Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bslUg2vwPSncOe6B7vivOmx-Y0U.roa
File: bslUg2vwPSncOe6B7vivOmx-Y0U.roa (raw, json)
Hash identifier: 94lBqMi1IQdOIugR34Yip/E4F0OiLkiFsppon+fuwBI=
Subject key identifier: 6E:C9:54:83:6B:F0:3D:29:DC:39:EE:81:EE:F8:AF:3A:6C:7E:63:45
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 403E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bslUg2vwPSncOe6B7vivOmx-Y0U.roa
Signing time: Sun 14 Apr 2024 05:52:54 +0000
ROA not before: Sun 14 Apr 2024 05:52:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16446 (0x403e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 05:52:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6EC954836BF03D29DC39EE81EEF8AF3A6C7E6345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9f:39:c8:c6:2f:0a:f0:f9:fe:c7:64:0a:b3:
58:6d:bc:15:bd:16:95:0d:1e:f4:24:e5:56:89:11:
af:f4:2d:40:a1:da:74:70:c3:a9:83:92:e9:0c:70:
7c:f2:69:70:80:c6:a0:9a:aa:15:87:63:1e:13:c2:
0b:9e:99:cd:bf:cb:7c:11:5b:8c:6d:95:32:b6:92:
16:90:f3:a1:35:7f:2f:dc:ae:6d:b6:d5:58:b9:fb:
9d:54:d3:9b:53:d0:b3:6c:8f:49:e7:79:70:43:e8:
08:2f:a4:ec:f2:8f:a1:07:90:42:f0:2f:00:74:16:
71:05:e2:fa:e1:a3:68:2a:2f:f1:e3:4c:70:ef:b4:
c1:0a:a7:7a:17:59:a9:01:f9:90:7c:6e:a5:12:7c:
d5:55:21:bf:5f:bc:58:01:ff:7b:f1:6a:5f:ea:66:
c5:20:ac:91:da:34:43:fc:d4:f4:a3:c9:4a:37:53:
20:05:68:16:38:ec:62:33:76:da:8e:46:62:40:7f:
f5:fe:51:17:39:5f:42:cb:4f:dc:65:20:fa:0a:80:
b7:5d:f6:a3:a2:66:3c:91:bc:5a:c6:9f:cb:0a:82:
bd:12:5a:8d:fe:e0:e7:db:d9:a2:52:c4:25:9f:f0:
6d:d7:d5:51:e2:bb:e1:1e:55:49:4c:07:6b:99:53:
03:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C9:54:83:6B:F0:3D:29:DC:39:EE:81:EE:F8:AF:3A:6C:7E:63:45
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bslUg2vwPSncOe6B7vivOmx-Y0U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:6c:70:92:08:d8:46:b2:b9:ad:db:f7:1b:69:2f:90:9a:5a:
fc:58:f0:06:b3:64:a8:84:5e:db:b3:5a:57:a0:ff:d5:75:59:
68:1b:34:12:38:46:16:b6:dc:4f:0e:22:c2:07:43:6b:e2:e7:
4f:c1:2a:18:f1:5b:9a:83:cd:dc:08:74:30:12:7a:59:4e:a7:
5f:47:dd:e5:00:02:6b:93:c7:30:7d:65:6a:aa:18:c5:9f:41:
cb:06:ce:6e:a2:9f:e4:ec:e1:57:d6:c8:7e:be:a1:a5:1c:f6:
66:dd:19:a7:dd:28:2d:2c:de:01:f1:48:07:b2:3a:85:e7:5e:
b4:61:f0:8d:73:85:d2:d5:c2:d7:c6:80:c0:18:19:08:a1:97:
ab:59:dd:79:86:82:5a:82:8d:3c:bd:f8:82:e8:fe:48:3f:9a:
97:d4:be:1f:3b:79:d9:7e:51:d4:0e:f7:2b:5b:71:8d:07:ef:
5f:52:14:70:a0:a7:79:f7:f1:5b:18:5a:8c:4c:5b:d7:fa:1e:
b2:b0:56:1f:fc:d3:fc:58:76:bd:b2:10:a3:57:92:4e:be:03:
9b:d1:e3:2d:44:73:aa:95:c0:4e:4d:95:b6:9a:cb:36:17:4c:
aa:27:b4:61:a5:0e:5c:a2:53:60:86:50:7d:9b:ed:9d:42:6b:
12:fc:f3:dd
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQD4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
NTUyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZFQzk1NDgzNkJGMDNE
MjlEQzM5RUU4MUVFRjhBRjNBNkM3RTYzNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDenznIxi8K8Pn+x2QKs1htvBW9FpUNHvQk5VaJEa/0LUCh2nRw
w6mDkukMcHzyaXCAxqCaqhWHYx4Twguemc2/y3wRW4xtlTK2khaQ86E1fy/crm22
1Vi5+51U05tT0LNsj0nneXBD6AgvpOzyj6EHkELwLwB0FnEF4vrho2gqL/HjTHDv
tMEKp3oXWakB+ZB8bqUSfNVVIb9fvFgB/3vxal/qZsUgrJHaNEP81PSjyUo3UyAF
aBY47GIzdtqORmJAf/X+URc5X0LLT9xlIPoKgLdd9qOiZjyRvFrGn8sKgr0SWo3+
4Ofb2aJSxCWf8G3X1VHiu+EeVUlMB2uZUwPlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUbslUg2vwPSncOe6B7vivOmx+Y0UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JzbFVnMnZ3UFNuY09l
NkI3dml2T214LVkwVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAOGxwkgjYRrK5rdv3G2kvkJpa/FjwBrNk
qIRe27NaV6D/1XVZaBs0EjhGFrbcTw4iwgdDa+LnT8EqGPFbmoPN3Ah0MBJ6WU6n
X0fd5QACa5PHMH1laqoYxZ9BywbObqKf5OzhV9bIfr6hpRz2Zt0Zp90oLSzeAfFI
B7I6hedetGHwjXOF0tXC18aAwBgZCKGXq1ndeYaCWoKNPL34guj+SD+al9S+Hzt5
2X5R1A73K1txjQfvX1IUcKCneffxWxhajExb1/oesrBWH/zT/Fh2vbIQo1eSTr4D
m9HjLURzqpXATk2VtprLNhdMqie0YaUOXKJTYIZQfZvtnUJrEvzz3Q==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:38 2025 by rpki-client