Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YbM5EOmQnb5SOXmYZOft5clgCnA.roa
File: YbM5EOmQnb5SOXmYZOft5clgCnA.roa (raw, json)
Hash identifier: knQN/DqK6qH/bz4/TX1pS5xwr7zmbxInWMaSmED+ZFI=
Subject key identifier: 61:B3:39:10:E9:90:9D:BE:52:39:79:98:64:E7:ED:E5:C9:60:0A:70
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DE9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YbM5EOmQnb5SOXmYZOft5clgCnA.roa
Signing time: Thu 11 Apr 2024 03:22:44 +0000
ROA not before: Thu 11 Apr 2024 03:22:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15849 (0x3de9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 03:22:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=61B33910E9909DBE5239799864E7EDE5C9600A70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5b:08:12:44:15:37:a9:5c:7e:88:c8:57:1e:
73:f2:15:91:69:a9:9e:71:c8:15:be:f9:28:64:ac:
1e:b3:af:a6:79:68:8c:ee:c1:20:58:ea:91:20:6e:
87:e3:d0:39:54:48:fc:d7:a0:a3:53:4f:a7:26:66:
1a:08:52:67:4f:30:3d:30:ae:9e:29:1e:0d:c8:b5:
66:ab:29:ad:cd:ca:7a:40:3c:dc:2c:ab:b7:15:83:
57:25:1f:bc:4a:ed:6f:0b:f9:ac:34:47:f5:0f:1f:
b1:82:d2:a4:de:d9:e6:4d:eb:1c:e1:9b:ef:fb:2e:
53:e1:07:3a:b5:f0:8f:76:fd:92:7d:b9:20:3f:25:
de:5c:3d:dc:a8:db:25:56:9f:12:12:97:ea:b5:50:
bf:9d:c0:ab:71:f1:47:4c:2d:08:61:0c:43:2e:06:
0d:4c:3d:b1:16:ec:39:2f:59:0b:dd:8a:eb:e5:a6:
65:ab:65:5a:e4:d3:99:37:8b:b5:c3:2b:a1:a4:f8:
02:78:30:ed:0b:b0:82:24:7e:68:1c:03:8c:82:19:
71:f6:d2:8a:64:fb:3c:20:89:bd:e1:c0:58:86:e4:
c4:ce:a8:39:bd:14:b2:e7:0a:fc:56:b7:b3:e5:ba:
e9:c3:dd:7d:84:c8:17:fe:cc:de:5d:00:d0:e8:d7:
f2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B3:39:10:E9:90:9D:BE:52:39:79:98:64:E7:ED:E5:C9:60:0A:70
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YbM5EOmQnb5SOXmYZOft5clgCnA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
31:41:52:b2:28:e8:1d:8a:de:68:cf:aa:77:87:86:e2:68:c7:
4f:2f:6d:dc:b3:b3:2c:d7:f2:71:87:31:95:05:95:97:b3:5f:
69:d5:df:a2:4c:b0:ea:1d:7c:fe:55:59:70:5e:e0:48:b2:e9:
ed:61:cf:71:30:da:a7:b0:33:82:73:9a:7c:70:f2:2d:0b:34:
4b:6a:da:d2:c7:4c:26:15:87:cb:52:77:de:08:19:5f:82:f3:
a5:65:65:e2:0a:8f:68:f5:9a:4a:36:f7:6a:04:d7:8b:a7:29:
3d:55:a7:65:e5:c5:a1:d5:7d:4f:37:53:ce:09:44:fc:18:2e:
9d:bf:1e:a4:78:e8:24:f8:52:0b:38:a0:c4:3d:62:ae:e4:03:
94:d0:e0:ce:ba:21:c3:55:3c:36:ba:e4:b3:7a:82:5d:c8:a7:
d3:f2:54:ba:cc:2d:28:e8:e7:b7:2e:d7:c5:e5:a2:30:90:63:
31:0d:51:d0:45:89:8a:b3:a0:57:74:6b:50:52:54:c4:55:00:
6a:9d:76:d0:94:0e:7d:1e:dd:47:0b:de:5e:40:91:8c:3e:16:
cb:c4:85:06:44:3c:28:e0:ec:b1:76:7a:dc:ed:27:b4:bb:b1:
a1:54:72:07:83:f1:20:dc:e6:b7:6c:36:37:b4:5e:71:77:24:
10:ca:6d:4c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPekwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
MzIyNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxQjMzOTEwRTk5MDlE
QkU1MjM5Nzk5ODY0RTdFREU1Qzk2MDBBNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkWwgSRBU3qVx+iMhXHnPyFZFpqZ5xyBW++ShkrB6zr6Z5aIzu
wSBY6pEgbofj0DlUSPzXoKNTT6cmZhoIUmdPMD0wrp4pHg3ItWarKa3NynpAPNws
q7cVg1clH7xK7W8L+aw0R/UPH7GC0qTe2eZN6xzhm+/7LlPhBzq18I92/ZJ9uSA/
Jd5cPdyo2yVWnxISl+q1UL+dwKtx8UdMLQhhDEMuBg1MPbEW7DkvWQvdiuvlpmWr
ZVrk05k3i7XDK6Gk+AJ4MO0LsIIkfmgcA4yCGXH20opk+zwgib3hwFiG5MTOqDm9
FLLnCvxWt7PluunD3X2EyBf+zN5dANDo1/IxAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUYbM5EOmQnb5SOXmYZOft5clgCnAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1liTTVFT21RbmI1U09Y
bVlaT2Z0NWNsZ0NuQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADFBUrIo6B2K3mjP
qneHhuJox08vbdyzsyzX8nGHMZUFlZezX2nV36JMsOodfP5VWXBe4Eiy6e1hz3Ew
2qewM4Jzmnxw8i0LNEtq2tLHTCYVh8tSd94IGV+C86VlZeIKj2j1mko292oE14un
KT1Vp2XlxaHVfU83U84JRPwYLp2/HqR46CT4Ugs4oMQ9Yq7kA5TQ4M66IcNVPDa6
5LN6gl3Ip9PyVLrMLSjo57cu18XlojCQYzENUdBFiYqzoFd0a1BSVMRVAGqddtCU
Dn0e3UcL3l5AkYw+FsvEhQZEPCjg7LF2etztJ7S7saFUcgeD8SDc5rdsNje0XnF3
JBDKbUw=
-----END CERTIFICATE-----
Generated at Thu Apr 11 10:36:37 2024 by rpki-client on console.sobornost.net