Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YZsOMlT1b8tWU5U_kQC8vzUxceU.roa
File: YZsOMlT1b8tWU5U_kQC8vzUxceU.roa (raw, json)
Hash identifier: Cd9YwYjeWQnJoiWYTJxk4AGgVzDs39+WHG87K3AzDFw=
Subject key identifier: 61:9B:0E:32:54:F5:6F:CB:56:53:95:3F:91:00:BC:BF:35:31:71:E5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 482E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YZsOMlT1b8tWU5U_kQC8vzUxceU.roa
Signing time: Wed 24 Apr 2024 19:53:17 +0000
ROA not before: Wed 24 Apr 2024 19:53:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18478 (0x482e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 19:53:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=619B0E3254F56FCB5653953F9100BCBF353171E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c3:fb:e7:1e:58:60:be:75:dd:61:9e:cb:f5:
f6:06:cc:6d:94:37:12:f1:e1:00:ca:13:25:a2:40:
af:e1:6e:88:61:d3:a1:91:ee:b7:58:0e:9c:46:8c:
c6:68:25:5a:46:64:2b:7b:87:e3:b4:49:b3:11:09:
bb:56:c3:31:ec:75:21:08:6e:12:93:df:b7:95:f7:
85:f7:1c:3a:2c:3c:39:e2:d5:b7:d1:f6:21:9c:8a:
04:27:32:c5:31:15:aa:f2:56:5f:e9:90:dd:4f:8f:
94:32:b4:f2:bc:5a:24:e4:81:3d:16:81:52:f2:6a:
44:67:97:a4:81:44:38:3a:6a:17:fc:29:45:9b:b1:
2d:83:82:77:41:91:54:05:2f:98:b8:7c:79:3a:d0:
72:1f:23:ae:04:26:03:09:2f:a9:43:2f:b5:2f:b3:
b3:8b:ee:d4:f5:d2:9c:08:b5:95:2d:6e:88:ef:e8:
1a:89:44:99:2a:46:64:d2:1a:6e:e0:d0:1d:2b:c0:
87:39:ba:a9:ad:f2:73:04:cd:88:4e:c0:33:5e:81:
21:20:cd:a0:a9:49:b9:ff:99:fd:72:af:5a:99:8c:
af:bf:93:21:a9:74:ce:da:15:5e:96:40:f3:3e:fa:
a1:6b:87:96:58:3d:28:83:c0:7e:84:e9:a6:28:17:
9e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9B:0E:32:54:F5:6F:CB:56:53:95:3F:91:00:BC:BF:35:31:71:E5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YZsOMlT1b8tWU5U_kQC8vzUxceU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:6b:50:bc:21:9f:c1:cc:f9:e4:d1:e6:72:f5:8e:48:0a:9e:
2d:ed:7c:b5:91:05:d7:92:a4:b2:f3:9b:58:25:cf:af:a1:83:
01:16:c6:d4:8d:1f:1c:69:06:ad:0d:8e:f1:0a:3b:e6:52:35:
ef:b5:41:22:f3:43:4a:41:f0:75:d9:99:f8:df:ed:f0:59:33:
5b:ff:10:ca:1e:bc:3d:70:68:36:65:f5:bb:63:15:8a:bf:c8:
fa:64:9a:48:5b:90:ad:43:95:bf:36:9a:01:8e:65:82:7e:48:
b9:9c:03:ce:98:45:d9:a2:d3:1a:cc:07:22:f5:97:47:96:a1:
bf:0e:b6:3e:15:25:82:2b:36:15:29:8b:3b:be:b3:6d:3f:67:
de:70:cd:94:01:4c:3c:55:f9:62:2f:df:d5:c6:d6:a1:f2:8c:
47:f0:6c:63:40:76:42:e8:de:c0:4c:a3:26:eb:65:a0:f3:fd:
85:49:c3:46:fd:ff:e9:d1:d8:92:6a:12:3d:f2:e4:0d:8d:5e:
94:4a:59:4f:13:ea:0f:99:eb:4a:84:fb:da:dc:b9:df:81:0f:
f9:20:13:fd:63:ed:21:ca:c5:1b:dc:97:b9:47:9c:b5:13:18:
e2:4f:4f:6d:39:64:bc:b3:6d:81:3a:b0:87:21:46:b5:21:55:
45:20:56:ec
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSC4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQx
OTUzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxOUIwRTMyNTRGNTZG
Q0I1NjUzOTUzRjkxMDBCQ0JGMzUzMTcxRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuw/vnHlhgvnXdYZ7L9fYGzG2UNxLx4QDKEyWiQK/hbohh06GR
7rdYDpxGjMZoJVpGZCt7h+O0SbMRCbtWwzHsdSEIbhKT37eV94X3HDosPDni1bfR
9iGcigQnMsUxFaryVl/pkN1Pj5QytPK8WiTkgT0WgVLyakRnl6SBRDg6ahf8KUWb
sS2DgndBkVQFL5i4fHk60HIfI64EJgMJL6lDL7Uvs7OL7tT10pwItZUtbojv6BqJ
RJkqRmTSGm7g0B0rwIc5uqmt8nMEzYhOwDNegSEgzaCpSbn/mf1yr1qZjK+/kyGp
dM7aFV6WQPM++qFrh5ZYPSiDwH6E6aYoF57NAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYZsOMlT1b8tWU5U/kQC8vzUxceUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lac09NbFQxYjh0V1U1
VV9rUUM4dnpVeGNlVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEATWtQvCGfwcz55NHmcvWOSAqeLe18tZEF
15KksvObWCXPr6GDARbG1I0fHGkGrQ2O8Qo75lI177VBIvNDSkHwddmZ+N/t8Fkz
W/8Qyh68PXBoNmX1u2MVir/I+mSaSFuQrUOVvzaaAY5lgn5IuZwDzphF2aLTGswH
IvWXR5ahvw62PhUlgis2FSmLO76zbT9n3nDNlAFMPFX5Yi/f1cbWofKMR/BsY0B2
QujewEyjJutloPP9hUnDRv3/6dHYkmoSPfLkDY1elEpZTxPqD5nrSoT72ty534EP
+SAT/WPtIcrFG9yXuUectRMY4k9PbTlkvLNtgTqwhyFGtSFVRSBW7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org