Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YDt7sGlQ2PV4fyuC2rMBtRYm7CI.roa
File: YDt7sGlQ2PV4fyuC2rMBtRYm7CI.roa (raw, json)
Hash identifier: Sh5SNoFEP7uXY4bU4HR9f+GiYx5/os9hy7Sucq+PH2c=
Subject key identifier: 60:3B:7B:B0:69:50:D8:F5:78:7F:2B:82:DA:B3:01:B5:16:26:EC:22
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F6D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YDt7sGlQ2PV4fyuC2rMBtRYm7CI.roa
Signing time: Sat 13 Apr 2024 03:52:52 +0000
ROA not before: Sat 13 Apr 2024 03:52:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16237 (0x3f6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 03:52:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=603B7BB06950D8F5787F2B82DAB301B51626EC22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0b:06:03:aa:14:f5:e4:24:26:5b:09:03:cd:
43:cf:bb:cb:d5:c9:b5:16:28:de:d2:c1:ce:58:5a:
9a:21:85:08:78:e1:b7:40:fa:98:3d:e8:08:7f:14:
95:d7:1d:8c:f8:cf:bd:c8:fb:37:fa:d3:c8:f5:21:
4e:c3:c0:c8:c9:f5:30:c5:53:e6:75:d3:8f:2c:28:
c4:7d:6a:70:10:90:ee:c9:94:3b:1f:88:2a:1c:6c:
8c:94:e0:a0:cd:66:5a:84:9f:4e:4c:c3:11:23:e9:
10:92:bb:43:58:c7:4c:87:56:ff:9c:ca:8e:7a:2c:
85:63:39:e7:4a:1b:ca:93:c4:68:2b:53:d4:29:c8:
b4:e7:9f:28:63:42:ef:55:18:f1:f7:58:2b:2e:40:
54:64:47:52:75:0d:31:31:4b:75:18:91:6b:1b:b4:
dd:60:7c:28:25:a9:8e:fc:00:ca:00:79:57:54:b5:
f2:da:73:9d:55:02:8b:a0:be:e6:fc:eb:c3:0f:a7:
11:5c:66:a7:92:a5:23:95:48:01:f7:4e:1d:f4:01:
a0:b2:91:39:d9:60:e9:7c:dc:a1:f4:92:ac:cc:8a:
fd:e3:ca:33:82:7c:94:0a:d9:52:54:43:b9:23:4e:
bc:90:78:ce:84:c2:94:82:56:01:b4:ac:c3:b1:74:
1b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3B:7B:B0:69:50:D8:F5:78:7F:2B:82:DA:B3:01:B5:16:26:EC:22
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YDt7sGlQ2PV4fyuC2rMBtRYm7CI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
32:06:70:7f:61:54:c4:cb:31:42:82:b1:52:f0:2d:28:32:3a:
3e:1a:a7:cb:71:26:1d:82:99:dc:fb:68:5b:3a:c4:f7:f0:58:
e1:1a:67:cc:9b:52:bc:ad:47:c5:82:dc:8f:ad:48:7e:a8:65:
3b:55:c4:b5:b4:82:60:55:ff:1f:a8:07:e6:b8:37:c7:ab:3b:
a0:03:d2:3c:85:ed:74:ee:68:46:8f:f1:b7:1f:cb:59:80:b9:
c2:31:71:df:58:32:f2:16:f0:d5:26:a9:4f:d1:0a:5a:94:9c:
76:e0:00:4a:4c:61:ee:ad:79:a3:0b:a1:5c:92:d2:28:3d:43:
c4:38:e4:46:02:bb:ae:df:82:9a:67:04:a0:59:63:cb:81:19:
21:be:0f:d2:87:fa:51:1f:c4:68:7b:d5:28:96:90:87:37:60:
bb:d5:1c:5f:e8:7e:f2:89:32:28:02:6c:79:c2:a4:da:34:c1:
83:a6:fb:64:f8:e4:6d:6a:5d:df:2a:1a:8b:e5:f0:e7:41:8c:
62:d1:eb:6d:42:1a:3d:04:df:07:40:2a:6e:91:30:70:70:2a:
71:cf:80:0d:4d:6a:8b:e9:94:1f:ed:38:cb:da:ac:57:b4:c6:
49:97:19:72:89:df:cc:bb:e4:29:fe:fe:1e:f8:b9:39:9e:73:
3a:8e:20:cd
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP20wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMw
MzUyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwM0I3QkIwNjk1MEQ4
RjU3ODdGMkI4MkRBQjMwMUI1MTYyNkVDMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDICwYDqhT15CQmWwkDzUPPu8vVybUWKN7Swc5YWpohhQh44bdA
+pg96Ah/FJXXHYz4z73I+zf608j1IU7DwMjJ9TDFU+Z1048sKMR9anAQkO7JlDsf
iCocbIyU4KDNZlqEn05MwxEj6RCSu0NYx0yHVv+cyo56LIVjOedKG8qTxGgrU9Qp
yLTnnyhjQu9VGPH3WCsuQFRkR1J1DTExS3UYkWsbtN1gfCglqY78AMoAeVdUtfLa
c51VAougvub868MPpxFcZqeSpSOVSAH3Th30AaCykTnZYOl83KH0kqzMiv3jyjOC
fJQK2VJUQ7kjTryQeM6EwpSCVgG0rMOxdBuTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUYDt7sGlQ2PV4fyuC2rMBtRYm7CIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lEdDdzR2xRMlBWNGZ5
dUMyck1CdFJZbTdDSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADIGcH9hVMTLMUKC
sVLwLSgyOj4ap8txJh2Cmdz7aFs6xPfwWOEaZ8ybUrytR8WC3I+tSH6oZTtVxLW0
gmBV/x+oB+a4N8erO6AD0jyF7XTuaEaP8bcfy1mAucIxcd9YMvIW8NUmqU/RClqU
nHbgAEpMYe6teaMLoVyS0ig9Q8Q45EYCu67fgppnBKBZY8uBGSG+D9KH+lEfxGh7
1SiWkIc3YLvVHF/ofvKJMigCbHnCpNo0wYOm+2T45G1qXd8qGovl8OdBjGLR621C
Gj0E3wdAKm6RMHBwKnHPgA1NaovplB/tOMvarFe0xkmXGXKJ38y75Cn+/h74uTme
czqOIM0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:50 2024 by rpki-client on console-ams.rpki-client.org