Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YrY_IEeFS_Rk61itRzs48TeiBYs.roa
File: YrY_IEeFS_Rk61itRzs48TeiBYs.roa (raw, json)
Hash identifier: HMKqQSSFlb6x7+Tvp1H0jSW9zDzg6ZyPhbyr773tMo4=
Subject key identifier: 62:B6:3F:20:47:85:4B:F4:64:EB:58:AD:47:3B:38:F1:37:A2:05:8B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4256
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YrY_IEeFS_Rk61itRzs48TeiBYs.roa
Signing time: Wed 17 Apr 2024 00:53:08 +0000
ROA not before: Wed 17 Apr 2024 00:53:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16982 (0x4256)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 00:53:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=62B63F2047854BF464EB58AD473B38F137A2058B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:84:0c:bb:30:fd:78:f0:95:61:4c:51:07:a6:
be:80:18:24:bb:a3:dc:77:04:3a:58:d3:b6:45:53:
f7:e7:aa:27:b7:1f:e1:88:af:ab:5f:f8:73:4d:b6:
d7:3c:b6:b9:4f:29:4b:29:fe:2c:41:97:2c:e3:3b:
64:71:a3:9a:5d:52:6c:42:30:25:e9:29:d5:0e:12:
a7:75:30:d4:03:3e:32:5a:4b:bd:c2:ef:d9:95:83:
8b:4a:d7:d9:5e:4d:fc:0c:05:4b:84:e3:1c:a1:ee:
d2:5e:9d:46:26:50:00:4c:69:c0:08:aa:9d:3f:ef:
32:d4:4c:43:31:63:90:d8:51:da:ef:eb:bc:5f:81:
19:d9:33:49:bd:ae:72:1e:73:3b:59:30:37:91:09:
d7:9f:b9:4d:33:9d:08:80:b9:d3:64:f4:c2:88:69:
5b:af:2a:49:69:be:2a:c6:8a:7e:90:6f:1f:17:4f:
da:ba:8b:2a:31:16:c6:f3:f0:5d:f3:02:06:92:77:
b8:b8:5e:7c:5b:07:00:d7:84:7f:91:8b:89:55:53:
f3:b6:cd:73:8c:ef:77:0f:88:a5:9b:41:b7:59:9c:
dd:08:0e:7a:c8:2c:66:da:89:7c:93:54:4f:07:83:
f1:75:e9:ea:8b:f1:e3:83:fd:5f:a6:2e:fd:cd:d5:
51:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B6:3F:20:47:85:4B:F4:64:EB:58:AD:47:3B:38:F1:37:A2:05:8B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YrY_IEeFS_Rk61itRzs48TeiBYs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7b:95:26:bc:aa:2e:1c:ab:fc:93:90:b0:b4:f8:b5:0e:ef:5e:
b2:af:f8:6d:6c:98:89:39:2a:81:dc:6d:7e:c3:81:63:aa:10:
7b:00:ba:db:5d:58:0f:f6:4f:eb:dd:d9:2b:c6:59:c2:bf:d4:
df:f1:71:3c:07:59:cc:42:27:c0:0b:d0:26:91:fc:2e:cd:ad:
b0:fc:30:00:0f:f9:f6:93:53:02:f6:3c:f2:b1:ea:91:34:89:
af:ef:db:80:91:76:37:da:c1:5d:a7:b3:b2:b7:3e:45:5f:02:
30:30:9b:89:99:e5:16:a3:f1:8e:51:c7:90:8f:29:02:db:28:
4c:c8:f2:56:5d:4e:a6:f7:0c:bb:8a:a3:15:04:e9:f6:a0:9b:
5b:e4:85:ea:5d:24:a7:4c:c5:93:e4:ad:64:be:7d:b5:bf:dc:
c7:0c:16:18:4f:a7:df:de:9d:7d:f5:28:9c:6b:d7:82:cd:c0:
61:85:02:b8:91:66:d1:9b:f9:e6:70:96:a5:f4:d0:95:c7:1a:
77:de:1e:4c:a7:a9:b4:ff:e0:2c:e0:cd:00:ae:c5:f7:e5:49:
82:a3:0c:e6:3c:8a:5f:e0:ec:b1:5f:cd:c1:cf:74:c8:5f:fc:
4a:3e:24:16:91:c5:ae:24:fd:b4:57:bc:88:49:2b:11:98:3e:
7c:a2:9e:f4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQlYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
MDUzMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYyQjYzRjIwNDc4NTRC
RjQ2NEVCNThBRDQ3M0IzOEYxMzdBMjA1OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCohAy7MP148JVhTFEHpr6AGCS7o9x3BDpY07ZFU/fnqie3H+GI
r6tf+HNNttc8trlPKUsp/ixBlyzjO2Rxo5pdUmxCMCXpKdUOEqd1MNQDPjJaS73C
79mVg4tK19leTfwMBUuE4xyh7tJenUYmUABMacAIqp0/7zLUTEMxY5DYUdrv67xf
gRnZM0m9rnIecztZMDeRCdefuU0znQiAudNk9MKIaVuvKklpvirGin6Qbx8XT9q6
iyoxFsbz8F3zAgaSd7i4XnxbBwDXhH+Ri4lVU/O2zXOM73cPiKWbQbdZnN0IDnrI
LGbaiXyTVE8Hg/F16eqL8eOD/V+mLv3N1VGBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYrY/IEeFS/Rk61itRzs48TeiBYswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lyWV9JRWVGU19SazYx
aXRSenM0OFRlaUJZcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAe5UmvKouHKv8k5CwtPi1Du9esq/4bWyY
iTkqgdxtfsOBY6oQewC6211YD/ZP693ZK8ZZwr/U3/FxPAdZzEInwAvQJpH8Ls2t
sPwwAA/59pNTAvY88rHqkTSJr+/bgJF2N9rBXaezsrc+RV8CMDCbiZnlFqPxjlHH
kI8pAtsoTMjyVl1OpvcMu4qjFQTp9qCbW+SF6l0kp0zFk+StZL59tb/cxwwWGE+n
396dffUonGvXgs3AYYUCuJFm0Zv55nCWpfTQlccad94eTKeptP/gLODNAK7F9+VJ
gqMM5jyKX+DssV/Nwc90yF/8Sj4kFpHFriT9tFe8iEkrEZg+fKKe9A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:52 2025 by rpki-client