Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YWWIR4uxI4GSgt92GVCrAaFTpWk.roa
File: YWWIR4uxI4GSgt92GVCrAaFTpWk.roa (raw, json)
Hash identifier: w6A7FcWcF3TEMf+0/15WglZA2GAijrmmMfWqKL2NdNU=
Subject key identifier: 61:65:88:47:8B:B1:23:81:92:82:DF:76:19:50:AB:01:A1:53:A5:69
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B3E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YWWIR4uxI4GSgt92GVCrAaFTpWk.roa
Signing time: Sun 28 Apr 2024 21:53:38 +0000
ROA not before: Sun 28 Apr 2024 21:53:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19262 (0x4b3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 21:53:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=616588478BB123819282DF761950AB01A153A569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a1:f6:32:df:5d:97:25:1c:97:8f:ee:86:fe:
77:5e:79:3e:37:be:6b:ac:52:d1:d6:e7:6e:e5:b6:
46:fa:64:a4:b3:21:1e:63:d1:57:de:c8:50:77:d0:
b8:9c:82:ac:7f:5f:64:c5:f7:d5:53:23:dd:5c:f0:
4b:6f:e2:05:d4:73:a3:86:99:6f:eb:23:db:8d:6a:
26:11:81:4e:06:cd:5d:95:bf:b2:b2:f1:96:fb:31:
5e:46:54:b5:10:86:34:20:01:6e:6b:8f:c1:23:18:
ae:d6:a1:5c:71:ec:c1:b6:96:67:35:19:a9:20:68:
b0:9e:f3:50:8d:0f:fe:44:bd:39:58:69:73:82:34:
2a:17:70:68:5b:5c:8a:f6:b6:bf:fd:df:82:1b:3e:
f1:54:4a:05:04:34:51:dd:ae:e2:e0:79:bd:0b:e4:
e5:01:8e:0e:6c:04:d6:d4:3d:e6:f5:84:e9:16:42:
25:11:49:7a:ee:1c:90:c8:76:5b:1f:79:71:c5:d5:
84:7b:94:da:d5:cd:28:77:ce:1e:51:4f:26:75:1b:
fb:be:ca:1f:fe:47:55:84:e8:8c:a8:40:8d:88:c4:
14:ea:d6:d7:88:8c:4b:76:c5:7d:fd:92:ce:03:b8:
16:f9:61:63:a1:9e:ba:d8:76:9c:d9:4b:65:5d:87:
5e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:65:88:47:8B:B1:23:81:92:82:DF:76:19:50:AB:01:A1:53:A5:69
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YWWIR4uxI4GSgt92GVCrAaFTpWk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:31:bd:89:45:b8:fc:88:82:c6:ab:00:8e:2b:e4:24:a6:d4:
f5:65:fc:d7:d6:7a:a4:cd:14:9c:c7:60:bf:fb:df:5e:4a:ca:
6b:d8:96:7d:fc:50:b6:65:b0:da:f7:2d:2a:b4:06:f9:02:41:
0d:8a:fa:14:82:9b:f9:a2:11:ba:3e:bc:0c:44:ad:7d:89:cb:
1c:47:bb:02:1f:05:aa:ce:ac:c8:38:2f:5d:00:19:a2:1b:29:
19:74:24:d7:56:29:8f:98:86:fe:af:95:59:87:d4:ef:51:62:
6d:2b:74:78:e5:f5:d8:20:47:3c:dc:40:c6:78:8a:88:77:f6:
f1:d4:8d:fb:d1:8c:9d:4a:d3:69:ee:c6:90:6c:db:37:40:99:
7e:fb:a3:49:17:bd:87:23:b8:1b:0b:a5:87:6f:77:dc:34:39:
f7:9b:50:e2:4d:ee:08:61:04:3e:1e:c7:d1:00:b9:d4:ee:fe:
31:58:44:89:9d:3f:9b:3e:05:1e:86:63:52:86:c6:ad:36:8f:
6b:ca:12:29:ba:b1:71:21:b3:8b:99:63:25:1c:94:d9:47:25:
58:7b:00:1d:d5:d5:45:33:67:d0:a1:ce:56:ac:4a:b8:32:a0:
80:1c:90:c1:a1:f3:aa:d2:e9:30:4b:f7:9e:99:18:84:c8:8f:
7f:72:b4:b1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSz4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgy
MTUzMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxNjU4ODQ3OEJCMTIz
ODE5MjgyREY3NjE5NTBBQjAxQTE1M0E1NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2ofYy312XJRyXj+6G/ndeeT43vmusUtHW527ltkb6ZKSzIR5j
0VfeyFB30Licgqx/X2TF99VTI91c8Etv4gXUc6OGmW/rI9uNaiYRgU4GzV2Vv7Ky
8Zb7MV5GVLUQhjQgAW5rj8EjGK7WoVxx7MG2lmc1GakgaLCe81CND/5EvTlYaXOC
NCoXcGhbXIr2tr/934IbPvFUSgUENFHdruLgeb0L5OUBjg5sBNbUPeb1hOkWQiUR
SXruHJDIdlsfeXHF1YR7lNrVzSh3zh5RTyZ1G/u+yh/+R1WE6IyoQI2IxBTq1teI
jEt2xX39ks4DuBb5YWOhnrrYdpzZS2Vdh167AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYWWIR4uxI4GSgt92GVCrAaFTpWkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lXV0lSNHV4STRHU2d0
OTJHVkNyQWFGVHBXay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAmTG9iUW4/IiCxqsAjivkJKbU9WX819Z6
pM0UnMdgv/vfXkrKa9iWffxQtmWw2vctKrQG+QJBDYr6FIKb+aIRuj68DEStfYnL
HEe7Ah8Fqs6syDgvXQAZohspGXQk11Ypj5iG/q+VWYfU71FibSt0eOX12CBHPNxA
xniKiHf28dSN+9GMnUrTae7GkGzbN0CZfvujSRe9hyO4Gwulh2933DQ595tQ4k3u
CGEEPh7H0QC51O7+MVhEiZ0/mz4FHoZjUobGrTaPa8oSKbqxcSGzi5ljJRyU2Ucl
WHsAHdXVRTNn0KHOVqxKuDKggByQwaHzqtLpMEv3npkYhMiPf3K0sQ==
-----END CERTIFICATE-----
Generated at Mon Apr 29 06:28:42 2024 by rpki-client on console.sobornost.net