Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bqQjhA82tVwQm0-GdSb4GxnDMdA.roa
File: bqQjhA82tVwQm0-GdSb4GxnDMdA.roa (raw, json)
Hash identifier: 8z58limRzu7KYf8HFde9gBpz3ci0B7YFVMztZ85yeh4=
Subject key identifier: 6E:A4:23:84:0F:36:B5:5C:10:9B:4F:86:75:26:F8:1B:19:C3:31:D0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DDA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bqQjhA82tVwQm0-GdSb4GxnDMdA.roa
Signing time: Thu 11 Apr 2024 01:22:43 +0000
ROA not before: Thu 11 Apr 2024 01:22:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15834 (0x3dda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 01:22:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6EA423840F36B55C109B4F867526F81B19C331D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7d:a9:c7:4b:2b:a5:12:98:01:b4:12:6e:3e:
7c:0e:2c:5c:41:ce:1d:32:6e:1b:5d:6a:f9:f1:22:
d2:36:58:7f:6d:3c:40:f3:e8:63:81:25:8d:c6:dc:
05:79:a7:56:4e:b5:c1:23:91:17:55:be:2f:69:ab:
c0:e2:42:c6:b3:12:98:d4:1f:70:bc:5f:04:16:74:
64:f9:b1:b6:87:f9:57:68:b2:fa:95:40:70:90:4d:
b2:08:1d:e6:75:ac:4e:a5:a2:a3:0b:f2:f3:c8:8d:
33:ad:60:1d:f6:f9:3f:e2:c9:e2:a3:a6:d9:73:10:
48:02:61:11:e3:e7:b0:a5:69:d1:48:e7:1f:f0:ec:
1c:9e:4c:b8:70:b5:b2:eb:d7:0f:b0:1e:95:04:13:
28:21:79:f3:54:ef:49:2a:3a:a4:b8:c0:53:e9:fd:
cd:3e:33:be:f8:54:e0:6c:1f:54:a9:97:3b:ca:68:
c2:9c:4d:46:5d:71:b9:ad:34:a3:97:14:bf:f4:1d:
44:d7:78:c9:ea:8e:02:b0:db:05:08:56:b8:e1:3d:
f2:2a:69:15:0d:e7:74:46:f9:b9:1b:a5:bc:e2:38:
68:b4:6c:cd:32:10:fc:12:aa:4c:20:2d:ce:55:9c:
27:c3:08:ef:d1:10:a6:46:ed:99:d7:c2:d3:ab:8d:
bb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A4:23:84:0F:36:B5:5C:10:9B:4F:86:75:26:F8:1B:19:C3:31:D0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bqQjhA82tVwQm0-GdSb4GxnDMdA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:35:e4:a1:4a:40:82:5d:21:63:0a:27:3c:bf:fe:78:49:41:
cb:2c:51:af:69:f5:ca:0d:24:55:f3:5c:25:f0:c8:61:6a:8e:
b2:72:ce:21:84:73:be:df:d8:dd:ae:d7:c9:63:4e:2a:c2:77:
29:16:9d:1c:54:a5:9f:c3:22:4c:d1:21:07:88:b6:90:fa:2d:
82:98:1b:28:ad:6d:4b:cd:4e:cf:fa:3a:79:f1:a4:42:44:97:
e6:1f:1b:87:6b:80:97:58:50:ab:d8:f7:49:c1:d4:e5:ad:4c:
98:40:cf:4a:75:ea:6f:16:df:86:00:5c:3b:b0:83:0b:62:f2:
36:f1:98:d2:be:a5:fc:11:c5:c2:2e:89:4a:64:50:2f:b9:cc:
b8:80:37:39:1d:7f:36:84:7a:69:d7:43:75:44:52:28:7a:09:
f7:2c:c8:fc:b3:31:8a:9b:78:77:db:cd:d9:40:1c:05:91:84:
19:63:f7:6f:6c:ce:ee:96:c6:5b:05:79:0c:a6:d5:cc:fb:d2:
b8:93:a9:09:57:78:a9:be:2d:2b:c7:96:34:ae:aa:f6:e1:a1:
5f:48:40:8c:c4:6b:8f:2a:d3:1c:ca:1e:9d:d2:7a:e3:1d:77:
9b:14:cb:bd:ac:74:ad:aa:35:64:ea:54:99:00:c9:8b:92:2c:
4c:05:d0:43
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
MTIyNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZFQTQyMzg0MEYzNkI1
NUMxMDlCNEY4Njc1MjZGODFCMTlDMzMxRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCfanHSyulEpgBtBJuPnwOLFxBzh0ybhtdavnxItI2WH9tPEDz
6GOBJY3G3AV5p1ZOtcEjkRdVvi9pq8DiQsazEpjUH3C8XwQWdGT5sbaH+VdosvqV
QHCQTbIIHeZ1rE6loqML8vPIjTOtYB32+T/iyeKjptlzEEgCYRHj57CladFI5x/w
7ByeTLhwtbLr1w+wHpUEEyghefNU70kqOqS4wFPp/c0+M774VOBsH1SplzvKaMKc
TUZdcbmtNKOXFL/0HUTXeMnqjgKw2wUIVrjhPfIqaRUN53RG+bkbpbziOGi0bM0y
EPwSqkwgLc5VnCfDCO/REKZG7ZnXwtOrjbuTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUbqQjhA82tVwQm0+GdSb4GxnDMdAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JxUWpoQTgydFZ3UW0w
LUdkU2I0R3huRE1kQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAmzXkoUpAgl0hYwonPL/+eElByyxRr2n1
yg0kVfNcJfDIYWqOsnLOIYRzvt/Y3a7XyWNOKsJ3KRadHFSln8MiTNEhB4i2kPot
gpgbKK1tS81Oz/o6efGkQkSX5h8bh2uAl1hQq9j3ScHU5a1MmEDPSnXqbxbfhgBc
O7CDC2LyNvGY0r6l/BHFwi6JSmRQL7nMuIA3OR1/NoR6addDdURSKHoJ9yzI/LMx
ipt4d9vN2UAcBZGEGWP3b2zO7pbGWwV5DKbVzPvSuJOpCVd4qb4tK8eWNK6q9uGh
X0hAjMRrjyrTHMoendJ64x13mxTLvax0rao1ZOpUmQDJi5IsTAXQQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:35 2024 by rpki-client on console-fra.rpki-client.org