Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yh6MMMoZC2_0rWoRVlVCx9phyao.roa
File: yh6MMMoZC2_0rWoRVlVCx9phyao.roa (raw, json)
Hash identifier: Dqdju4y2mgNWQepL56YhjparUfEv+UiGkif/mjPNJG4=
Subject key identifier: CA:1E:8C:30:CA:19:0B:6F:F4:AD:6A:11:56:55:42:C7:DA:61:C9:AA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 436A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yh6MMMoZC2_0rWoRVlVCx9phyao.roa
Signing time: Thu 18 Apr 2024 11:23:10 +0000
ROA not before: Thu 18 Apr 2024 11:23:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17258 (0x436a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 11:23:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CA1E8C30CA190B6FF4AD6A11565542C7DA61C9AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:99:d6:b2:6e:ab:6c:61:e4:6b:c5:0b:ba:24:
a3:a4:dd:b6:09:6c:79:cc:0a:d2:cd:2a:9e:90:bc:
5c:e5:57:3b:bd:6a:7e:4e:f5:fe:2e:d7:c3:a7:33:
c9:cb:dc:26:9b:2b:fd:25:97:c1:01:c3:9b:a7:b4:
c5:48:e9:11:0a:c1:2d:4c:09:48:4d:dc:77:a2:8a:
4f:6e:f5:e6:75:24:6f:c5:a8:bd:a7:aa:16:b2:57:
15:4c:17:c5:7f:8e:91:e7:78:cd:f8:35:42:e1:a5:
14:28:1a:b6:f5:41:6d:15:67:eb:98:3f:e5:b6:7f:
ce:98:f3:2d:72:dc:34:f7:7c:72:8a:9d:4a:2f:0f:
2f:82:26:6d:e5:32:48:9c:c7:09:9a:e2:e5:60:9a:
a0:38:25:55:3e:89:dc:86:7d:69:08:c6:7b:03:7f:
25:1c:6d:41:20:57:db:db:ab:47:0d:0a:18:ca:f6:
4a:b4:22:e5:e6:67:2b:39:c6:2f:13:65:ac:ab:9f:
3a:c6:a1:d4:1a:2c:60:3f:ee:83:27:e4:cc:e9:f7:
7a:d0:6a:fc:bb:62:39:7b:28:a7:c1:b6:4b:1e:5e:
8c:65:2a:e1:0a:83:86:07:1e:2b:76:74:7f:6b:71:
b5:b7:5f:d4:95:8e:1e:3b:dd:4b:52:f0:23:0c:e1:
e2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1E:8C:30:CA:19:0B:6F:F4:AD:6A:11:56:55:42:C7:DA:61:C9:AA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yh6MMMoZC2_0rWoRVlVCx9phyao.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:b2:ad:88:dc:f6:09:cb:b4:cd:a9:42:6d:c4:92:10:e5:0e:
6a:cf:11:4f:ed:4c:6a:88:cf:34:91:b2:31:f9:f4:20:27:9c:
68:b1:31:e3:79:90:52:73:62:6f:d7:2b:15:52:75:5e:1b:08:
17:f1:a7:7c:75:34:b0:78:8e:0b:7e:56:64:64:e1:a9:59:39:
29:c8:e5:f3:1a:22:4d:8e:5c:c0:4f:0c:2a:03:5a:44:16:36:
a5:9d:28:2a:6f:d8:c5:99:e6:1c:2c:c4:fc:7a:5d:9f:71:f5:
60:de:61:32:20:15:0f:0f:28:fe:ea:c5:14:dd:e6:9a:29:73:
cf:10:53:c9:b4:82:51:9e:3f:0a:da:2a:12:96:e8:dd:7a:b9:
b1:ea:26:68:c0:70:12:72:a1:01:f7:0f:8c:e2:48:27:31:0e:
05:d3:61:ec:4d:28:14:e9:9b:0a:8a:a6:de:32:9b:3d:8b:fa:
70:c4:71:31:6f:84:f4:d4:0e:8b:8e:78:ca:c7:08:c6:89:1f:
71:3a:48:56:b6:10:8c:29:e1:bf:41:e9:0b:39:f2:c1:94:ac:
df:b7:bd:9d:9e:78:85:d8:8a:cb:67:24:21:3d:69:e2:81:97:
fc:c2:62:fb:45:aa:cd:c5:19:27:c0:a6:c5:fa:d2:9d:dc:ca:
c4:73:13:bc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQ2owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
MTIzMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBMUU4QzMwQ0ExOTBC
NkZGNEFENkExMTU2NTU0MkM3REE2MUM5QUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDImdaybqtsYeRrxQu6JKOk3bYJbHnMCtLNKp6QvFzlVzu9an5O
9f4u18OnM8nL3CabK/0ll8EBw5untMVI6REKwS1MCUhN3Heiik9u9eZ1JG/FqL2n
qhayVxVMF8V/jpHneM34NULhpRQoGrb1QW0VZ+uYP+W2f86Y8y1y3DT3fHKKnUov
Dy+CJm3lMkicxwma4uVgmqA4JVU+idyGfWkIxnsDfyUcbUEgV9vbq0cNChjK9kq0
IuXmZys5xi8TZayrnzrGodQaLGA/7oMn5Mzp93rQavy7Yjl7KKfBtkseXoxlKuEK
g4YHHit2dH9rcbW3X9SVjh473UtS8CMM4eLHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUyh6MMMoZC2/0rWoRVlVCx9phyaowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3loNk1NTW9aQzJfMHJX
b1JWbFZDeDlwaHlhby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAALKtiNz2Ccu0zalCbcSSEOUOas8RT+1M
aojPNJGyMfn0ICecaLEx43mQUnNib9crFVJ1XhsIF/GnfHU0sHiOC35WZGThqVk5
Kcjl8xoiTY5cwE8MKgNaRBY2pZ0oKm/YxZnmHCzE/Hpdn3H1YN5hMiAVDw8o/urF
FN3mmilzzxBTybSCUZ4/CtoqEpbo3Xq5seomaMBwEnKhAfcPjOJIJzEOBdNh7E0o
FOmbCoqm3jKbPYv6cMRxMW+E9NQOi454yscIxokfcTpIVrYQjCnhv0HpCznywZSs
37e9nZ54hdiKy2ckIT1p4oGX/MJi+0WqzcUZJ8CmxfrSndzKxHMTvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:56 2024 by rpki-client on console-fra.rpki-client.org