Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YQ2cvYNSrcjXOZbus3LDCEp-4Ak.roa
File: YQ2cvYNSrcjXOZbus3LDCEp-4Ak.roa (raw, json)
Hash identifier: bg4h44DKjI4uxOb/jeD1lS6RRQP1/gvD+OmIwPU9H8M=
Subject key identifier: 61:0D:9C:BD:83:52:AD:C8:D7:39:96:EE:B3:72:C3:08:4A:7E:E0:09
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3906
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YQ2cvYNSrcjXOZbus3LDCEp-4Ak.roa
Signing time: Thu 04 Apr 2024 14:52:24 +0000
ROA not before: Thu 04 Apr 2024 14:52:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14598 (0x3906)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 14:52:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=610D9CBD8352ADC8D73996EEB372C3084A7EE009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:25:75:96:3a:08:e3:38:ce:36:66:ed:09:b2:
4e:07:4c:32:89:b9:22:56:2e:90:e5:80:87:31:c9:
36:f6:45:3a:be:80:85:08:44:57:95:9c:6d:9c:e9:
33:fe:95:0d:e1:80:a8:8c:69:38:d0:c6:d2:c5:95:
e4:58:f6:29:41:2c:21:9f:6f:72:b2:e9:80:40:20:
10:08:a2:6c:25:bb:ac:fa:5f:8b:a9:0a:11:72:e4:
6b:f5:70:57:76:25:60:a6:21:b6:a5:44:27:1a:43:
2c:22:1d:8e:2a:9c:73:27:96:18:c4:64:84:8d:b6:
1c:1e:92:bd:90:36:11:91:dd:57:54:fb:3b:c3:e7:
17:e5:6e:d6:b3:32:b7:a2:51:cd:fc:de:ea:e8:45:
81:3f:6f:0f:18:17:85:cc:a5:84:aa:ae:9d:7f:74:
f3:c4:e5:33:9f:2f:50:9d:48:3b:e2:fd:0d:38:3c:
4a:78:42:c8:4c:83:d5:ca:6b:79:20:a0:2f:c0:ff:
d7:32:7d:de:35:ad:80:44:c9:b8:04:20:a7:f3:93:
4e:4c:43:82:07:b8:85:de:1e:c2:9a:73:23:70:68:
30:c3:42:de:40:a2:e5:7f:7e:36:96:45:b3:86:b1:
b6:4c:3f:74:de:2d:78:c7:4c:c1:80:6e:95:af:30:
9d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:0D:9C:BD:83:52:AD:C8:D7:39:96:EE:B3:72:C3:08:4A:7E:E0:09
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YQ2cvYNSrcjXOZbus3LDCEp-4Ak.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
60:2a:7e:ec:9e:c5:eb:76:3e:df:31:b3:1b:b2:53:7e:7d:14:
7b:5d:7e:5e:b3:86:f2:ce:3e:58:9b:f2:8a:60:ba:e6:d3:dc:
47:77:f8:14:2a:f0:88:f6:8b:7a:1a:03:b4:45:8f:e1:73:20:
06:ec:8e:74:5c:4a:89:82:56:c9:38:63:b3:a3:20:15:9d:eb:
97:54:46:de:d0:11:fd:3a:b6:6e:35:5b:7b:8d:8b:36:b3:c8:
51:08:49:dc:16:06:4e:c4:33:f4:1f:e3:17:c2:f3:4d:9f:a3:
5b:a4:24:11:2c:ae:4b:81:9e:7b:b5:62:64:8b:80:94:20:2c:
ef:dc:30:01:78:a5:cb:57:b5:1a:e8:7f:3a:d0:8e:ef:2b:64:
9d:83:8a:1a:73:a9:45:a3:75:e4:89:85:ef:20:b2:77:56:7e:
18:7b:b8:1c:e6:04:92:94:0a:fc:10:83:97:20:06:86:6d:48:
f0:1d:38:5a:f6:34:b9:7b:59:58:95:60:83:a9:57:9e:88:51:
11:c3:be:64:96:80:3e:40:40:56:73:a6:4d:fb:5d:73:cc:0a:
d3:3d:20:88:40:84:87:8d:7c:cf:63:44:f1:68:94:09:b9:f9:
c7:9a:96:2e:07:42:8e:56:d9:5f:c0:20:fd:ae:ff:e6:59:e2:
5f:74:04:cd
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOQYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQx
NDUyMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxMEQ5Q0JEODM1MkFE
QzhENzM5OTZFRUIzNzJDMzA4NEE3RUUwMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6JXWWOgjjOM42Zu0Jsk4HTDKJuSJWLpDlgIcxyTb2RTq+gIUI
RFeVnG2c6TP+lQ3hgKiMaTjQxtLFleRY9ilBLCGfb3Ky6YBAIBAIomwlu6z6X4up
ChFy5Gv1cFd2JWCmIbalRCcaQywiHY4qnHMnlhjEZISNthwekr2QNhGR3VdU+zvD
5xflbtazMreiUc383uroRYE/bw8YF4XMpYSqrp1/dPPE5TOfL1CdSDvi/Q04PEp4
QshMg9XKa3kgoC/A/9cyfd41rYBEybgEIKfzk05MQ4IHuIXeHsKacyNwaDDDQt5A
ouV/fjaWRbOGsbZMP3TeLXjHTMGAbpWvMJ0LAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYQ2cvYNSrcjXOZbus3LDCEp+4AkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lRMmN2WU5TcmNqWE9a
YnVzM0xEQ0VwLTRBay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAYCp+7J7F63Y+3zGzG7JTfn0Ue11+XrOG
8s4+WJvyimC65tPcR3f4FCrwiPaLehoDtEWP4XMgBuyOdFxKiYJWyThjs6MgFZ3r
l1RG3tAR/Tq2bjVbe42LNrPIUQhJ3BYGTsQz9B/jF8LzTZ+jW6QkESyuS4Gee7Vi
ZIuAlCAs79wwAXily1e1Guh/OtCO7ytknYOKGnOpRaN15ImF7yCyd1Z+GHu4HOYE
kpQK/BCDlyAGhm1I8B04WvY0uXtZWJVgg6lXnohREcO+ZJaAPkBAVnOmTftdc8wK
0z0giECEh418z2NE8WiUCbn5x5qWLgdCjlbZX8Ag/a7/5lniX3QEzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:50 2024 by rpki-client on console-ams.rpki-client.org