Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YJIfx_NBY52I_GoCQWyBBEHekZE.roa
File: YJIfx_NBY52I_GoCQWyBBEHekZE.roa (raw, json)
Hash identifier: jHKZ9C0+3r+oz+tQP7ouEvgRV3OKafcjFZjEeW0f4Qo=
Subject key identifier: 60:92:1F:C7:F3:41:63:9D:88:FC:6A:02:41:6C:81:04:41:DE:91:91
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3665
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YJIfx_NBY52I_GoCQWyBBEHekZE.roa
Signing time: Mon 01 Apr 2024 02:52:09 +0000
ROA not before: Mon 01 Apr 2024 02:52:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13925 (0x3665)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 02:52:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=60921FC7F341639D88FC6A02416C810441DE9191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:79:b3:86:d3:a6:0c:01:7e:4c:96:0b:7b:9c:
9a:ea:f2:63:95:6d:29:9c:7d:e5:79:03:88:6e:57:
8b:c8:f4:f7:1e:27:5c:ea:e3:a3:3a:6e:ad:4d:0f:
da:5d:78:4c:a3:a5:28:dc:ad:af:da:e7:dc:7d:fc:
c9:43:cb:e2:8f:c7:31:82:35:7c:90:2a:c4:ff:b0:
04:d4:cd:03:26:1d:0b:96:b0:b3:ce:b3:80:9c:79:
79:4a:45:54:66:7f:6f:53:a0:2b:cf:6c:1f:d6:4b:
5c:1b:d6:de:55:60:d6:0a:93:da:00:c1:4f:42:e0:
cf:60:0b:cb:bc:f1:04:fe:18:53:e8:79:19:5c:d7:
cf:ca:03:e6:ae:9b:11:26:a4:dd:d3:ef:3f:48:8f:
04:4c:14:ff:80:5a:ba:cd:91:6c:4f:82:04:77:cd:
0b:54:2f:8b:ee:49:27:ab:52:e2:74:94:ab:b2:17:
de:0c:d6:fa:9f:c4:69:18:46:d2:c2:ba:cb:bf:75:
5a:db:bf:6e:2a:72:ff:69:13:2a:15:06:dd:94:5f:
3c:e9:93:43:cb:ca:a4:b7:6c:f4:e1:59:49:5b:7e:
84:0a:26:bc:14:c8:aa:85:ed:0f:20:9f:f6:b9:d8:
f0:22:33:cd:5b:83:a6:da:ba:78:99:04:67:f4:d9:
9d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:92:1F:C7:F3:41:63:9D:88:FC:6A:02:41:6C:81:04:41:DE:91:91
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YJIfx_NBY52I_GoCQWyBBEHekZE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
bc:3b:bc:3b:57:65:08:6e:cf:7c:8f:9c:ee:59:35:7f:24:55:
8c:99:28:7d:26:a7:c3:f3:62:8f:1a:86:eb:54:6e:ec:85:63:
73:20:c1:f8:70:4a:ec:91:ea:fc:ae:e1:05:17:4d:3f:ff:30:
2b:3f:20:a4:35:cb:9d:da:2f:d8:72:f7:9e:9d:3e:55:38:28:
04:c3:29:cb:47:ff:3b:d3:ab:a2:a9:f1:67:2c:8e:69:6b:06:
96:75:72:3e:82:07:5a:2b:2b:31:4f:af:6c:7d:6e:58:ad:e4:
14:a1:21:b3:b9:f4:6b:02:1f:3e:54:be:f0:d0:aa:81:a4:92:
dc:d5:c9:63:83:21:83:2a:33:87:aa:7b:0d:d7:a3:8d:da:1e:
31:b6:a4:29:c4:70:b8:19:92:2c:54:95:54:99:63:ad:57:3e:
ed:8c:29:c0:2b:5a:63:2c:cd:68:4a:94:dd:65:63:04:b4:c1:
fb:46:a1:d4:60:64:fd:62:90:4e:bb:1e:39:aa:83:e3:cc:45:
f3:1c:f3:a6:30:42:92:36:7c:6f:9d:56:f1:f9:4c:45:7f:2e:
1a:39:11:0e:79:0a:ec:e8:7a:5a:fa:ef:65:4d:de:59:ca:42:
bb:e7:5d:ba:08:31:5c:6b:bf:d5:d4:61:76:85:9f:3e:2a:ab:
f1:3f:af:25
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNmUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEw
MjUyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwOTIxRkM3RjM0MTYz
OUQ4OEZDNkEwMjQxNkM4MTA0NDFERTkxOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNebOG06YMAX5Mlgt7nJrq8mOVbSmcfeV5A4huV4vI9PceJ1zq
46M6bq1ND9pdeEyjpSjcra/a59x9/MlDy+KPxzGCNXyQKsT/sATUzQMmHQuWsLPO
s4CceXlKRVRmf29ToCvPbB/WS1wb1t5VYNYKk9oAwU9C4M9gC8u88QT+GFPoeRlc
18/KA+aumxEmpN3T7z9IjwRMFP+AWrrNkWxPggR3zQtUL4vuSSerUuJ0lKuyF94M
1vqfxGkYRtLCusu/dVrbv24qcv9pEyoVBt2UXzzpk0PLyqS3bPThWUlbfoQKJrwU
yKqF7Q8gn/a52PAiM81bg6bauniZBGf02Z3DAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUYJIfx/NBY52I/GoCQWyBBEHekZEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lKSWZ4X05CWTUySV9H
b0NRV3lCQkVIZWtaRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALw7vDtXZQhuz3yP
nO5ZNX8kVYyZKH0mp8PzYo8ahutUbuyFY3MgwfhwSuyR6vyu4QUXTT//MCs/IKQ1
y53aL9hy956dPlU4KATDKctH/zvTq6Kp8WcsjmlrBpZ1cj6CB1orKzFPr2x9blit
5BShIbO59GsCHz5UvvDQqoGkktzVyWODIYMqM4eqew3Xo43aHjG2pCnEcLgZkixU
lVSZY61XPu2MKcArWmMszWhKlN1lYwS0wftGodRgZP1ikE67Hjmqg+PMRfMc86Yw
QpI2fG+dVvH5TEV/Lho5EQ55Cuzoelr672VN3lnKQrvnXboIMVxrv9XUYXaFnz4q
q/E/ryU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org