Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YEB8h7ztwp9rczpNXG6peUhL520.roa
File: YEB8h7ztwp9rczpNXG6peUhL520.roa (raw, json)
Hash identifier: M32dwu6dQoNjjmk0xzaIRoJ3IWUlpX3TeHMFjVpeBys=
Subject key identifier: 60:40:7C:87:BC:ED:C2:9F:6B:73:3A:4D:5C:6E:A9:79:48:4B:E7:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55D6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YEB8h7ztwp9rczpNXG6peUhL520.roa
Signing time: Mon 13 May 2024 00:54:12 +0000
ROA not before: Mon 13 May 2024 00:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21974 (0x55d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 00:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=60407C87BCEDC29F6B733A4D5C6EA979484BE76D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:43:f0:9e:9b:1f:56:52:f1:b0:a4:ec:fa:cf:
94:c6:f4:91:18:21:fe:f2:80:f4:f8:70:1b:dd:dd:
08:e7:59:34:33:98:7d:72:8f:d5:fd:51:2f:34:9d:
6f:4b:56:44:1f:8a:ed:44:e5:50:25:a7:0e:e0:4c:
9d:aa:72:ed:33:8f:2c:77:28:6f:37:d5:86:5b:9e:
2a:a3:1a:1c:c4:2e:3a:58:b0:87:86:49:cb:41:0b:
22:11:5e:ae:ee:df:00:36:c3:d3:10:35:c2:a0:53:
c8:e4:32:e3:ee:00:3f:be:75:57:ff:d3:f0:e5:e2:
ef:46:0d:c2:09:77:0b:08:c9:58:d3:4b:4e:be:d7:
28:9f:bd:48:ab:10:b9:de:f5:65:84:2b:ec:77:60:
2a:cf:cb:da:ae:59:38:85:20:a8:d6:47:ba:1d:09:
f1:ea:e1:02:76:ca:ad:32:51:09:ba:84:f8:92:fa:
12:f6:ab:37:f3:7b:df:50:f0:b8:af:be:98:bd:fc:
8e:95:dc:3b:3d:96:68:54:3c:c5:8b:eb:ce:33:c6:
98:16:44:47:6e:86:3b:5e:82:ad:17:64:4e:5c:93:
25:0f:28:d8:b3:bf:d5:a1:f5:be:39:6b:9c:d2:37:
8e:f4:3d:b9:b3:76:98:89:59:56:70:d6:d9:61:76:
de:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:40:7C:87:BC:ED:C2:9F:6B:73:3A:4D:5C:6E:A9:79:48:4B:E7:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YEB8h7ztwp9rczpNXG6peUhL520.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:48:74:65:f3:a6:2c:53:74:da:7d:0c:39:9e:8d:3e:5c:fd:
69:6f:80:bc:b4:94:9a:62:2e:d0:d9:f0:b4:c8:42:9c:ef:87:
d0:da:ad:fd:75:0c:1b:14:3f:0b:be:bb:c5:e9:1b:bd:ca:ef:
59:14:55:46:8f:c0:78:de:fc:f9:75:f8:bd:59:8b:98:b5:86:
71:76:f2:9f:ac:f3:d9:db:1d:f3:7c:a3:7f:33:bf:47:6d:fd:
07:dd:19:18:a5:c3:94:f9:77:cf:2b:fb:f7:53:37:36:bf:63:
0c:2e:13:30:1f:c3:b9:6a:1b:33:df:1a:19:a2:23:c0:85:f3:
79:9e:6d:4d:64:25:da:f0:9b:b9:dd:a5:05:0f:a9:27:da:0c:
f1:68:2c:12:de:7e:77:da:5c:0f:6e:5e:40:29:e8:4f:7b:76:
6e:a3:31:30:80:49:e0:1b:cd:73:8a:51:25:0d:52:0e:b7:b0:
7d:6f:9d:da:ac:84:5e:be:26:a5:f7:0f:0d:ad:08:81:65:42:
59:64:6f:a4:03:7d:9f:07:5e:98:d5:73:6b:48:b0:ea:c8:3a:
fc:2b:8b:48:51:c0:2e:b7:33:21:b5:73:6c:ae:12:69:df:3f:
d0:78:9f:d5:88:ca:a4:9a:c9:6f:bc:91:63:4d:42:83:a0:45:
ea:f5:13:2e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVdYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
MDU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwNDA3Qzg3QkNFREMy
OUY2QjczM0E0RDVDNkVBOTc5NDg0QkU3NkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4Q/Cemx9WUvGwpOz6z5TG9JEYIf7ygPT4cBvd3QjnWTQzmH1y
j9X9US80nW9LVkQfiu1E5VAlpw7gTJ2qcu0zjyx3KG831YZbniqjGhzELjpYsIeG
SctBCyIRXq7u3wA2w9MQNcKgU8jkMuPuAD++dVf/0/Dl4u9GDcIJdwsIyVjTS06+
1yifvUirELne9WWEK+x3YCrPy9quWTiFIKjWR7odCfHq4QJ2yq0yUQm6hPiS+hL2
qzfze99Q8Livvpi9/I6V3Ds9lmhUPMWL684zxpgWREduhjtegq0XZE5ckyUPKNiz
v9Wh9b45a5zSN470PbmzdpiJWVZw1tlhdt6xAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYEB8h7ztwp9rczpNXG6peUhL520wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lFQjhoN3p0d3A5cmN6
cE5YRzZwZVVoTDUyMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAOkh0ZfOmLFN02n0MOZ6NPlz9aW+AvLSU
mmIu0NnwtMhCnO+H0Nqt/XUMGxQ/C767xekbvcrvWRRVRo/AeN78+XX4vVmLmLWG
cXbyn6zz2dsd83yjfzO/R239B90ZGKXDlPl3zyv791M3Nr9jDC4TMB/DuWobM98a
GaIjwIXzeZ5tTWQl2vCbud2lBQ+pJ9oM8WgsEt5+d9pcD25eQCnoT3t2bqMxMIBJ
4BvNc4pRJQ1SDrewfW+d2qyEXr4mpfcPDa0IgWVCWWRvpAN9nwdemNVza0iw6sg6
/CuLSFHALrczIbVzbK4Sad8/0Hif1YjKpJrJb7yRY01Cg6BF6vUTLg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:48 2025 by rpki-client