Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YZoxsNu4pq01zc67d79qTfEusr4.roa
File: YZoxsNu4pq01zc67d79qTfEusr4.roa (raw, json)
Hash identifier: zyBfZJnTXyTYg1JwrtLtP4/esPlRtG3imUJaH81N2Cs=
Subject key identifier: 61:9A:31:B0:DB:B8:A6:AD:35:CD:CE:BB:77:BF:6A:4D:F1:2E:B2:BE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55A9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YZoxsNu4pq01zc67d79qTfEusr4.roa
Signing time: Sun 12 May 2024 19:24:05 +0000
ROA not before: Sun 12 May 2024 19:24:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21929 (0x55a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 19:24:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=619A31B0DBB8A6AD35CDCEBB77BF6A4DF12EB2BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4c:0a:38:fc:e0:74:91:45:4b:17:68:b3:a1:
8f:7d:e1:ad:87:5c:30:4c:af:cf:49:53:90:14:8c:
5c:37:d0:7a:4f:9b:8e:23:bf:8a:df:75:1a:24:17:
2a:e3:66:45:9b:af:a5:24:58:0c:46:d3:d7:65:58:
23:d4:5c:05:26:f8:6b:1b:07:b2:eb:76:09:2d:a9:
0b:1a:ca:ed:81:bb:43:6e:0f:25:11:a7:f7:3f:df:
df:94:92:fd:00:f4:a5:b9:21:6a:cb:7e:08:f9:2d:
47:eb:a7:86:1c:11:3f:8c:c6:4f:2b:54:6f:59:74:
5b:6e:e2:05:34:11:aa:ab:f5:e0:3a:39:ea:62:fb:
14:7e:fe:83:9f:15:d6:7b:a0:17:27:d6:d1:b1:88:
8b:f1:b4:af:88:56:88:40:21:d0:ff:0b:9a:3c:ec:
78:66:dc:89:5f:53:c5:0c:7f:37:1c:86:44:eb:61:
cf:12:f3:49:40:6b:0f:71:a0:08:0e:a9:f0:2c:26:
c6:c5:06:86:92:1e:ea:83:51:63:70:de:fd:c1:53:
29:e9:46:48:9d:fd:8e:bb:fb:f7:8b:04:51:ae:84:
a5:a8:a3:d9:e1:12:52:29:90:0e:24:a4:9b:04:ef:
68:47:28:cb:1e:49:59:bb:a8:0b:d7:2f:23:4c:3a:
44:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9A:31:B0:DB:B8:A6:AD:35:CD:CE:BB:77:BF:6A:4D:F1:2E:B2:BE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YZoxsNu4pq01zc67d79qTfEusr4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
37:96:c0:08:ef:9e:cf:49:32:f9:e8:76:e5:2e:6a:ce:e6:97:
14:36:fb:60:25:c1:25:eb:70:d9:ca:26:57:ff:f3:1d:34:62:
56:f5:06:81:ed:47:30:0f:c3:9b:87:1c:ee:1e:0d:1b:84:c7:
20:27:ca:aa:46:5e:7b:16:29:9e:2a:8e:e7:ff:ca:c0:cf:d7:
0e:19:50:e2:79:98:86:01:38:27:a7:a8:48:b2:e1:c3:87:0f:
8a:56:1d:23:c6:60:7d:bf:42:dd:22:b8:fd:aa:be:fb:04:a2:
7c:67:a5:fa:a2:81:fb:d1:b1:01:88:04:92:8c:00:f5:ac:68:
d7:46:b0:46:80:02:5b:50:2a:f5:84:6a:6b:6c:90:31:49:a7:
c7:1a:0d:b1:e8:90:06:a9:93:b9:80:54:66:e4:ab:79:a4:9d:
3b:e1:38:22:5f:02:b9:65:07:67:35:41:71:0b:7c:48:1a:b9:
37:4f:8c:fa:65:e4:e7:45:68:3f:1a:57:bb:75:f2:1f:40:3f:
6c:3a:93:93:8f:d9:8e:92:62:0a:91:b6:9d:8a:4f:fd:97:39:
93:04:1d:c1:fe:fa:2d:33:e2:35:0b:f5:24:d7:c3:c5:37:34:
0c:81:83:36:4e:a4:f8:ba:3b:13:30:ee:9f:24:b9:7b:e1:c2:
3a:ff:d9:0c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVakwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIx
OTI0MDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxOUEzMUIwREJCOEE2
QUQzNUNEQ0VCQjc3QkY2QTRERjEyRUIyQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDETAo4/OB0kUVLF2izoY994a2HXDBMr89JU5AUjFw30HpPm44j
v4rfdRokFyrjZkWbr6UkWAxG09dlWCPUXAUm+GsbB7LrdgktqQsayu2Bu0NuDyUR
p/c/39+Ukv0A9KW5IWrLfgj5LUfrp4YcET+Mxk8rVG9ZdFtu4gU0Eaqr9eA6Oepi
+xR+/oOfFdZ7oBcn1tGxiIvxtK+IVohAIdD/C5o87Hhm3IlfU8UMfzcchkTrYc8S
80lAaw9xoAgOqfAsJsbFBoaSHuqDUWNw3v3BUynpRkid/Y67+/eLBFGuhKWoo9nh
ElIpkA4kpJsE72hHKMseSVm7qAvXLyNMOkSdAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUYZoxsNu4pq01zc67d79qTfEusr4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lab3hzTnU0cHEwMXpj
NjdkNzlxVGZFdXNyNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADeWwAjvns9JMvno
duUuas7mlxQ2+2AlwSXrcNnKJlf/8x00Ylb1BoHtRzAPw5uHHO4eDRuExyAnyqpG
XnsWKZ4qjuf/ysDP1w4ZUOJ5mIYBOCenqEiy4cOHD4pWHSPGYH2/Qt0iuP2qvvsE
onxnpfqigfvRsQGIBJKMAPWsaNdGsEaAAltQKvWEamtskDFJp8caDbHokAapk7mA
VGbkq3mknTvhOCJfArllB2c1QXELfEgauTdPjPpl5OdFaD8aV7t18h9AP2w6k5OP
2Y6SYgqRtp2KT/2XOZMEHcH++i0z4jUL9STXw8U3NAyBgzZOpPi6OxMw7p8kuXvh
wjr/2Qw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org