Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ykXinpNwBr518hRtphpnHX_sxY4.roa
File: ykXinpNwBr518hRtphpnHX_sxY4.roa (raw, json)
Hash identifier: mFzQ4QmLHIyqRLWTOgSS6ggzCXKub6H/2hssF9JgeJw=
Subject key identifier: CA:45:E2:9E:93:70:06:BE:75:F2:14:6D:A6:1A:67:1D:7F:EC:C5:8E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 42F1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ykXinpNwBr518hRtphpnHX_sxY4.roa
Signing time: Wed 17 Apr 2024 20:22:59 +0000
ROA not before: Wed 17 Apr 2024 20:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17137 (0x42f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 20:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CA45E29E937006BE75F2146DA61A671D7FECC58E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f9:b1:43:d4:26:09:29:4d:71:7e:f1:ab:04:
ab:eb:b7:23:df:14:86:5b:dd:cc:e7:31:01:56:37:
77:8f:db:a0:e8:b9:30:e8:20:c2:91:78:c7:32:1f:
50:55:be:66:c7:9b:0c:db:b2:f4:e2:ab:01:1d:da:
f0:19:67:a3:fd:46:36:c8:e2:54:6d:04:fd:88:d3:
0a:9c:9c:4f:32:55:47:c5:f6:24:62:83:25:77:40:
e7:88:94:1d:ec:0a:ca:83:1a:f0:9a:ef:4c:48:6b:
6b:1e:2f:d6:22:63:b2:31:4d:ea:40:da:0a:31:a9:
b8:a3:d4:eb:95:90:e5:96:23:11:95:0d:d1:2a:b5:
2e:0e:08:fc:cd:41:8c:9b:d5:c1:59:87:fa:51:dc:
05:ef:e6:62:aa:d4:3a:b9:69:67:8d:5b:9e:19:a9:
b9:fe:f3:2f:ae:c1:c8:72:10:99:51:24:1d:9a:b2:
6a:27:bf:4e:c0:bf:e5:cf:57:2d:60:ab:e2:d4:86:
40:3a:28:eb:10:4d:2d:dc:22:78:ac:6d:c8:19:ea:
30:fa:e9:ba:66:dd:43:93:5e:26:41:33:f7:25:b1:
07:eb:66:2a:05:e5:a0:d7:90:99:b1:52:42:dd:f8:
ef:39:15:4b:23:b7:51:8a:84:83:02:86:34:1b:93:
fa:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:45:E2:9E:93:70:06:BE:75:F2:14:6D:A6:1A:67:1D:7F:EC:C5:8E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ykXinpNwBr518hRtphpnHX_sxY4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b0:f0:16:df:25:1f:69:4b:5a:a1:39:a2:9c:ae:1f:57:ac:29:
a3:1c:fb:33:18:9e:2f:66:d9:c0:78:41:ec:79:da:ba:e6:4b:
a2:cc:1c:2c:7b:3a:02:ee:69:83:c2:ba:2e:c9:cf:49:d2:05:
74:ba:da:5b:bf:72:72:5c:58:80:04:50:f3:e7:22:38:ec:bb:
24:a6:90:8d:a7:8b:a7:32:34:46:c8:09:cb:6d:85:a4:5a:58:
db:4a:f2:3c:55:f2:c5:18:9b:48:f3:85:ec:38:0b:c5:69:4b:
f1:0d:38:cd:67:fd:f2:3f:bc:92:b8:11:dc:c5:ab:5e:5a:ae:
ad:fd:2f:32:ee:2f:fd:40:ae:12:32:ab:ff:04:7c:a7:b2:5a:
45:09:60:a0:be:b5:33:f3:cb:b8:b3:79:93:7d:e6:d5:4e:02:
55:0d:69:49:09:33:59:28:a8:ad:d7:9d:7a:9e:58:91:63:35:
85:cd:b4:4b:50:ce:90:5f:23:8a:4f:19:96:e0:64:f2:34:bf:
a7:52:60:c3:c3:9a:a5:19:68:9f:90:56:1c:80:be:95:86:56:
49:39:5c:a2:a1:99:fc:bd:60:9b:87:35:e5:a1:70:0b:12:78:
f1:d4:e8:34:4e:76:cf:15:1e:ab:7b:22:2e:35:65:7d:bc:98:
e1:ed:e6:f9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQvEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcy
MDIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBNDVFMjlFOTM3MDA2
QkU3NUYyMTQ2REE2MUE2NzFEN0ZFQ0M1OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU+bFD1CYJKU1xfvGrBKvrtyPfFIZb3cznMQFWN3eP26DouTDo
IMKReMcyH1BVvmbHmwzbsvTiqwEd2vAZZ6P9RjbI4lRtBP2I0wqcnE8yVUfF9iRi
gyV3QOeIlB3sCsqDGvCa70xIa2seL9YiY7IxTepA2goxqbij1OuVkOWWIxGVDdEq
tS4OCPzNQYyb1cFZh/pR3AXv5mKq1Dq5aWeNW54Zqbn+8y+uwchyEJlRJB2asmon
v07Av+XPVy1gq+LUhkA6KOsQTS3cInisbcgZ6jD66bpm3UOTXiZBM/clsQfrZioF
5aDXkJmxUkLd+O85FUsjt1GKhIMChjQbk/q1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUykXinpNwBr518hRtphpnHX/sxY4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3lrWGlucE53QnI1MTho
UnRwaHBuSFhfc3hZNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALDwFt8lH2lLWqE5
opyuH1esKaMc+zMYni9m2cB4Qex52rrmS6LMHCx7OgLuaYPCui7Jz0nSBXS62lu/
cnJcWIAEUPPnIjjsuySmkI2ni6cyNEbICctthaRaWNtK8jxV8sUYm0jzhew4C8Vp
S/ENOM1n/fI/vJK4EdzFq15arq39LzLuL/1ArhIyq/8EfKeyWkUJYKC+tTPzy7iz
eZN95tVOAlUNaUkJM1koqK3XnXqeWJFjNYXNtEtQzpBfI4pPGZbgZPI0v6dSYMPD
mqUZaJ+QVhyAvpWGVkk5XKKhmfy9YJuHNeWhcAsSePHU6DROds8VHqt7Ii41ZX28
mOHt5vk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:56 2024 by rpki-client on console-fra.rpki-client.org