Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YFNArQVYQSj7rBO7FS9f1pOaqCc.roa
File: YFNArQVYQSj7rBO7FS9f1pOaqCc.roa (raw, json)
Hash identifier: X8BZrJv71pWsXvz+GexPPRJzha7oZhT2UKgzk8b78wU=
Subject key identifier: 60:53:40:AD:05:58:41:28:FB:AC:13:BB:15:2F:5F:D6:93:9A:A8:27
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4939
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YFNArQVYQSj7rBO7FS9f1pOaqCc.roa
Signing time: Fri 26 Apr 2024 05:23:20 +0000
ROA not before: Fri 26 Apr 2024 05:23:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18745 (0x4939)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 05:23:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=605340AD05584128FBAC13BB152F5FD6939AA827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:81:f1:58:ca:3e:8b:7e:b4:2b:83:b8:e5:3c:
cc:8f:95:42:bc:88:a6:f1:fa:00:8f:72:5b:ba:05:
51:de:a6:76:cd:64:b9:09:eb:28:5f:26:0f:1c:33:
87:19:5a:f4:d4:55:8c:ca:cc:f6:b7:f3:3a:7f:25:
87:90:c2:3f:56:46:dc:71:f5:8a:44:74:5b:07:e1:
96:0e:de:ce:83:13:34:cf:b7:84:e1:21:b1:8e:19:
68:0d:d8:25:2c:01:56:f1:09:97:c5:e3:be:01:96:
8d:94:20:b6:73:c7:8b:d2:c6:42:06:7e:90:0a:ed:
fa:df:7b:7c:75:26:02:d7:7c:58:66:fb:7b:56:1b:
d3:c5:c1:33:bc:72:2d:c6:12:3c:c2:05:81:ee:6c:
96:86:aa:db:b8:d5:04:5d:6c:e3:fb:7b:f0:cb:63:
bc:0c:09:a4:e9:ac:88:f6:9c:51:37:7c:aa:d0:9f:
b2:53:76:40:f9:eb:e7:14:e9:2f:76:29:3a:36:90:
13:fb:3d:7e:b6:96:7b:26:f1:5a:af:2c:fe:43:a9:
3e:62:cd:fd:89:48:7c:a6:06:6e:13:dd:81:ca:00:
72:e2:60:c1:fa:7c:f3:f0:c3:8e:6b:45:70:d5:30:
5e:e9:c2:f2:1c:18:32:af:9b:63:6b:c3:3e:76:08:
97:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:53:40:AD:05:58:41:28:FB:AC:13:BB:15:2F:5F:D6:93:9A:A8:27
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YFNArQVYQSj7rBO7FS9f1pOaqCc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5c:ba:bd:8d:8a:87:6e:be:94:8a:93:3a:68:e8:67:5c:df:25:
1b:ff:28:c1:32:7d:6e:9e:9d:d7:15:79:70:b2:fe:31:ef:d4:
05:4e:2e:ee:86:cf:6e:6e:29:b3:2c:b1:b4:ba:75:28:1b:1d:
1c:c6:3f:99:93:ed:5c:f0:f2:46:38:bf:4e:94:2f:e3:96:d7:
47:f9:5a:93:ad:53:78:8a:4f:3d:5c:e6:5c:d9:a6:ef:7c:76:
28:ab:09:bd:51:de:83:d5:a1:db:96:ea:8d:de:73:a5:6a:4a:
f6:d7:52:71:6d:c1:e8:c1:be:f9:11:7d:53:89:b0:f6:7e:69:
fa:be:83:e5:fd:c2:05:cb:f0:b6:b9:3a:fa:9f:ad:a5:c6:ee:
eb:28:62:b8:e7:4f:bb:5a:ea:7c:7d:98:70:ba:ea:14:d0:32:
68:97:3a:f0:40:87:dc:f4:80:ca:07:09:d2:0e:e2:ae:65:d8:
d3:b1:f2:73:71:19:2f:58:05:82:d2:e5:e4:75:cf:e6:0d:98:
32:05:a8:da:fc:07:3b:43:8b:0c:49:0d:52:78:bc:d9:ff:c3:
f7:9d:c8:a3:19:2e:bf:f3:11:f3:74:57:08:02:22:e3:7a:98:
06:28:da:32:3f:71:93:96:4c:ba:b4:1e:b6:35:71:3f:34:da:
f0:98:9d:66
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSTkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYw
NTIzMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwNTM0MEFEMDU1ODQx
MjhGQkFDMTNCQjE1MkY1RkQ2OTM5QUE4MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmgfFYyj6LfrQrg7jlPMyPlUK8iKbx+gCPclu6BVHepnbNZLkJ
6yhfJg8cM4cZWvTUVYzKzPa38zp/JYeQwj9WRtxx9YpEdFsH4ZYO3s6DEzTPt4Th
IbGOGWgN2CUsAVbxCZfF474Blo2UILZzx4vSxkIGfpAK7frfe3x1JgLXfFhm+3tW
G9PFwTO8ci3GEjzCBYHubJaGqtu41QRdbOP7e/DLY7wMCaTprIj2nFE3fKrQn7JT
dkD56+cU6S92KTo2kBP7PX62lnsm8VqvLP5DqT5izf2JSHymBm4T3YHKAHLiYMH6
fPPww45rRXDVMF7pwvIcGDKvm2Nrwz52CJfTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUYFNArQVYQSj7rBO7FS9f1pOaqCcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lGTkFyUVZZUVNqN3JC
TzdGUzlmMXBPYXFDYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFy6vY2Kh26+lIqT
OmjoZ1zfJRv/KMEyfW6endcVeXCy/jHv1AVOLu6Gz25uKbMssbS6dSgbHRzGP5mT
7Vzw8kY4v06UL+OW10f5WpOtU3iKTz1c5lzZpu98diirCb1R3oPVoduW6o3ec6Vq
SvbXUnFtwejBvvkRfVOJsPZ+afq+g+X9wgXL8La5OvqfraXG7usoYrjnT7ta6nx9
mHC66hTQMmiXOvBAh9z0gMoHCdIO4q5l2NOx8nNxGS9YBYLS5eR1z+YNmDIFqNr8
BztDiwxJDVJ4vNn/w/edyKMZLr/zEfN0VwgCIuN6mAYo2jI/cZOWTLq0HrY1cT80
2vCYnWY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:20 2025 by rpki-client