Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YwmgEai1QZiRWmZEckMKFeN4T8U.roa
File: YwmgEai1QZiRWmZEckMKFeN4T8U.roa (raw, json)
Hash identifier: b/bIgR8MlJxxA5yvQ2YYPDiVhPlZqiWj5Ln3wDvXM6I=
Subject key identifier: 63:09:A0:11:A8:B5:41:98:91:5A:66:44:72:43:0A:15:E3:78:4F:C5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 355A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YwmgEai1QZiRWmZEckMKFeN4T8U.roa
Signing time: Sat 30 Mar 2024 17:22:08 +0000
ROA not before: Sat 30 Mar 2024 17:22:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13658 (0x355a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 17:22:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6309A011A8B54198915A664472430A15E3784FC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3e:90:22:c1:e6:eb:f6:37:4a:8b:84:f7:b3:
19:c0:94:5d:65:ec:a7:ca:47:cd:34:17:b2:b7:c0:
c1:f2:bc:de:0f:3a:52:6f:32:f2:42:84:36:8a:88:
85:a9:99:89:39:38:e5:99:aa:b9:9f:35:32:44:d0:
d5:a1:43:b1:39:40:0f:5c:e6:cb:a8:76:e5:fa:e8:
69:23:d0:24:52:75:c6:18:3d:2f:9e:15:51:44:dd:
d5:ea:16:6d:83:28:cb:9b:94:1c:05:97:db:a8:86:
79:74:0b:9a:22:16:f0:89:8e:fc:b3:9c:30:07:50:
ef:12:da:43:5b:76:9a:90:f4:8b:56:a2:54:74:6c:
11:f9:47:c0:dd:de:92:fd:b0:98:46:33:b8:3b:89:
15:19:7a:eb:45:7a:a0:82:d0:42:f2:9b:e8:23:d4:
33:92:94:d7:92:af:af:57:95:54:5a:b9:bf:c1:e6:
55:88:7d:70:51:ee:44:d5:ca:ae:ec:ba:c7:6d:0a:
3e:b8:22:36:21:93:a2:69:2a:77:60:a0:5d:7d:bb:
17:35:b2:19:4a:f6:b7:91:d4:1a:6d:01:dc:7a:8b:
f2:ac:4c:b0:cc:b8:1b:93:ff:ca:58:42:46:71:80:
ee:ae:8c:b6:9e:fb:9e:07:87:78:b8:d0:cd:81:49:
01:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:09:A0:11:A8:B5:41:98:91:5A:66:44:72:43:0A:15:E3:78:4F:C5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YwmgEai1QZiRWmZEckMKFeN4T8U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:76:7e:88:8f:97:5f:e8:a9:41:55:66:7e:2e:4a:58:b7:47:
f9:d5:38:4b:c4:bf:11:58:de:1e:50:03:54:6d:1c:d4:3d:5f:
94:95:d7:ab:fe:31:be:2a:f7:5c:06:ed:34:fb:4a:9e:2e:a0:
ef:ca:b3:5e:af:f6:b1:5e:99:2b:16:4a:11:2b:59:17:30:ab:
fc:2b:6d:b7:70:2c:70:d7:54:54:fe:93:d3:92:09:c2:4f:c6:
34:29:d9:3e:b2:6f:e3:33:15:21:a4:bf:da:7e:14:9f:4d:84:
9f:79:6c:21:0b:cb:e2:c4:6a:e6:f0:06:c7:e2:70:c9:9b:5a:
8c:08:73:a9:f6:db:50:a8:ad:28:f5:b6:de:90:87:7a:bf:58:
07:89:c1:d2:94:f8:32:52:01:61:9c:16:16:d3:ee:ed:dd:73:
63:81:08:db:02:dd:34:44:cd:0a:3d:b2:b2:7c:a9:f7:81:e1:
3b:49:f0:8f:d6:11:70:f1:0e:58:d6:6b:ab:e7:5b:a1:ab:e2:
3c:9c:53:2a:4e:11:a3:53:16:76:04:9c:a5:1c:bc:18:ae:3a:
74:ac:12:14:5a:4b:61:b0:e4:03:a3:d3:5a:7c:38:24:59:8f:
6d:02:f8:93:b9:75:de:d2:21:1e:f5:3b:80:35:e2:29:1e:be:
21:f1:bf:58
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
NzIyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYzMDlBMDExQThCNTQx
OTg5MTVBNjY0NDcyNDMwQTE1RTM3ODRGQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfPpAiwebr9jdKi4T3sxnAlF1l7KfKR800F7K3wMHyvN4POlJv
MvJChDaKiIWpmYk5OOWZqrmfNTJE0NWhQ7E5QA9c5suoduX66Gkj0CRSdcYYPS+e
FVFE3dXqFm2DKMublBwFl9uohnl0C5oiFvCJjvyznDAHUO8S2kNbdpqQ9ItWolR0
bBH5R8Dd3pL9sJhGM7g7iRUZeutFeqCC0ELym+gj1DOSlNeSr69XlVRaub/B5lWI
fXBR7kTVyq7susdtCj64IjYhk6JpKndgoF19uxc1shlK9reR1BptAdx6i/KsTLDM
uBuT/8pYQkZxgO6ujLae+54Hh3i40M2BSQHVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYwmgEai1QZiRWmZEckMKFeN4T8UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1l3bWdFYWkxUVppUldt
WkVja01LRmVONFQ4VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQnZ+iI+XX+ipQVVmfi5KWLdH+dU4S8S/
EVjeHlADVG0c1D1flJXXq/4xvir3XAbtNPtKni6g78qzXq/2sV6ZKxZKEStZFzCr
/Cttt3AscNdUVP6T05IJwk/GNCnZPrJv4zMVIaS/2n4Un02En3lsIQvL4sRq5vAG
x+JwyZtajAhzqfbbUKitKPW23pCHer9YB4nB0pT4MlIBYZwWFtPu7d1zY4EI2wLd
NETNCj2ysnyp94HhO0nwj9YRcPEOWNZrq+dboaviPJxTKk4Ro1MWdgScpRy8GK46
dKwSFFpLYbDkA6PTWnw4JFmPbQL4k7l13tIhHvU7gDXiKR6+IfG/WA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:32 2024 by rpki-client on console-fra.rpki-client.org