Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bgkrslfDMccgeFoFZ-yHMRogUNQ.roa
File: bgkrslfDMccgeFoFZ-yHMRogUNQ.roa (raw, json)
Hash identifier: ueaBH5yr+mz31HeOe6tKc2lE2IR0yOnCvNKbp0G2LFk=
Subject key identifier: 6E:09:2B:B2:57:C3:31:C7:20:78:5A:05:67:EC:87:31:1A:20:50:D4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35A2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bgkrslfDMccgeFoFZ-yHMRogUNQ.roa
Signing time: Sun 31 Mar 2024 02:22:37 +0000
ROA not before: Sun 31 Mar 2024 02:22:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13730 (0x35a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 02:22:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6E092BB257C331C720785A0567EC87311A2050D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6b:d6:a9:92:76:55:a3:e8:77:25:55:34:c6:
c2:5d:b0:5a:48:87:28:fc:08:f6:83:5a:d8:00:f7:
a9:bc:5d:9e:59:b4:7d:e4:02:79:d3:9d:95:2a:20:
6d:c1:de:da:55:74:0e:d1:7e:45:ff:c1:16:0e:4d:
da:12:d1:68:a5:5a:a3:c3:93:d5:00:5f:ea:bb:7c:
d2:f8:c8:96:44:39:8e:9d:a8:da:c5:fc:a3:d7:50:
65:cf:bc:35:c4:1f:93:d3:6e:96:63:6f:67:48:f7:
8c:06:ba:3e:5c:bf:49:6b:a9:5a:08:63:b5:e3:c9:
21:1d:57:26:bf:88:02:05:c4:8c:89:a2:66:78:5b:
dc:54:66:d1:37:0d:70:63:07:2a:3d:8e:77:29:63:
b1:86:53:7e:3f:e7:9c:d6:96:6b:4e:1d:fc:5a:56:
38:cc:5a:95:01:f7:96:aa:de:94:5e:1d:27:b1:89:
e6:63:a4:ba:82:45:77:84:4c:ad:94:7a:0a:59:48:
11:9d:09:97:fe:f5:84:ec:8a:11:d5:a5:13:5b:07:
81:b0:d5:93:6b:10:fd:00:3a:1a:00:35:a0:4c:d6:
41:87:c2:5f:85:92:8a:7d:72:3c:02:74:f5:b8:79:
05:2a:95:6f:f2:2e:6f:22:99:4a:d9:39:08:ed:9a:
7f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:09:2B:B2:57:C3:31:C7:20:78:5A:05:67:EC:87:31:1A:20:50:D4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bgkrslfDMccgeFoFZ-yHMRogUNQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:98:64:09:d0:eb:d4:ae:77:94:1a:19:95:8f:72:8c:63:e1:
47:94:84:6b:b0:73:07:ce:d6:c4:a4:2b:72:8d:05:59:76:fa:
c7:db:77:c0:3e:3b:1d:2d:cf:d1:43:08:6a:be:c9:df:c0:d2:
7d:ef:6c:d0:50:c7:da:bc:75:f7:cc:25:51:1e:ae:c3:17:9a:
6f:71:67:a0:40:ed:f1:6a:46:47:2f:e8:4c:1b:9d:db:4b:ef:
33:42:67:5a:0e:ab:c6:8a:1f:a7:8c:d7:5a:8c:6c:3c:55:85:
f9:fe:85:1d:0a:dc:e3:42:fd:05:50:14:aa:1a:a7:53:00:fc:
7e:74:a1:cc:a7:d5:8e:c8:4c:ed:a8:5e:c5:a3:25:c7:c3:87:
95:d5:6c:05:67:94:3b:63:e9:cd:0c:ea:78:2b:85:db:26:a3:
86:19:e0:ae:87:bd:a7:ad:d1:4d:fb:6a:97:4d:39:aa:35:ca:
2a:d9:8d:be:8a:12:c3:8f:93:9a:ed:db:22:03:ac:06:48:21:
ad:60:9a:a9:dd:98:b7:c3:26:73:4c:3b:a5:06:76:ad:2e:1f:
ba:4b:87:e2:61:38:5c:dd:5a:98:1f:fb:3e:47:88:b7:d0:1a:
af:1f:f9:25:f6:9d:41:c6:c7:56:9f:94:91:5b:6d:77:86:80:
a4:0d:4a:b8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNaIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
MjIyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZFMDkyQkIyNTdDMzMx
QzcyMDc4NUEwNTY3RUM4NzMxMUEyMDUwRDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDja9apknZVo+h3JVU0xsJdsFpIhyj8CPaDWtgA96m8XZ5ZtH3k
AnnTnZUqIG3B3tpVdA7RfkX/wRYOTdoS0WilWqPDk9UAX+q7fNL4yJZEOY6dqNrF
/KPXUGXPvDXEH5PTbpZjb2dI94wGuj5cv0lrqVoIY7XjySEdVya/iAIFxIyJomZ4
W9xUZtE3DXBjByo9jncpY7GGU34/55zWlmtOHfxaVjjMWpUB95aq3pReHSexieZj
pLqCRXeETK2UegpZSBGdCZf+9YTsihHVpRNbB4Gw1ZNrEP0AOhoANaBM1kGHwl+F
kop9cjwCdPW4eQUqlW/yLm8imUrZOQjtmn+PAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUbgkrslfDMccgeFoFZ+yHMRogUNQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Jna3JzbGZETWNjZ2VG
b0ZaLXlITVJvZ1VOUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAGJhkCdDr1K53lBoZlY9yjGPhR5SEa7Bz
B87WxKQrco0FWXb6x9t3wD47HS3P0UMIar7J38DSfe9s0FDH2rx198wlUR6uwxea
b3FnoEDt8WpGRy/oTBud20vvM0JnWg6rxoofp4zXWoxsPFWF+f6FHQrc40L9BVAU
qhqnUwD8fnShzKfVjshM7ahexaMlx8OHldVsBWeUO2PpzQzqeCuF2yajhhngroe9
p63RTftql005qjXKKtmNvooSw4+Tmu3bIgOsBkghrWCaqd2Yt8Mmc0w7pQZ2rS4f
ukuH4mE4XN1amB/7PkeIt9Aarx/5JfadQcbHVp+UkVttd4aApA1KuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:35 2024 by rpki-client on console-fra.rpki-client.org