Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Yf99d7JhXSrvzD6EUNUjTpUN8qE.roa
File: Yf99d7JhXSrvzD6EUNUjTpUN8qE.roa (raw, json)
Hash identifier: KGFU8SH2z5H6eJEA27PyCRWMm7WGhZE67xjC78grv+o=
Subject key identifier: 61:FF:7D:77:B2:61:5D:2A:EF:CC:3E:84:50:D5:23:4E:95:0D:F2:A1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 517E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Yf99d7JhXSrvzD6EUNUjTpUN8qE.roa
Signing time: Tue 07 May 2024 05:53:54 +0000
ROA not before: Tue 07 May 2024 05:53:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20862 (0x517e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 05:53:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=61FF7D77B2615D2AEFCC3E8450D5234E950DF2A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1c:cd:f2:1d:9c:03:d7:57:e3:8c:d0:80:a6:
f7:4f:ac:0a:92:7a:d5:74:a3:2f:3f:45:b4:c7:14:
41:18:80:9b:d8:64:3d:76:2e:59:a0:58:b1:ad:a1:
b3:20:fd:27:34:b7:42:1c:89:a4:3e:f3:77:c3:71:
7d:43:eb:0a:45:d4:42:f1:0f:84:c1:35:f3:df:ed:
8d:50:22:8f:17:0a:ab:89:ce:09:26:10:68:17:d5:
df:dd:e8:3b:1a:ad:ed:e0:d5:f9:c1:90:96:e7:b9:
51:56:85:d1:4a:07:60:13:4c:98:64:0c:10:69:bf:
60:34:fb:cb:65:7e:42:32:f6:bc:e7:0f:57:28:7a:
3d:7e:85:c0:df:07:d1:5c:35:e8:81:1c:29:ac:a7:
f2:88:fd:2a:e7:ba:4d:aa:10:aa:6a:b1:91:02:14:
10:ff:9f:b2:74:30:bc:6f:d4:c9:b4:41:88:a4:08:
8e:ac:67:93:ac:8e:ec:b8:c1:7c:f6:9f:59:c3:4e:
c2:90:3b:a5:73:a5:71:c1:42:f6:12:19:e7:65:88:
e1:2c:72:2c:fe:a4:82:a1:bf:81:6b:ea:60:cd:75:
39:5c:9e:65:e7:a8:6f:29:ed:bd:dc:c6:ef:92:29:
f3:f5:f9:dc:57:26:f1:c0:34:54:0c:a0:15:95:65:
01:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FF:7D:77:B2:61:5D:2A:EF:CC:3E:84:50:D5:23:4E:95:0D:F2:A1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Yf99d7JhXSrvzD6EUNUjTpUN8qE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:6a:b5:85:60:8e:b6:1b:ca:12:ed:df:c0:0f:ad:bd:f7:06:
67:b5:52:8d:b0:b6:6c:32:62:85:b0:cf:fa:10:7d:eb:25:71:
4c:ea:0b:0d:38:7d:aa:21:b4:9e:99:a6:2a:97:2d:4a:07:9a:
6a:86:39:c7:f8:81:2e:dd:06:df:2d:ce:84:f2:69:5b:91:e9:
ad:05:39:08:b0:4a:42:9b:60:41:e6:7d:c2:09:fa:64:1d:62:
24:1c:4f:51:1d:27:d4:92:4a:be:e4:bf:b0:17:86:c0:5a:e9:
ff:f6:c6:87:41:2e:e7:a9:e0:12:4a:99:4e:6b:4a:65:7f:96:
b9:8d:8d:6e:7e:a8:0e:8d:31:04:53:f1:e2:48:47:05:ca:26:
e2:4b:12:e8:13:c3:ff:cd:cd:08:c2:2b:05:1f:69:bd:08:b6:
58:bb:e9:59:0a:e8:4d:c6:d6:52:3a:1f:c2:c7:1f:3f:8c:f0:
3b:d8:68:03:b1:3b:4b:32:9c:2a:fd:f9:db:52:c4:b4:ef:d8:
a5:a5:57:d0:89:ea:c2:ac:f3:99:f7:5a:17:22:83:f9:90:99:
a4:7c:ed:2c:6a:a2:8c:e9:6a:8e:f2:29:49:e9:15:42:a2:c7:
02:74:b8:53:11:21:4a:db:44:f6:b1:dd:83:0b:83:3e:53:44:
01:06:68:68
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUX4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcw
NTUzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxRkY3RDc3QjI2MTVE
MkFFRkNDM0U4NDUwRDUyMzRFOTUwREYyQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyHM3yHZwD11fjjNCApvdPrAqSetV0oy8/RbTHFEEYgJvYZD12
LlmgWLGtobMg/Sc0t0IciaQ+83fDcX1D6wpF1ELxD4TBNfPf7Y1QIo8XCquJzgkm
EGgX1d/d6Dsare3g1fnBkJbnuVFWhdFKB2ATTJhkDBBpv2A0+8tlfkIy9rznD1co
ej1+hcDfB9FcNeiBHCmsp/KI/Srnuk2qEKpqsZECFBD/n7J0MLxv1Mm0QYikCI6s
Z5Osjuy4wXz2n1nDTsKQO6VzpXHBQvYSGedliOEsciz+pIKhv4Fr6mDNdTlcnmXn
qG8p7b3cxu+SKfP1+dxXJvHANFQMoBWVZQG1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYf99d7JhXSrvzD6EUNUjTpUN8qEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lmOTlkN0poWFNydnpE
NkVVTlVqVHBVTjhxRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAl2q1hWCOthvKEu3fwA+tvfcGZ7VSjbC2
bDJihbDP+hB96yVxTOoLDTh9qiG0npmmKpctSgeaaoY5x/iBLt0G3y3OhPJpW5Hp
rQU5CLBKQptgQeZ9wgn6ZB1iJBxPUR0n1JJKvuS/sBeGwFrp//bGh0Eu56ngEkqZ
TmtKZX+WuY2Nbn6oDo0xBFPx4khHBcom4ksS6BPD/83NCMIrBR9pvQi2WLvpWQro
TcbWUjofwscfP4zwO9hoA7E7SzKcKv3521LEtO/YpaVX0InqwqzzmfdaFyKD+ZCZ
pHztLGqijOlqjvIpSekVQqLHAnS4UxEhSttE9rHdgwuDPlNEAQZoaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org