Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YphhfHXPd9-x07p3Ccj6QnCCy3I.roa
File: YphhfHXPd9-x07p3Ccj6QnCCy3I.roa (raw, json)
Hash identifier: Krz0hnBOoRgVAnyquy1MzjMz8qs/QcHF/wnu8wuwuhQ=
Subject key identifier: 62:98:61:7C:75:CF:77:DF:B1:D3:BA:77:09:C8:FA:42:70:82:CB:72
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 42F6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YphhfHXPd9-x07p3Ccj6QnCCy3I.roa
Signing time: Wed 17 Apr 2024 20:53:08 +0000
ROA not before: Wed 17 Apr 2024 20:53:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17142 (0x42f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 20:53:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6298617C75CF77DFB1D3BA7709C8FA427082CB72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ef:01:d1:24:92:a9:c5:9e:e5:7b:bc:11:fe:
30:b3:40:69:5e:2f:54:46:b5:bc:12:ab:bc:01:78:
60:5d:36:f0:7a:41:2b:60:23:39:58:a8:61:da:ca:
3c:f6:53:c7:4b:c0:d3:82:7c:8b:c9:e1:26:41:4c:
e7:96:d9:9f:94:6b:17:1e:eb:cf:04:c8:89:7d:7c:
59:51:c6:98:8e:31:51:d8:61:84:00:2a:f1:df:12:
12:62:98:e6:53:e5:e6:f9:4b:14:c9:c8:e0:16:9a:
d8:d7:e6:e3:af:54:9a:17:73:54:c9:6d:64:67:24:
d6:19:de:d7:4f:43:10:fb:5b:86:01:07:78:61:65:
be:d2:5e:a8:31:43:80:90:da:af:00:ce:fd:43:dc:
4f:c6:2b:ab:5d:d1:e7:e9:b8:66:97:2b:63:f3:99:
e5:3d:be:a4:bd:7c:5f:4e:a6:3b:d2:68:5f:5c:ac:
69:41:41:a3:3c:61:10:f5:c2:9e:97:f4:64:b3:15:
f3:2b:94:e2:2e:0c:6e:11:1e:37:42:75:88:4d:24:
09:f8:6c:3f:22:bf:02:97:67:c5:78:1f:60:9d:cd:
83:25:0d:6c:15:cb:a3:0f:f0:56:dd:4c:b1:fe:4e:
ab:30:19:a3:f0:ff:4a:52:65:02:0d:c6:98:d1:f2:
c0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:98:61:7C:75:CF:77:DF:B1:D3:BA:77:09:C8:FA:42:70:82:CB:72
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YphhfHXPd9-x07p3Ccj6QnCCy3I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:54:99:f2:8c:04:96:18:27:43:99:82:e9:8d:e0:e8:36:55:
f0:b1:21:18:94:7f:89:18:82:4f:a0:8f:cd:e8:5d:ae:1a:f8:
8e:07:a3:be:e3:57:ba:09:17:10:73:86:5d:a0:0b:ba:b7:dd:
56:e9:a4:c8:c7:04:62:fb:3a:a0:d9:0f:68:f3:31:d4:37:54:
07:58:9f:91:76:76:3e:68:7e:0b:99:3a:c2:cd:13:46:46:fe:
80:65:6f:81:0d:27:04:8d:0f:d9:54:e2:62:05:c3:00:a0:f5:
e4:f0:e8:cd:2d:f9:16:aa:d9:8a:14:3c:d2:59:de:93:00:8a:
dd:7a:39:69:17:11:11:5f:3f:1b:43:8b:5f:02:15:10:8a:9d:
41:6b:0b:99:30:fa:be:f5:96:63:05:1f:9e:fc:4b:a0:a9:5b:
21:df:d8:b9:66:7b:3d:74:1b:73:a4:b7:6b:d0:c8:e3:ad:ac:
6c:71:cb:58:ae:54:9d:b5:70:7e:02:c5:77:bb:ca:d8:e7:f9:
b2:30:d1:c0:8d:24:c7:3f:48:94:c9:85:45:13:4b:1f:da:46:
c4:cf:10:ec:72:63:57:f0:22:4b:06:88:de:50:9b:f9:1a:cd:
6a:ec:02:26:66:24:b7:d7:2e:20:5d:c2:5a:4b:33:50:a8:51:
81:58:0c:96
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQvYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcy
MDUzMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYyOTg2MTdDNzVDRjc3
REZCMUQzQkE3NzA5QzhGQTQyNzA4MkNCNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL7wHRJJKpxZ7le7wR/jCzQGleL1RGtbwSq7wBeGBdNvB6QStg
IzlYqGHayjz2U8dLwNOCfIvJ4SZBTOeW2Z+Uaxce688EyIl9fFlRxpiOMVHYYYQA
KvHfEhJimOZT5eb5SxTJyOAWmtjX5uOvVJoXc1TJbWRnJNYZ3tdPQxD7W4YBB3hh
Zb7SXqgxQ4CQ2q8Azv1D3E/GK6td0efpuGaXK2PzmeU9vqS9fF9OpjvSaF9crGlB
QaM8YRD1wp6X9GSzFfMrlOIuDG4RHjdCdYhNJAn4bD8ivwKXZ8V4H2CdzYMlDWwV
y6MP8FbdTLH+TqswGaPw/0pSZQINxpjR8sDDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYphhfHXPd9+x07p3Ccj6QnCCy3IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lwaGhmSFhQZDkteDA3
cDNDY2o2UW5DQ3kzSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAQFSZ8owElhgnQ5mC6Y3g6DZV8LEhGJR/
iRiCT6CPzehdrhr4jgejvuNXugkXEHOGXaALurfdVumkyMcEYvs6oNkPaPMx1DdU
B1ifkXZ2Pmh+C5k6ws0TRkb+gGVvgQ0nBI0P2VTiYgXDAKD15PDozS35FqrZihQ8
0lnekwCK3Xo5aRcREV8/G0OLXwIVEIqdQWsLmTD6vvWWYwUfnvxLoKlbId/YuWZ7
PXQbc6S3a9DI462sbHHLWK5UnbVwfgLFd7vK2Of5sjDRwI0kxz9IlMmFRRNLH9pG
xM8Q7HJjV/AiSwaI3lCb+RrNauwCJmYkt9cuIF3CWkszUKhRgVgMlg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:53:32 2025 by rpki-client