Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YMbQ5QTpbLXk_DyGtTpj9oA74PY.roa
File: YMbQ5QTpbLXk_DyGtTpj9oA74PY.roa (raw, json)
Hash identifier: XvQQL7hoU/YaY/7uIquk7AswpbD3VrUysgnYpKbHWZk=
Subject key identifier: 60:C6:D0:E5:04:E9:6C:B5:E4:FC:3C:86:B5:3A:63:F6:80:3B:E0:F6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3502
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YMbQ5QTpbLXk_DyGtTpj9oA74PY.roa
Signing time: Sat 30 Mar 2024 06:22:08 +0000
ROA not before: Sat 30 Mar 2024 06:22:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13570 (0x3502)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 06:22:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=60C6D0E504E96CB5E4FC3C86B53A63F6803BE0F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ed:7b:7d:3d:4e:fb:af:bc:c2:1c:bd:50:da:
a4:9a:1a:31:c0:70:8a:00:98:ff:59:61:60:74:82:
fb:14:3e:c4:23:54:a5:34:b8:80:ce:6c:c5:cb:c4:
f6:b3:40:79:97:e3:25:ec:cd:fd:9a:93:dd:20:ce:
ad:43:d0:f5:65:f1:fc:ee:b9:6a:e9:71:54:dd:3b:
d5:27:63:70:d8:b6:62:b5:3c:c6:b2:71:8a:6e:b8:
26:81:5c:9b:e3:79:fa:c7:fc:46:85:1a:aa:3b:9f:
40:4f:4c:9e:37:fc:d2:2e:c5:fc:65:d1:38:49:e9:
0d:ab:e6:92:4b:fb:78:1c:23:c1:17:d9:bb:68:fa:
13:b5:62:ed:56:de:dd:3a:12:89:1f:3d:90:fa:fd:
b1:10:a0:5f:bb:e5:6c:ff:08:23:80:80:03:43:e9:
e3:59:0b:b3:ff:4a:0b:86:80:0e:52:bb:ef:18:7f:
67:d9:e7:a3:48:ff:54:9f:1e:79:b5:74:84:f1:68:
4d:1b:fa:3d:2d:dc:af:a0:b4:c7:2b:33:ee:b5:71:
c2:09:f4:a0:16:3a:64:af:98:30:91:31:c2:24:c4:
d2:2c:7f:be:98:68:4c:e2:0a:09:28:76:e9:53:bf:
03:6e:50:aa:26:b3:38:64:03:7e:9d:43:15:35:74:
4e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C6:D0:E5:04:E9:6C:B5:E4:FC:3C:86:B5:3A:63:F6:80:3B:E0:F6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YMbQ5QTpbLXk_DyGtTpj9oA74PY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:6e:12:cc:cf:5f:6c:12:3f:10:08:b0:1a:f4:a9:14:19:32:
80:ad:42:86:d0:5b:58:e3:c1:39:cd:e4:ca:1f:87:b6:76:7d:
8a:c6:d2:13:b4:c1:6c:ce:08:5c:b5:c4:01:ac:8e:81:eb:15:
04:f4:a4:9a:48:e2:be:76:05:76:7f:fa:66:ff:fd:5e:b3:4f:
ed:67:50:17:87:90:93:74:cc:25:92:5c:fa:b5:00:53:b2:5a:
94:f0:eb:82:bc:83:24:3e:09:31:92:0f:65:e0:ef:62:af:42:
79:98:42:08:12:bd:c2:86:60:d5:c7:fd:0f:e2:16:61:a9:6c:
fd:93:c1:9e:59:b2:f5:6a:fd:45:c5:a0:50:9d:f6:57:08:56:
b6:d6:4c:0a:46:8d:e6:48:4c:ab:25:6f:98:6b:e3:15:4c:27:
08:1a:2a:2d:a4:2d:93:40:45:5b:fc:36:b4:53:a0:12:93:4c:
09:fa:13:d1:60:fa:9f:36:a1:1a:6f:57:95:b0:b4:66:25:61:
4a:d6:b0:9c:b8:31:42:f8:ec:00:27:a4:ac:31:18:40:f9:90:
56:fa:2f:e4:36:52:1d:7e:ca:53:ae:7a:0a:d6:4f:dc:6d:c9:
ef:fc:bb:d0:d0:53:e5:e6:e4:67:3f:8b:52:79:76:24:a6:a3:
a7:0f:a8:66
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNQIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
NjIyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwQzZEMEU1MDRFOTZD
QjVFNEZDM0M4NkI1M0E2M0Y2ODAzQkUwRjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs7Xt9PU77r7zCHL1Q2qSaGjHAcIoAmP9ZYWB0gvsUPsQjVKU0
uIDObMXLxPazQHmX4yXszf2ak90gzq1D0PVl8fzuuWrpcVTdO9UnY3DYtmK1PMay
cYpuuCaBXJvjefrH/EaFGqo7n0BPTJ43/NIuxfxl0ThJ6Q2r5pJL+3gcI8EX2bto
+hO1Yu1W3t06EokfPZD6/bEQoF+75Wz/CCOAgAND6eNZC7P/SguGgA5Su+8Yf2fZ
56NI/1SfHnm1dITxaE0b+j0t3K+gtMcrM+61ccIJ9KAWOmSvmDCRMcIkxNIsf76Y
aEziCgkodulTvwNuUKomszhkA36dQxU1dE4zAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYMbQ5QTpbLXk/DyGtTpj9oA74PYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lNYlE1UVRwYkxYa19E
eUd0VHBqOW9BNzRQWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEASG4SzM9fbBI/EAiwGvSpFBkygK1ChtBb
WOPBOc3kyh+HtnZ9isbSE7TBbM4IXLXEAayOgesVBPSkmkjivnYFdn/6Zv/9XrNP
7WdQF4eQk3TMJZJc+rUAU7JalPDrgryDJD4JMZIPZeDvYq9CeZhCCBK9woZg1cf9
D+IWYals/ZPBnlmy9Wr9RcWgUJ32VwhWttZMCkaN5khMqyVvmGvjFUwnCBoqLaQt
k0BFW/w2tFOgEpNMCfoT0WD6nzahGm9XlbC0ZiVhStawnLgxQvjsACekrDEYQPmQ
Vvov5DZSHX7KU656CtZP3G3J7/y70NBT5ebkZz+LUnl2JKajpw+oZg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:11 2025 by rpki-client