Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Ykd62Z2tudFkVnWrfBjPRVJF-bc.roa
File: Ykd62Z2tudFkVnWrfBjPRVJF-bc.roa (raw, json)
Hash identifier: 0ld+H79phaE0615QPCLAYktlgClAZnaNzMmMUoc6mR4=
Subject key identifier: 62:47:7A:D9:9D:AD:B9:D1:64:56:75:AB:7C:18:CF:45:52:45:F9:B7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5455
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ykd62Z2tudFkVnWrfBjPRVJF-bc.roa
Signing time: Sat 11 May 2024 00:54:01 +0000
ROA not before: Sat 11 May 2024 00:54:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21589 (0x5455)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 00:54:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=62477AD99DADB9D1645675AB7C18CF455245F9B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:aa:74:da:8d:0e:52:91:e5:64:88:94:6b:f3:
a1:0d:fe:60:fb:3d:02:14:4f:30:83:7d:c0:26:43:
16:7a:91:5b:3e:c4:9b:62:5a:0b:f6:e4:2c:db:2d:
eb:27:33:a2:e5:87:81:41:49:69:8d:b6:e4:70:44:
3b:b1:f1:01:02:3a:e2:bb:34:db:7d:0b:f9:90:1d:
6f:ed:cc:61:8a:7a:b7:e9:af:b3:1a:66:04:d9:44:
fd:c0:5c:81:06:91:15:40:07:78:f7:57:1e:07:b5:
e1:50:b3:fe:46:a0:41:8e:75:c0:a2:a7:8a:79:9a:
03:f9:44:65:11:14:f9:44:4a:69:ac:e2:d3:f1:88:
91:86:2f:54:12:ef:85:39:e7:10:2b:0f:9a:f6:f6:
22:b1:b4:12:af:be:33:e8:71:ea:63:72:94:6a:99:
88:00:04:d9:4e:a2:da:04:5f:a5:f0:13:2e:3c:99:
81:4d:3a:15:f0:a2:61:e2:ed:47:84:a5:85:31:6c:
ee:1f:8d:fc:42:1a:3a:62:1d:fb:29:29:70:97:3d:
6d:18:2a:b8:08:14:ea:e6:b4:52:da:e8:f4:17:be:
ad:04:c6:2e:a3:ed:35:21:0c:34:de:26:00:d6:79:
33:21:ad:3d:6e:ea:4f:cd:ee:86:1f:90:72:e6:9f:
39:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:47:7A:D9:9D:AD:B9:D1:64:56:75:AB:7C:18:CF:45:52:45:F9:B7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ykd62Z2tudFkVnWrfBjPRVJF-bc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6e:70:85:13:bf:dc:c4:cc:cf:95:38:c0:49:91:3a:e9:fe:64:
c9:bd:e1:82:1e:10:bc:19:97:3b:ce:2b:6f:2e:3c:e8:4c:fa:
7a:05:eb:02:af:d3:27:95:52:6c:8d:91:09:cd:bf:96:68:41:
f1:69:70:eb:d2:da:9d:96:23:4b:e0:1b:23:f0:e9:45:96:1f:
a9:dc:91:59:30:89:3a:09:e6:a1:4a:0a:c9:95:1b:dd:64:93:
cd:8f:fd:34:68:d7:5c:c4:c3:6d:33:77:55:94:42:54:f8:4f:
96:12:1f:15:5e:3d:73:5a:8a:5e:32:41:82:5a:b6:58:44:3e:
4a:11:55:41:0c:f7:f7:6e:ad:5a:e6:0f:bc:0b:92:cb:94:35:
34:54:af:a5:93:55:30:94:b9:ac:cc:c8:0e:12:73:64:95:0e:
63:ed:3d:a2:cc:c1:c2:79:76:61:4b:72:65:f0:3b:93:dc:43:
82:92:0b:1b:e9:74:2a:c7:23:e6:69:ee:c1:5a:86:5a:23:3f:
9d:1c:7b:81:e6:98:b7:e0:5b:0a:a4:17:25:6f:a4:40:ac:cb:
7c:83:08:39:c2:e3:7e:65:77:ed:c1:ba:68:98:66:65:23:81:
ba:17:36:61:8f:8d:6c:a4:9d:91:7a:cf:9a:48:04:fd:e7:f5:
6b:33:27:5e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVFUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEw
MDU0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYyNDc3QUQ5OURBREI5
RDE2NDU2NzVBQjdDMThDRjQ1NTI0NUY5QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFqnTajQ5SkeVkiJRr86EN/mD7PQIUTzCDfcAmQxZ6kVs+xJti
Wgv25CzbLesnM6Llh4FBSWmNtuRwRDux8QECOuK7NNt9C/mQHW/tzGGKerfpr7Ma
ZgTZRP3AXIEGkRVAB3j3Vx4HteFQs/5GoEGOdcCip4p5mgP5RGURFPlESmms4tPx
iJGGL1QS74U55xArD5r29iKxtBKvvjPocepjcpRqmYgABNlOotoEX6XwEy48mYFN
OhXwomHi7UeEpYUxbO4fjfxCGjpiHfspKXCXPW0YKrgIFOrmtFLa6PQXvq0Exi6j
7TUhDDTeJgDWeTMhrT1u6k/N7oYfkHLmnzm9AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUYkd62Z2tudFkVnWrfBjPRVJF+bcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lrZDYyWjJ0dWRGa1Zu
V3JmQmpQUlZKRi1iYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAG5whRO/3MTMz5U4
wEmROun+ZMm94YIeELwZlzvOK28uPOhM+noF6wKv0yeVUmyNkQnNv5ZoQfFpcOvS
2p2WI0vgGyPw6UWWH6nckVkwiToJ5qFKCsmVG91kk82P/TRo11zEw20zd1WUQlT4
T5YSHxVePXNail4yQYJatlhEPkoRVUEM9/durVrmD7wLksuUNTRUr6WTVTCUuazM
yA4Sc2SVDmPtPaLMwcJ5dmFLcmXwO5PcQ4KSCxvpdCrHI+Zp7sFahlojP50ce4Hm
mLfgWwqkFyVvpECsy3yDCDnC435ld+3BumiYZmUjgboXNmGPjWyknZF6z5pIBP3n
9WszJ14=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:53:29 2025 by rpki-client