Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YQCwd4_bHBNLhuyNTJT-YuYs7xI.roa
File: YQCwd4_bHBNLhuyNTJT-YuYs7xI.roa (raw, json)
Hash identifier: lmyFbyT9hEKOWk/pfjk1lN/n33Fn7vz1LXTsSbZmTok=
Subject key identifier: 61:00:B0:77:8F:DB:1C:13:4B:86:EC:8D:4C:94:FE:62:E6:2C:EF:12
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B9A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YQCwd4_bHBNLhuyNTJT-YuYs7xI.roa
Signing time: Mon 08 Apr 2024 01:22:33 +0000
ROA not before: Mon 08 Apr 2024 01:22:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15258 (0x3b9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 01:22:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6100B0778FDB1C134B86EC8D4C94FE62E62CEF12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:56:af:d1:24:e0:69:e1:45:70:60:e2:fd:48:
03:d3:1a:6f:bd:e8:00:a3:5b:41:c8:ea:79:22:84:
4d:88:fd:57:a8:ea:43:96:78:94:dd:e0:6c:8f:90:
00:1e:0b:6f:ea:c9:b5:70:ff:d4:a6:bb:dc:ad:fe:
ee:91:4f:46:65:80:7f:53:e1:d7:35:25:37:0a:46:
69:75:36:af:35:2f:56:f0:be:3c:ba:14:b3:9b:78:
c7:1b:5b:a3:85:86:ee:17:f7:ad:1a:34:bd:33:5a:
82:85:aa:50:d3:0a:cc:80:eb:31:d9:b2:f2:58:5b:
b5:cb:d3:07:8b:9d:2d:ae:93:b6:33:d1:0f:41:c7:
c7:19:b2:2f:28:a6:69:45:f5:0d:3d:09:95:fb:28:
7d:4e:fa:56:14:10:81:02:01:67:a6:1e:56:14:11:
33:68:08:79:5f:9e:49:48:e7:4e:df:ae:ba:c0:c6:
95:04:67:11:4f:0f:97:0f:40:89:15:ac:21:ca:4e:
30:06:88:a1:d3:5a:12:e8:d3:ff:af:e2:ef:cc:8a:
cb:2a:8e:2b:7f:be:1f:3e:72:e7:9b:c3:7e:01:7e:
74:4b:4d:b1:95:b2:a8:87:d3:aa:63:ef:7c:88:71:
c5:05:74:10:1d:53:5a:56:91:ed:a4:3a:f1:4b:70:
6b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:00:B0:77:8F:DB:1C:13:4B:86:EC:8D:4C:94:FE:62:E6:2C:EF:12
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YQCwd4_bHBNLhuyNTJT-YuYs7xI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:b6:b4:f5:a7:74:52:a4:3c:e1:cd:b5:f1:fb:94:84:bb:4d:
1d:e0:db:a4:0e:b0:5c:e5:73:ec:8c:9f:0e:b7:2a:3b:9c:e5:
53:60:12:20:4b:ff:f9:ca:ea:bd:80:58:10:b1:83:e0:b9:e0:
5f:44:b3:24:bc:80:b7:1e:99:9f:6a:34:aa:cb:1c:48:2c:93:
51:d6:74:a5:94:d7:16:0f:dd:1f:8f:c2:e5:d6:52:d7:74:72:
bc:c6:42:37:51:9d:33:23:34:b4:8f:7d:e6:d7:9d:73:4f:9d:
53:fe:ae:78:e3:a3:4b:66:59:3b:96:46:66:f7:d1:00:d4:5c:
0f:09:22:35:12:9d:d3:e7:58:1b:5b:36:c8:46:8c:00:0f:64:
c5:f2:cf:a8:b2:93:2e:78:1f:2d:e4:b3:5c:69:6f:39:d0:56:
d4:01:0f:d9:2f:6d:74:91:90:8b:b7:1d:a7:69:af:29:97:cd:
96:bb:82:d8:f1:e3:7f:8f:3b:0f:f2:cf:47:a7:a0:47:74:83:
5e:3e:1c:b1:5f:a9:fe:dd:43:48:6f:41:7e:6c:d6:b3:76:2b:
bf:eb:7f:e0:19:6c:e0:3c:fc:24:53:73:de:cd:7e:37:3d:41:
b4:44:06:72:22:a5:a1:91:45:b9:34:c1:86:43:d9:48:35:4a:
49:10:9d:0f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICO5owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgw
MTIyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxMDBCMDc3OEZEQjFD
MTM0Qjg2RUM4RDRDOTRGRTYyRTYyQ0VGMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgVq/RJOBp4UVwYOL9SAPTGm+96ACjW0HI6nkihE2I/Veo6kOW
eJTd4GyPkAAeC2/qybVw/9Smu9yt/u6RT0ZlgH9T4dc1JTcKRml1Nq81L1bwvjy6
FLObeMcbW6OFhu4X960aNL0zWoKFqlDTCsyA6zHZsvJYW7XL0weLnS2uk7Yz0Q9B
x8cZsi8opmlF9Q09CZX7KH1O+lYUEIECAWemHlYUETNoCHlfnklI507frrrAxpUE
ZxFPD5cPQIkVrCHKTjAGiKHTWhLo0/+v4u/Missqjit/vh8+cuebw34BfnRLTbGV
sqiH06pj73yIccUFdBAdU1pWke2kOvFLcGsnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYQCwd4/bHBNLhuyNTJT+YuYs7xIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lRQ3dkNF9iSEJOTGh1
eU5USlQtWXVZczd4SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAF7a09ad0UqQ84c218fuUhLtNHeDbpA6w
XOVz7IyfDrcqO5zlU2ASIEv/+crqvYBYELGD4LngX0SzJLyAtx6Zn2o0qsscSCyT
UdZ0pZTXFg/dH4/C5dZS13RyvMZCN1GdMyM0tI995tedc0+dU/6ueOOjS2ZZO5ZG
ZvfRANRcDwkiNRKd0+dYG1s2yEaMAA9kxfLPqLKTLngfLeSzXGlvOdBW1AEP2S9t
dJGQi7cdp2mvKZfNlruC2PHjf487D/LPR6egR3SDXj4csV+p/t1DSG9BfmzWs3Yr
v+t/4Bls4Dz8JFNz3s1+Nz1BtEQGciKloZFFuTTBhkPZSDVKSRCdDw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:32 2025 by rpki-client