1:5a:3d:10:14:73:8a:
04:df:9e:71:1a:9e:18:af:7e:91:f6:47:53:a9:cc:
e9:61:d7:e1:41:52:ba:74:e8:df:00:38:a1:7b:e6:
7b:38:e2:56:9a:58:0d:29:c7:8b:44:90:a7:91:45:
2c:07:4e:39:ba:85:f8:98:7e:f6:e9:d4:52:a2:db:
6f:3d:fb:e5:06:6f:52:c4:1e:a1:47:a9:de:5a:b9:
a9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:4B:03:BB:8F:51:5A:D6:CC:57:29:43:F6:07:AB:26:EC:F0:17:C4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bEsDu49RWtbMVylD9gerJuzwF8Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:92:b1:3c:92:3f:da:d8:72:4f:94:13:68:cc:78:f5:7c:df:
78:51:b0:a3:19:51:dd:33:b7:23:3f:40:24:f9:08:4f:1c:5d:
38:84:22:42:69:33:ac:51:a3:2a:c3:28:ba:16:e0:be:b1:8c:
e6:fc:a9:b5:36:36:a6:34:c0:65:29:b8:a8:16:b7:48:77:1a:
0c:10:57:12:a4:85:41:86:1b:eb:4b:8e:cf:42:e5:01:0b:ac:
77:91:54:c7:19:e0:b2:a9:5d:59:6e:fe:86:a7:dd:4c:0c:e1:
4e:ba:7e:38:80:86:d5:2d:91:fd:c0:29:db:e0:09:88:40:5d:
6d:28:44:83:82:ad:36:2d:5e:d0:4d:52:2e:70:1b:59:c6:ae:
a7:16:9a:2f:01:6b:ed:b4:2b:71:e9:3c:4f:ce:d4:cb:5a:c1:
26:63:ac:09:82:e8:2e:fb:60:e4:9f:63:8b:ee:c7:c2:b2:80:
3d:ce:db:32:0e:41:9e:a8:93:5e:bb:05:84:7e:3c:ee:e3:94:
94:24:2d:38:22:5e:d8:6d:52:1a:6d:36:43:1e:c1:44:fa:08:
dc:aa:cc:0c:d4:a5:09:f2:7b:67:bd:62:10:37:76:ce:a9:f1:
24:93:53:b3:0e:e4:20:d9:af:2a:b0:9e:88:37:3e:f7:cc:48:
45:88:37:fe
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ04wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgw
NzUzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZDNEIwM0JCOEY1MTVB
RDZDQzU3Mjk0M0Y2MDdBQjI2RUNGMDE3QzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR+CexUKujRfAv+FZHsiWbli8U1LHdLL4weEC2zYynTPe6c1Lu
VpvY6WobWgFx6JJlaDW7D9EAdvU0/rnnWsTkpq6oAgFOpQx3nImCrdJr26td5GOO
VMttCNeecL0BRNXvRSlWN9OWuHv4uplaEmYomS4dQN1SdSclSEcm3m4eD/BqoQk7
8f34TV02VZfH9C2AAbzJtTqtfILZwVnz35SmJwKGQCgCkiUeKIwcoVo9EBRzigTf
nnEanhivfpH2R1OpzOlh1+FBUrp06N8AOKF75ns44laaWA0px4tEkKeRRSwHTjm6
hfiYfvbp1FKi2289++UGb1LEHqFHqd5aualPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUbEsDu49RWtbMVylD9gerJuzwF8QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JFc0R1NDlSV3RiTVZ5
bEQ5Z2VySnV6d0Y4US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAqJKxPJI/2thyT5QTaMx49XzfeFGwoxlR
3TO3Iz9AJPkITxxdOIQiQmkzrFGjKsMouhbgvrGM5vyptTY2pjTAZSm4qBa3SHca
DBBXEqSFQYYb60uOz0LlAQusd5FUxxngsqldWW7+hqfdTAzhTrp+OICG1S2R/cAp
2+AJiEBdbShEg4KtNi1e0E1SLnAbWcaupxaaLwFr7bQrcek8T87Uy1rBJmOsCYLo
Lvtg5J9ji+7HwrKAPc7bMg5BnqiTXrsFhH487uOUlCQtOCJe2G1SGm02Qx7BRPoI
3KrMDNSlCfJ7Z71iEDd2zqnxJJNTsw7kINmvKrCeiDc+98xIRYg3/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:35 2024 by rpki-client on console-fra.rpki-client.org