Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ysmdQkjZfxQf_ubL2YmNPaE1GYY.roa
File: ysmdQkjZfxQf_ubL2YmNPaE1GYY.roa (raw, json)
Hash identifier: 2TEEjPKK/VKzHU1fyzqXENILW9y+bv1xIhdnfApKio4=
Subject key identifier: CA:C9:9D:42:48:D9:7F:14:1F:FE:E6:CB:D9:89:8D:3D:A1:35:19:86
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 369A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ysmdQkjZfxQf_ubL2YmNPaE1GYY.roa
Signing time: Mon 01 Apr 2024 09:22:17 +0000
ROA not before: Mon 01 Apr 2024 09:22:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13978 (0x369a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 09:22:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CAC99D4248D97F141FFEE6CBD9898D3DA1351986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3f:77:87:73:82:2f:91:8a:0d:44:5b:2a:75:
05:45:fb:57:56:af:62:f6:d9:82:00:94:6a:8e:4a:
31:ef:b9:f3:c5:28:69:e7:e2:58:1c:3e:c8:ec:23:
4b:50:b0:bc:f5:1e:54:92:2e:8e:f3:95:bc:a5:93:
b7:d2:4a:46:32:12:5e:91:05:d2:92:13:27:88:b8:
e1:98:06:19:5b:f1:39:44:be:7a:7a:88:9a:5a:14:
6f:15:8f:0a:2c:c8:38:9c:e5:42:56:ac:88:f7:c3:
60:75:80:ed:e8:23:6f:73:03:b1:01:f1:c2:88:f0:
39:c0:35:66:12:bf:7a:20:ee:a1:8a:05:42:c5:30:
70:75:55:82:17:de:24:54:a7:e1:c5:7f:0a:07:d5:
40:30:b3:aa:6c:82:18:17:c8:4d:01:67:1d:a1:f9:
99:36:98:ed:4a:75:d9:d5:f2:83:ec:1c:32:6e:5f:
2b:e6:f8:70:cb:91:72:39:51:02:09:fa:d8:6a:b3:
00:04:b5:98:28:df:a9:0a:94:ae:a8:2d:0f:a7:13:
13:73:99:1d:a2:b8:87:63:f2:12:d0:62:8e:3a:62:
00:9f:2d:cc:12:78:c2:7b:58:e7:77:04:44:7d:17:
a5:5f:24:2f:b0:58:5e:6a:81:9f:db:08:94:0a:ca:
29:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C9:9D:42:48:D9:7F:14:1F:FE:E6:CB:D9:89:8D:3D:A1:35:19:86
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ysmdQkjZfxQf_ubL2YmNPaE1GYY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:7b:3b:4d:79:11:00:f5:a1:03:0a:af:1d:9f:f3:0e:d7:e1:
81:9c:c5:e2:59:6a:16:c7:c9:3f:42:9e:2c:7a:33:c1:c0:8d:
8f:04:8c:11:6e:77:8b:ec:57:10:a5:20:78:84:7a:fb:85:22:
ff:6c:34:83:8c:60:b2:90:1f:04:79:b7:aa:25:21:23:36:d5:
b5:6f:f2:9f:b0:e6:09:e8:1c:10:c9:f6:66:93:9d:0b:b3:b0:
85:5a:b7:33:d2:99:54:36:b6:8e:b3:f4:17:bb:36:ba:c2:5b:
d0:4e:3e:c7:78:9f:c4:3f:26:1c:81:7c:5e:c8:2a:49:48:04:
82:17:e7:d6:07:c5:70:a4:9f:c2:f9:ab:44:19:18:f2:a3:42:
45:6c:8c:fd:f9:2e:3d:b8:b8:17:50:97:72:12:d4:09:b2:83:
18:fb:e6:b1:5d:f0:49:be:76:69:24:b7:4a:70:62:be:6c:b0:
0a:ce:4f:5c:b0:1b:8e:62:bc:0c:bd:ec:39:c0:ab:8a:59:b1:
63:97:5f:48:53:b6:68:7f:f5:f2:aa:c7:85:29:6c:47:00:7e:
db:01:26:8a:19:b3:19:67:f4:0c:58:f1:3c:4b:e3:7e:b5:4a:
48:01:f5:34:39:d7:86:c2:15:bc:b8:99:4e:e1:e2:60:2b:f7:
7b:28:a0:f7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNpowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEw
OTIyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBQzk5RDQyNDhEOTdG
MTQxRkZFRTZDQkQ5ODk4RDNEQTEzNTE5ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmP3eHc4IvkYoNRFsqdQVF+1dWr2L22YIAlGqOSjHvufPFKGnn
4lgcPsjsI0tQsLz1HlSSLo7zlbylk7fSSkYyEl6RBdKSEyeIuOGYBhlb8TlEvnp6
iJpaFG8VjwosyDic5UJWrIj3w2B1gO3oI29zA7EB8cKI8DnANWYSv3og7qGKBULF
MHB1VYIX3iRUp+HFfwoH1UAws6psghgXyE0BZx2h+Zk2mO1KddnV8oPsHDJuXyvm
+HDLkXI5UQIJ+thqswAEtZgo36kKlK6oLQ+nExNzmR2iuIdj8hLQYo46YgCfLcwS
eMJ7WOd3BER9F6VfJC+wWF5qgZ/bCJQKyilfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUysmdQkjZfxQf/ubL2YmNPaE1GYYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3lzbWRRa2paZnhRZl91
YkwyWW1OUGFFMUdZWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAFns7TXkRAPWhAwqvHZ/zDtfhgZzF4llq
FsfJP0KeLHozwcCNjwSMEW53i+xXEKUgeIR6+4Ui/2w0g4xgspAfBHm3qiUhIzbV
tW/yn7DmCegcEMn2ZpOdC7OwhVq3M9KZVDa2jrP0F7s2usJb0E4+x3ifxD8mHIF8
XsgqSUgEghfn1gfFcKSfwvmrRBkY8qNCRWyM/fkuPbi4F1CXchLUCbKDGPvmsV3w
Sb52aSS3SnBivmywCs5PXLAbjmK8DL3sOcCrilmxY5dfSFO2aH/18qrHhSlsRwB+
2wEmihmzGWf0DFjxPEvjfrVKSAH1NDnXhsIVvLiZTuHiYCv3eyig9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:56 2024 by rpki-client on console-fra.rpki-client.org