Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YqIwvdss3XsragUVeXEuOzqSRcU.roa
File: YqIwvdss3XsragUVeXEuOzqSRcU.roa (raw, json)
Hash identifier: L37bPwScTB6spAOI6RDy5Foq43C4NJBWx3L6c6zu5Zk=
Subject key identifier: 62:A2:30:BD:DB:2C:DD:7B:2B:6A:05:15:79:71:2E:3B:3A:92:45:C5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5082
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YqIwvdss3XsragUVeXEuOzqSRcU.roa
Signing time: Sun 05 May 2024 22:23:54 +0000
ROA not before: Sun 05 May 2024 22:23:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20610 (0x5082)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 22:23:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=62A230BDDB2CDD7B2B6A051579712E3B3A9245C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:28:de:ab:c6:34:3d:44:ab:10:e0:4b:54:20:
09:78:81:81:e6:63:9d:60:5b:c7:dc:f6:bc:24:02:
64:f6:68:3e:73:fa:f1:fd:44:f8:ae:31:a6:4c:5a:
18:c3:9b:79:d5:d3:60:40:2a:2d:1a:df:74:13:77:
ba:14:25:09:b6:d0:d8:1f:6d:8a:3c:ce:af:a6:23:
ac:5c:20:7f:0d:e8:21:75:47:0a:ea:6d:2a:12:34:
b1:ff:31:01:9d:44:39:00:4a:ae:cd:4b:09:91:b8:
89:30:28:ad:db:fa:6a:47:48:2e:5b:e6:56:7b:33:
db:69:17:eb:2c:19:9e:95:e0:84:c8:a1:b0:1b:ac:
63:7e:da:46:1c:e0:82:d4:04:d8:29:90:ce:6c:fe:
e5:90:01:be:fc:87:54:5d:bc:b9:20:45:55:c4:60:
ea:fc:5e:c9:d9:e8:cd:4c:66:ea:0c:4a:08:06:77:
c8:01:a9:c0:d7:ec:01:87:dd:ce:eb:13:53:aa:82:
8b:1a:98:46:e1:8c:3f:16:2a:a5:4a:11:35:78:c8:
cd:0a:fe:2b:8e:b4:a5:43:09:2e:50:7a:e5:51:d2:
8f:cd:cf:00:1b:4d:be:c4:b0:b3:47:6e:b2:db:6b:
66:58:3a:16:57:16:5e:34:64:ad:24:de:61:b6:a4:
82:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A2:30:BD:DB:2C:DD:7B:2B:6A:05:15:79:71:2E:3B:3A:92:45:C5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YqIwvdss3XsragUVeXEuOzqSRcU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bb:67:e2:46:23:eb:71:20:82:d7:a4:57:b4:80:8f:d4:52:3c:
89:94:01:68:8f:48:15:af:29:1d:9f:be:72:cd:8b:4f:fb:87:
3b:bb:1f:50:a6:fd:21:98:40:41:ac:e7:37:4b:a3:c5:4f:8d:
1b:63:84:99:f2:bb:1e:49:8e:7c:e7:df:29:dd:5c:e9:02:6c:
d0:b5:89:db:de:8e:b4:ca:82:65:9b:b6:b9:51:a0:a2:39:05:
0d:5a:7e:48:f6:64:42:48:e2:ad:9e:07:10:d5:17:29:d3:24:
07:38:66:2a:0e:f1:fa:0a:9a:68:1f:f6:4b:43:75:37:b4:09:
7d:ac:b6:ec:d5:e6:32:88:31:0f:62:b0:39:e5:db:24:63:3a:
5e:98:e3:9c:60:79:d9:0b:a2:8b:68:62:b4:fb:c2:66:6b:f7:
36:30:d1:79:d0:7e:d0:44:71:f6:9d:1b:37:50:80:ae:85:b8:
ab:76:36:5f:28:44:b7:37:0b:ed:45:d3:30:39:7c:c0:e6:31:
38:d8:63:30:6b:44:37:1b:d4:e6:c3:ac:0a:d4:43:82:e9:33:
fc:a1:63:a7:5c:36:a2:6d:3e:67:f6:b2:1d:6a:44:6d:bb:2e:
29:e3:ab:f6:98:7f:1f:19:16:87:7d:22:e0:df:31:a3:b8:39:
4f:30:64:a7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUIIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUy
MjIzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYyQTIzMEJEREIyQ0RE
N0IyQjZBMDUxNTc5NzEyRTNCM0E5MjQ1QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTKN6rxjQ9RKsQ4EtUIAl4gYHmY51gW8fc9rwkAmT2aD5z+vH9
RPiuMaZMWhjDm3nV02BAKi0a33QTd7oUJQm20NgfbYo8zq+mI6xcIH8N6CF1Rwrq
bSoSNLH/MQGdRDkASq7NSwmRuIkwKK3b+mpHSC5b5lZ7M9tpF+ssGZ6V4ITIobAb
rGN+2kYc4ILUBNgpkM5s/uWQAb78h1RdvLkgRVXEYOr8XsnZ6M1MZuoMSggGd8gB
qcDX7AGH3c7rE1OqgosamEbhjD8WKqVKETV4yM0K/iuOtKVDCS5QeuVR0o/NzwAb
Tb7EsLNHbrLba2ZYOhZXFl40ZK0k3mG2pILdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYqIwvdss3XsragUVeXEuOzqSRcUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lxSXd2ZHNzM1hzcmFn
VVZlWEV1T3pxU1JjVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAu2fiRiPrcSCC16RXtICP1FI8iZQBaI9I
Fa8pHZ++cs2LT/uHO7sfUKb9IZhAQaznN0ujxU+NG2OEmfK7HkmOfOffKd1c6QJs
0LWJ296OtMqCZZu2uVGgojkFDVp+SPZkQkjirZ4HENUXKdMkBzhmKg7x+gqaaB/2
S0N1N7QJfay27NXmMogxD2KwOeXbJGM6XpjjnGB52Quii2hitPvCZmv3NjDRedB+
0ERx9p0bN1CAroW4q3Y2XyhEtzcL7UXTMDl8wOYxONhjMGtENxvU5sOsCtRDgukz
/KFjp1w2om0+Z/ayHWpEbbsuKeOr9ph/HxkWh30i4N8xo7g5TzBkpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:32 2024 by rpki-client on console-fra.rpki-client.org