Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yVqTEiRKpdXrVBzRdEidEkhvb-4.roa
File: yVqTEiRKpdXrVBzRdEidEkhvb-4.roa (raw, json)
Hash identifier: 89nXiHU4nJj1DWJYRan2ZPekImD9PrP7VqkV2rJ2rMM=
Subject key identifier: C9:5A:93:12:24:4A:A5:D5:EB:54:1C:D1:74:48:9D:12:48:6F:6F:EE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F4E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yVqTEiRKpdXrVBzRdEidEkhvb-4.roa
Signing time: Fri 12 Apr 2024 23:52:51 +0000
ROA not before: Fri 12 Apr 2024 23:52:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16206 (0x3f4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 23:52:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C95A9312244AA5D5EB541CD174489D12486F6FEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f6:f1:51:4c:b3:b5:7e:93:e8:56:c4:be:eb:
91:e4:77:72:92:68:3e:20:5f:dc:a1:75:81:a5:08:
d1:52:ef:4c:09:13:ed:7c:f6:f1:a7:bd:1e:2e:3d:
a3:aa:e5:cc:c4:25:3a:13:54:ac:d9:a8:1e:53:91:
e7:da:f7:58:2a:fb:1f:b2:8d:e9:81:82:45:f7:93:
11:5d:bd:f6:7e:fe:83:8b:76:fa:4e:9d:dc:76:bf:
96:95:be:e2:f9:cd:db:0f:fe:2e:bc:14:16:aa:74:
d7:67:de:5e:ef:98:1a:51:64:a5:a0:48:21:97:b2:
27:11:e1:01:a4:c9:f9:bd:65:52:a8:a5:f2:57:cc:
13:8d:14:9d:6a:eb:c9:01:f8:03:e7:93:67:ad:14:
37:c1:f5:db:16:84:d9:c9:65:3c:34:e7:b2:fe:f8:
01:b0:ca:00:22:21:6a:ed:d5:92:33:27:84:78:65:
a7:82:53:df:fb:df:e6:17:65:c2:d3:1e:d9:49:8a:
16:04:dc:d2:a3:28:2e:75:ab:b3:c3:e4:64:33:9d:
57:31:4f:bc:34:2f:fc:a5:36:4a:64:f6:f6:c9:96:
0c:1e:ae:ed:56:f3:08:90:aa:a3:d0:23:64:bf:ae:
61:7f:f0:1f:b3:86:35:2e:95:da:f5:1f:ae:eb:46:
8d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5A:93:12:24:4A:A5:D5:EB:54:1C:D1:74:48:9D:12:48:6F:6F:EE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yVqTEiRKpdXrVBzRdEidEkhvb-4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:b6:75:79:0c:c9:e7:67:2d:4f:a9:d0:76:e8:97:38:2e:1c:
a1:57:6f:a0:a4:da:a4:b4:6c:63:71:8f:e3:07:76:ac:04:6b:
10:a8:f4:00:15:1e:87:48:e5:6b:22:e7:14:ec:64:c6:0b:76:
5d:3a:78:aa:52:54:29:2c:17:11:39:4a:d5:6b:73:fa:e6:71:
ec:cb:74:af:fe:61:86:a6:51:5f:fb:a4:64:ce:b1:7f:5c:12:
2c:42:26:a3:91:f7:2e:36:39:3c:0a:14:c5:89:07:7a:ce:2e:
2d:e7:e3:5e:91:0d:00:e6:46:8e:28:70:5d:d1:53:82:1f:0d:
2f:36:60:a3:63:05:55:b0:3d:68:39:8c:a5:3a:9c:22:b0:db:
5e:7b:7f:39:aa:52:b0:1b:d7:a4:78:2e:f2:51:1b:7a:22:00:
60:02:af:07:cc:b7:2b:d4:26:c8:1c:6d:bf:1f:00:7d:fb:9d:
94:06:41:cf:1a:fb:fd:58:45:fb:54:e8:a2:16:21:50:0d:33:
ed:3b:b2:02:b2:cb:52:94:40:e5:89:da:db:f6:53:17:75:4b:
97:94:ae:06:d8:22:ea:37:94:03:19:3b:b1:e5:f6:61:d4:31:
d0:2f:d1:14:e9:60:9a:00:9e:5b:e5:0e:87:f6:d5:68:9f:1b:
98:55:a4:78
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICP04wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIy
MzUyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM5NUE5MzEyMjQ0QUE1
RDVFQjU0MUNEMTc0NDg5RDEyNDg2RjZGRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC19vFRTLO1fpPoVsS+65Hkd3KSaD4gX9yhdYGlCNFS70wJE+18
9vGnvR4uPaOq5czEJToTVKzZqB5Tkefa91gq+x+yjemBgkX3kxFdvfZ+/oOLdvpO
ndx2v5aVvuL5zdsP/i68FBaqdNdn3l7vmBpRZKWgSCGXsicR4QGkyfm9ZVKopfJX
zBONFJ1q68kB+APnk2etFDfB9dsWhNnJZTw057L++AGwygAiIWrt1ZIzJ4R4ZaeC
U9/73+YXZcLTHtlJihYE3NKjKC51q7PD5GQznVcxT7w0L/ylNkpk9vbJlgweru1W
8wiQqqPQI2S/rmF/8B+zhjUuldr1H67rRo3dAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUyVqTEiRKpdXrVBzRdEidEkhvb+4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3lWcVRFaVJLcGRYclZC
elJkRWlkRWtodmItNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAG7Z1eQzJ52ctT6nQduiXOC4coVdvoKTa
pLRsY3GP4wd2rARrEKj0ABUeh0jlayLnFOxkxgt2XTp4qlJUKSwXETlK1Wtz+uZx
7Mt0r/5hhqZRX/ukZM6xf1wSLEImo5H3LjY5PAoUxYkHes4uLefjXpENAOZGjihw
XdFTgh8NLzZgo2MFVbA9aDmMpTqcIrDbXnt/OapSsBvXpHgu8lEbeiIAYAKvB8y3
K9QmyBxtvx8AffudlAZBzxr7/VhF+1ToohYhUA0z7TuyArLLUpRA5Yna2/ZTF3VL
l5SuBtgi6jeUAxk7seX2YdQx0C/RFOlgmgCeW+UOh/bVaJ8bmFWkeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:56 2024 by rpki-client on console-fra.rpki-client.org