Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YsiGLLxg1_lX4-QdHdtyKclQU34.roa
File: YsiGLLxg1_lX4-QdHdtyKclQU34.roa (raw, json)
Hash identifier: 9U41RovdJ+gueej2LbWBHWFcN6IOjLJmFJA5nevAw5I=
Subject key identifier: 62:C8:86:2C:BC:60:D7:F9:57:E3:E4:1D:1D:DB:72:29:C9:50:53:7E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DBE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YsiGLLxg1_lX4-QdHdtyKclQU34.roa
Signing time: Wed 10 Apr 2024 21:52:45 +0000
ROA not before: Wed 10 Apr 2024 21:52:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15806 (0x3dbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 21:52:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=62C8862CBC60D7F957E3E41D1DDB7229C950537E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b7:89:3d:b0:84:66:da:8a:48:56:50:66:fa:
12:2b:8f:ec:53:07:02:67:2e:7e:38:64:14:67:5b:
eb:64:c7:f7:49:1e:14:98:c1:7f:fe:95:ab:41:ad:
59:d7:1d:b8:ea:f7:02:ad:0b:d6:aa:80:a4:53:4f:
72:e0:5c:b6:8b:dc:f3:e3:46:f2:50:ac:f1:18:3e:
7e:8c:2c:a2:e5:85:e7:e7:17:d9:85:b3:e7:be:9f:
70:8b:78:46:30:05:12:ce:72:1b:ba:02:a9:b1:1e:
2c:05:e3:c0:50:63:e5:f1:9c:23:a3:3b:e9:41:ed:
bb:b7:29:85:38:51:4c:2b:d4:c1:24:50:e2:03:2a:
27:85:2c:3a:67:eb:0d:aa:d9:a0:fd:53:e2:7c:03:
ce:7a:53:bd:23:b7:ec:a0:f8:83:65:b9:be:d4:21:
5a:77:87:65:aa:79:61:a9:c1:bf:22:c4:5f:7d:01:
de:1b:0b:2f:0a:9c:75:1a:2b:ce:bd:9e:39:3b:fb:
15:a5:45:6a:2f:a6:5b:ba:a0:65:af:88:11:f8:e8:
d9:07:07:a4:54:fc:22:40:56:53:b8:5c:51:81:3a:
cd:a9:00:e7:9c:32:ca:85:f5:24:cd:ac:51:5a:a8:
0f:fd:ff:e0:f4:51:e5:7f:8b:81:c2:95:09:b4:03:
cf:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:C8:86:2C:BC:60:D7:F9:57:E3:E4:1D:1D:DB:72:29:C9:50:53:7E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YsiGLLxg1_lX4-QdHdtyKclQU34.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:f0:a4:30:05:c9:ee:5e:07:0f:89:9a:e2:0b:37:9f:2f:0a:
4c:b2:18:10:b5:cf:9c:13:af:96:74:75:92:ed:39:31:16:ff:
85:31:74:61:dd:20:cd:b8:89:72:49:c1:ad:08:95:f7:f9:b7:
50:3d:2c:48:26:68:09:0b:bf:98:ae:50:5c:1b:61:b3:2e:51:
75:e5:7a:5b:e5:cb:ee:4c:de:5f:61:be:dc:61:c3:c0:c8:6c:
3a:65:83:31:21:0c:e5:b0:eb:4e:3d:f7:a3:f0:cc:02:0a:4b:
c0:d2:a0:b8:04:16:7b:89:30:ba:3c:64:5b:a8:e0:75:75:b9:
dd:18:ee:d2:fc:ee:3b:4e:42:b1:ca:d3:24:a8:03:e5:51:15:
4e:27:03:ec:4b:fc:84:32:3f:0b:c6:13:6d:39:a3:23:91:7e:
00:92:fd:c7:f3:7f:e9:c8:0b:04:65:d0:57:66:90:70:68:6e:
90:d1:6c:3e:36:81:3c:dd:28:58:75:fa:86:79:03:44:35:c5:
03:5e:56:80:d2:79:2c:e2:32:4d:e5:4a:55:71:cc:dd:62:fc:
a4:df:01:07:b7:2d:aa:b8:f8:fe:5d:a4:41:99:f0:5e:d7:03:
23:bf:37:0b:3e:8d:40:4d:cd:f8:c2:24:75:7b:f3:5f:3c:34:
bd:c5:5d:a0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPb4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAy
MTUyNDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYyQzg4NjJDQkM2MEQ3
Rjk1N0UzRTQxRDFEREI3MjI5Qzk1MDUzN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5t4k9sIRm2opIVlBm+hIrj+xTBwJnLn44ZBRnW+tkx/dJHhSY
wX/+latBrVnXHbjq9wKtC9aqgKRTT3LgXLaL3PPjRvJQrPEYPn6MLKLlhefnF9mF
s+e+n3CLeEYwBRLOchu6AqmxHiwF48BQY+XxnCOjO+lB7bu3KYU4UUwr1MEkUOID
KieFLDpn6w2q2aD9U+J8A856U70jt+yg+INlub7UIVp3h2WqeWGpwb8ixF99Ad4b
Cy8KnHUaK869njk7+xWlRWovplu6oGWviBH46NkHB6RU/CJAVlO4XFGBOs2pAOec
MsqF9STNrFFaqA/9/+D0UeV/i4HClQm0A8+hAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYsiGLLxg1/lX4+QdHdtyKclQU34wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lzaUdMTHhnMV9sWDQt
UWRIZHR5S2NsUVUzNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAd/CkMAXJ7l4HD4ma4gs3ny8KTLIYELXP
nBOvlnR1ku05MRb/hTF0Yd0gzbiJcknBrQiV9/m3UD0sSCZoCQu/mK5QXBthsy5R
deV6W+XL7kzeX2G+3GHDwMhsOmWDMSEM5bDrTj33o/DMAgpLwNKguAQWe4kwujxk
W6jgdXW53Rju0vzuO05CscrTJKgD5VEVTicD7Ev8hDI/C8YTbTmjI5F+AJL9x/N/
6cgLBGXQV2aQcGhukNFsPjaBPN0oWHX6hnkDRDXFA15WgNJ5LOIyTeVKVXHM3WL8
pN8BB7ctqrj4/l2kQZnwXtcDI783Cz6NQE3N+MIkdXvzXzw0vcVdoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:32 2024 by rpki-client on console-fra.rpki-client.org