Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YP7xzrXfxt0mGpGjmbil0j7KFt4.roa
File: YP7xzrXfxt0mGpGjmbil0j7KFt4.roa (raw, json)
Hash identifier: 1d2hIcApYhYpUQw4txGdeNjqcs4rYSkpLUNk1GdbF5k=
Subject key identifier: 60:FE:F1:CE:B5:DF:C6:DD:26:1A:91:A3:99:B8:A5:D2:3E:CA:16:DE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A0E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YP7xzrXfxt0mGpGjmbil0j7KFt4.roa
Signing time: Fri 05 Apr 2024 23:52:53 +0000
ROA not before: Fri 05 Apr 2024 23:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14862 (0x3a0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 23:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=60FEF1CEB5DFC6DD261A91A399B8A5D23ECA16DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ee:fa:0c:69:a2:f7:09:f1:70:36:91:a9:f8:
0a:49:c0:7f:58:0c:91:66:eb:c3:db:65:ff:03:09:
31:66:f6:ad:58:be:f8:45:45:91:9e:14:4a:2b:e4:
8a:33:49:e8:64:30:03:d4:02:b8:05:a7:ef:9f:99:
4f:0d:36:53:d9:da:50:0e:87:34:e6:1c:92:8d:02:
5d:97:e8:b3:ad:b8:a4:85:95:28:81:e2:05:1a:82:
49:36:75:55:ee:59:73:be:3c:02:01:f0:75:9f:b8:
e8:5f:e6:62:a8:9c:87:51:d7:01:13:d8:31:ed:71:
1f:de:2f:a6:73:a3:9e:cc:72:1d:ce:33:ff:0d:36:
56:13:9c:8b:53:b7:dd:79:77:8e:54:f3:21:f3:01:
f6:dd:9a:46:02:a8:b8:41:ef:9d:9a:e9:1a:cc:bc:
70:e2:45:bc:d6:e9:7f:52:e7:7a:9f:a0:e8:35:35:
c1:ab:8a:60:02:c4:7c:e8:81:1f:2f:da:7a:a1:0b:
7e:4b:30:90:f2:a2:c5:1e:75:2c:34:e1:10:e7:1b:
d6:3a:23:26:a9:7b:fd:05:af:07:2e:5b:11:4d:15:
aa:f7:89:b9:57:9b:09:c5:1c:a1:80:80:67:64:b4:
1d:91:5c:30:5f:da:a5:8b:31:69:47:b7:6b:d8:96:
a4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FE:F1:CE:B5:DF:C6:DD:26:1A:91:A3:99:B8:A5:D2:3E:CA:16:DE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YP7xzrXfxt0mGpGjmbil0j7KFt4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:a2:0f:a5:29:27:e9:26:05:30:e5:67:2d:93:8b:29:8d:71:
f1:da:d4:bd:86:2a:eb:c7:2b:ee:63:6e:30:e3:8e:37:56:04:
b0:e5:13:08:ce:d9:fa:eb:67:50:d7:c5:2c:74:c4:81:7f:24:
e4:26:3b:65:66:9e:69:9e:09:6e:74:12:bb:b6:0d:d9:bf:af:
00:05:f3:3d:3b:8d:62:3c:6a:53:25:14:4e:89:25:c9:3c:a2:
77:3d:43:15:6e:62:86:50:89:11:77:9d:58:34:06:33:cb:a6:
49:48:e9:c7:cf:66:0c:41:92:a2:f4:4d:68:83:0c:32:9a:17:
cb:3c:87:2c:60:cc:5a:ae:50:54:ba:9d:41:a3:58:18:f9:f0:
02:6c:8e:ba:c7:c2:bc:4e:7f:2f:39:52:34:f2:80:1b:48:0c:
5b:e5:2b:ed:49:f6:8b:bd:6d:7e:76:f1:3d:9c:38:12:31:05:
b7:bb:57:96:f4:32:bb:87:76:aa:c0:ed:6c:5f:45:ca:76:08:
2e:34:7f:59:08:12:51:24:48:41:be:fe:98:09:6e:58:6f:b5:
4f:b9:7b:e1:3d:ab:8a:b9:32:69:aa:76:de:dd:ae:85:c0:09:
47:83:e7:2e:a8:5b:77:1c:2a:c9:89:22:2c:52:34:73:93:5b:
e4:73:4f:71
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOg4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUy
MzUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwRkVGMUNFQjVERkM2
REQyNjFBOTFBMzk5QjhBNUQyM0VDQTE2REUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC17voMaaL3CfFwNpGp+ApJwH9YDJFm68PbZf8DCTFm9q1YvvhF
RZGeFEor5IozSehkMAPUArgFp++fmU8NNlPZ2lAOhzTmHJKNAl2X6LOtuKSFlSiB
4gUagkk2dVXuWXO+PAIB8HWfuOhf5mKonIdR1wET2DHtcR/eL6Zzo57Mch3OM/8N
NlYTnItTt915d45U8yHzAfbdmkYCqLhB752a6RrMvHDiRbzW6X9S53qfoOg1NcGr
imACxHzogR8v2nqhC35LMJDyosUedSw04RDnG9Y6Iyape/0FrwcuWxFNFar3iblX
mwnFHKGAgGdktB2RXDBf2qWLMWlHt2vYlqTTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYP7xzrXfxt0mGpGjmbil0j7KFt4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lQN3h6clhmeHQwbUdw
R2ptYmlsMGo3S0Z0NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAJqIPpSkn6SYFMOVnLZOLKY1x8drUvYYq
68cr7mNuMOOON1YEsOUTCM7Z+utnUNfFLHTEgX8k5CY7ZWaeaZ4JbnQSu7YN2b+v
AAXzPTuNYjxqUyUUToklyTyidz1DFW5ihlCJEXedWDQGM8umSUjpx89mDEGSovRN
aIMMMpoXyzyHLGDMWq5QVLqdQaNYGPnwAmyOusfCvE5/LzlSNPKAG0gMW+Ur7Un2
i71tfnbxPZw4EjEFt7tXlvQyu4d2qsDtbF9FynYILjR/WQgSUSRIQb7+mAluWG+1
T7l74T2rirkyaap23t2uhcAJR4PnLqhbdxwqyYkiLFI0c5Nb5HNPcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org