Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YQDXHSir_Dfa25QNq60y_L61E68.roa
File: YQDXHSir_Dfa25QNq60y_L61E68.roa (raw, json)
Hash identifier: BPkduhLxSjSZ+aN+pzprocwJgR+UILTdEblM46ZzN7c=
Subject key identifier: 61:00:D7:1D:28:AB:FC:37:DA:DB:94:0D:AB:AD:32:FC:BE:B5:13:AF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 491D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YQDXHSir_Dfa25QNq60y_L61E68.roa
Signing time: Fri 26 Apr 2024 01:53:21 +0000
ROA not before: Fri 26 Apr 2024 01:53:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18717 (0x491d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 01:53:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6100D71D28ABFC37DADB940DABAD32FCBEB513AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:62:36:5c:6b:f4:82:10:f0:de:2e:2d:0d:3e:
c3:4b:6b:fb:a0:89:6c:d4:61:d1:7e:52:05:6c:09:
a1:96:40:c3:2d:34:b7:70:9e:d9:27:c0:90:41:e7:
27:38:e4:18:db:fd:21:c0:6a:f5:8d:ad:66:b8:83:
1e:cc:af:bc:8b:95:19:d2:f5:35:f4:2e:50:46:42:
5d:63:30:28:e3:e4:fa:50:46:14:79:bf:d9:9b:c1:
6c:3f:20:55:57:77:46:6d:dc:05:87:35:ad:00:01:
3a:07:21:99:d5:eb:3b:63:11:7d:96:78:18:ed:61:
a4:80:e6:e8:fe:b8:02:d5:84:6b:07:0e:bb:fd:35:
28:c5:d2:82:09:69:dd:cd:33:1c:fa:d6:29:53:8c:
e9:bb:65:7c:72:91:28:74:b4:99:5c:2b:49:30:40:
f1:cf:f3:f5:de:17:d4:ef:61:be:9c:fd:64:ee:5e:
4b:fe:20:fa:52:e4:06:d9:a5:a0:6a:08:0b:a7:f7:
2f:c2:da:c6:9a:81:d5:72:1c:91:f4:95:ba:eb:05:
f3:83:43:53:7d:cf:8f:68:f9:9d:0a:17:0c:01:93:
d7:ad:b1:ed:92:3f:d8:4d:f3:56:34:2e:1d:ad:21:
79:69:fd:c6:41:57:9a:8b:87:14:75:8a:47:f3:49:
33:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:00:D7:1D:28:AB:FC:37:DA:DB:94:0D:AB:AD:32:FC:BE:B5:13:AF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YQDXHSir_Dfa25QNq60y_L61E68.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
63:aa:2f:7d:2c:99:83:40:5b:1e:09:ee:ef:a8:2c:a7:89:02:
54:fd:e6:a1:29:93:18:35:b6:f8:35:12:e6:05:4b:52:8c:38:
ce:7c:4c:67:ba:f3:fc:64:16:89:85:34:9f:1c:40:00:a9:f7:
4a:ed:f5:d7:87:12:14:54:24:b2:88:70:7d:5c:a9:49:0b:40:
06:50:b9:68:ea:ab:0d:c8:7a:2d:87:44:e6:55:80:60:81:45:
64:f8:ee:d1:53:45:ae:24:1a:e0:ba:2b:56:20:c9:68:e6:a9:
3b:35:07:22:f0:e1:b8:1e:66:97:7c:5d:f9:a5:89:f2:c1:5b:
90:05:1d:37:27:04:6d:8e:a3:93:0f:91:dd:06:44:81:21:62:
f2:27:3a:61:58:32:13:e3:9b:50:d2:ad:51:7e:b9:2c:60:3a:
73:1b:f0:3c:29:30:51:75:22:90:eb:50:c4:fe:99:46:8d:09:
1b:d2:c5:b6:78:d1:a1:3b:e3:96:48:b8:a7:61:7e:31:72:97:
02:d9:e5:43:17:95:1a:e1:b5:4e:65:d9:84:f4:7d:84:dd:fe:
54:c8:c8:4a:3b:bc:04:15:ad:d4:da:ea:ac:e2:cf:7e:83:80:
39:fe:9f:ab:bf:4b:56:1b:65:99:8c:aa:9f:99:9f:1b:47:02:
03:e1:49:02
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYw
MTUzMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxMDBENzFEMjhBQkZD
MzdEQURCOTQwREFCQUQzMkZDQkVCNTEzQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwYjZca/SCEPDeLi0NPsNLa/ugiWzUYdF+UgVsCaGWQMMtNLdw
ntknwJBB5yc45Bjb/SHAavWNrWa4gx7Mr7yLlRnS9TX0LlBGQl1jMCjj5PpQRhR5
v9mbwWw/IFVXd0Zt3AWHNa0AAToHIZnV6ztjEX2WeBjtYaSA5uj+uALVhGsHDrv9
NSjF0oIJad3NMxz61ilTjOm7ZXxykSh0tJlcK0kwQPHP8/XeF9TvYb6c/WTuXkv+
IPpS5AbZpaBqCAun9y/C2saagdVyHJH0lbrrBfODQ1N9z49o+Z0KFwwBk9etse2S
P9hN81Y0Lh2tIXlp/cZBV5qLhxR1ikfzSTNDAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUYQDXHSir/Dfa25QNq60y/L61E68wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lRRFhIU2lyX0RmYTI1
UU5xNjB5X0w2MUU2OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGOqL30smYNAWx4J
7u+oLKeJAlT95qEpkxg1tvg1EuYFS1KMOM58TGe68/xkFomFNJ8cQACp90rt9deH
EhRUJLKIcH1cqUkLQAZQuWjqqw3Iei2HROZVgGCBRWT47tFTRa4kGuC6K1YgyWjm
qTs1ByLw4bgeZpd8XfmlifLBW5AFHTcnBG2Oo5MPkd0GRIEhYvInOmFYMhPjm1DS
rVF+uSxgOnMb8DwpMFF1IpDrUMT+mUaNCRvSxbZ40aE745ZIuKdhfjFylwLZ5UMX
lRrhtU5l2YT0fYTd/lTIyEo7vAQVrdTa6qziz36DgDn+n6u/S1YbZZmMqp+ZnxtH
AgPhSQI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:26 2025 by rpki-client