Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YWqIaTyzjlg81SRDrOx8q91xe8M.roa
File: YWqIaTyzjlg81SRDrOx8q91xe8M.roa (raw, json)
Hash identifier: ExRUrUAsy6C4YDHSaUm76KGJTqgE9lc+mNzmDnDtLWo=
Subject key identifier: 61:6A:88:69:3C:B3:8E:58:3C:D5:24:43:AC:EC:7C:AB:DD:71:7B:C3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34B9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YWqIaTyzjlg81SRDrOx8q91xe8M.roa
Signing time: Fri 29 Mar 2024 21:22:35 +0000
ROA not before: Fri 29 Mar 2024 21:22:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13497 (0x34b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 21:22:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=616A88693CB38E583CD52443ACEC7CABDD717BC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1f:39:0e:18:e9:8b:02:71:e9:15:95:10:3e:
3f:14:34:ac:92:cf:bc:2c:98:01:2e:c9:38:63:44:
06:23:3c:85:45:b3:fe:59:96:d0:79:b2:d4:c6:e7:
9d:46:7c:05:d3:2f:75:77:46:a9:89:c3:e7:60:47:
64:26:b0:3a:14:3f:60:40:a5:92:35:8d:52:1d:fe:
cb:41:48:f5:cc:f3:c6:22:c1:02:5b:cc:bb:6f:0c:
62:5f:15:81:3e:b5:a8:5c:08:37:9f:90:d3:02:30:
56:6a:ea:f3:1a:d9:f9:5b:8f:9f:af:8c:30:bd:ae:
d5:7c:db:2f:1c:f2:d2:bb:0e:79:23:da:5b:14:09:
1c:53:7f:bd:91:2c:4e:00:54:98:26:13:77:e2:ba:
bc:81:1e:47:e5:43:be:f7:62:cc:d9:4d:5a:7a:95:
33:49:7d:62:9e:ab:c3:4f:2f:99:4b:c1:1e:4c:38:
75:62:ba:ea:cd:d7:a3:97:b8:28:87:2b:1d:de:7f:
32:56:2e:f3:51:47:2d:6e:df:c9:cc:46:3e:ce:3a:
63:13:6b:be:5c:47:82:bc:6a:3d:25:e7:42:f4:f1:
26:bb:6e:9f:0a:f5:05:25:e6:4a:70:5e:84:83:3b:
af:1e:a4:10:f1:6a:12:80:7a:a2:12:74:af:16:d8:
ef:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:6A:88:69:3C:B3:8E:58:3C:D5:24:43:AC:EC:7C:AB:DD:71:7B:C3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YWqIaTyzjlg81SRDrOx8q91xe8M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
48:98:08:33:ad:ea:9d:02:7b:8b:d0:09:a1:a2:e2:dc:21:10:
40:4a:dc:a6:0a:9e:96:1c:44:4e:b6:32:06:44:7d:42:a8:d5:
a9:b7:59:be:9a:9d:f8:36:73:0f:15:36:e9:48:8a:4f:63:b9:
99:85:08:3c:c1:c1:c7:48:32:96:a2:df:20:e0:b3:ee:3e:00:
fe:85:50:a8:14:c4:4a:6c:5b:75:a6:35:31:75:b4:6d:b9:89:
db:fd:79:84:35:59:db:d4:71:31:69:e5:29:2b:6a:1e:d3:30:
1f:81:3d:5c:ef:90:4d:db:1b:58:6c:fc:7c:97:37:67:af:9e:
dd:c8:22:00:e7:56:ab:69:a4:f3:c0:7d:3f:52:41:44:00:ea:
3b:97:c9:54:be:bf:d3:05:dc:c7:e5:06:76:9d:d8:76:6d:70:
01:d3:ee:14:4c:03:76:c4:dd:44:5e:77:f3:af:b7:c7:f5:cf:
c7:e8:c4:e3:0a:6e:d3:40:24:21:42:94:5b:5f:f6:0e:3b:24:
87:08:9b:d7:4e:b9:45:1d:a7:ed:36:e1:fd:a5:35:a4:2d:70:
ec:7e:e5:eb:b3:bd:29:03:40:7d:4c:84:ee:a3:96:88:48:da:
45:b6:3a:4f:ae:e9:82:31:6e:cf:d9:d0:9d:f1:02:d9:e5:eb:
0c:f0:1c:5c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNLkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjky
MTIyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxNkE4ODY5M0NCMzhF
NTgzQ0Q1MjQ0M0FDRUM3Q0FCREQ3MTdCQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcHzkOGOmLAnHpFZUQPj8UNKySz7wsmAEuyThjRAYjPIVFs/5Z
ltB5stTG551GfAXTL3V3RqmJw+dgR2QmsDoUP2BApZI1jVId/stBSPXM88YiwQJb
zLtvDGJfFYE+tahcCDefkNMCMFZq6vMa2flbj5+vjDC9rtV82y8c8tK7Dnkj2lsU
CRxTf72RLE4AVJgmE3fiuryBHkflQ773YszZTVp6lTNJfWKeq8NPL5lLwR5MOHVi
uurN16OXuCiHKx3efzJWLvNRRy1u38nMRj7OOmMTa75cR4K8aj0l50L08Sa7bp8K
9QUl5kpwXoSDO68epBDxahKAeqISdK8W2O/tAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUYWqIaTyzjlg81SRDrOx8q91xe8MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lXcUlhVHl6amxnODFT
UkRyT3g4cTkxeGU4TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEiYCDOt6p0Ce4vQ
CaGi4twhEEBK3KYKnpYcRE62MgZEfUKo1am3Wb6anfg2cw8VNulIik9juZmFCDzB
wcdIMpai3yDgs+4+AP6FUKgUxEpsW3WmNTF1tG25idv9eYQ1WdvUcTFp5Skrah7T
MB+BPVzvkE3bG1hs/HyXN2evnt3IIgDnVqtppPPAfT9SQUQA6juXyVS+v9MF3Mfl
Bnad2HZtcAHT7hRMA3bE3URed/Ovt8f1z8foxOMKbtNAJCFClFtf9g47JIcIm9dO
uUUdp+024f2lNaQtcOx+5euzvSkDQH1MhO6jlohI2kW2Ok+u6YIxbs/Z0J3xAtnl
6wzwHFw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org