Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0eBj32k7eL8knGqdjhEcIaz2Thw.roa
File: 0eBj32k7eL8knGqdjhEcIaz2Thw.roa (raw, json)
Hash identifier: SYb92RddhlV/2eniCAbYpg/N91y292Bss/QE/nNL75w=
Subject key identifier: D1:E0:63:DF:69:3B:78:BF:24:9C:6A:9D:8E:11:1C:21:AC:F6:4E:1C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44E9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0eBj32k7eL8knGqdjhEcIaz2Thw.roa
Signing time: Sat 20 Apr 2024 11:23:04 +0000
ROA not before: Sat 20 Apr 2024 11:23:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17641 (0x44e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 11:23:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D1E063DF693B78BF249C6A9D8E111C21ACF64E1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:5b:16:b7:29:b0:49:a7:98:5d:41:38:20:9c:
6e:6e:a4:db:11:00:4e:25:4f:e2:34:5e:e8:f8:35:
02:fd:32:40:e7:78:4e:17:37:d6:11:b9:bf:41:9d:
9f:a5:0b:12:54:de:35:3b:b4:89:ec:90:03:c3:42:
40:1c:f3:2f:21:4a:77:c5:34:9a:14:ec:08:3b:f4:
2a:39:fe:ba:ac:5f:73:bd:be:14:86:80:fa:e1:64:
db:21:e6:c3:77:b0:0e:4b:a9:1d:c3:f7:1b:5e:98:
44:75:a0:92:69:7c:4c:25:70:90:2e:49:70:4e:92:
70:79:f2:3a:96:83:c7:55:b1:34:b3:09:6e:56:74:
2f:02:3c:e5:13:85:e3:d1:48:d4:e6:78:b0:e6:9e:
0e:bf:7f:84:92:ee:9e:ce:22:59:5d:49:33:9c:da:
aa:e7:2a:da:35:4f:96:fd:39:6d:57:23:51:ce:af:
3b:7f:76:0c:2c:05:1a:d9:85:90:6c:c5:a7:a7:15:
2d:a8:94:68:d8:8c:a9:41:f8:37:35:a1:d6:fa:97:
3b:a1:b3:35:6b:15:69:c6:f4:3f:c5:58:a0:00:f7:
a8:53:d4:63:12:e1:fe:a3:52:64:e8:6d:01:7c:a6:
d9:15:2c:fa:00:f6:ad:06:8a:5c:79:67:f6:ea:2f:
a1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:E0:63:DF:69:3B:78:BF:24:9C:6A:9D:8E:11:1C:21:AC:F6:4E:1C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0eBj32k7eL8knGqdjhEcIaz2Thw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7f:26:48:6c:7d:9a:56:67:c6:ea:47:fd:7c:98:cf:42:b0:cb:
91:d6:04:9b:4f:56:65:ee:21:7b:86:a0:a6:2c:62:b0:d6:3c:
df:21:15:05:38:27:cf:61:30:78:42:40:f7:55:b9:c1:e0:fb:
40:11:5b:8e:35:4f:2b:16:04:86:e6:52:d9:7e:57:3b:5c:bf:
23:5d:30:3b:49:65:46:f1:ec:7c:89:29:9e:ff:c1:f6:44:f5:
b4:52:fe:04:2a:28:76:0e:4c:1d:3e:01:7a:71:1a:9d:e7:55:
3d:f2:57:9f:1f:18:e9:f4:4f:34:39:34:af:48:6f:e2:ec:3e:
00:76:d9:7b:94:3a:a1:65:81:05:55:da:a7:25:51:79:56:8e:
e5:98:8e:ba:ca:f7:4f:7c:4e:6e:4d:7d:65:cd:65:8b:5e:76:
03:aa:23:7b:87:20:90:d8:e4:67:2d:8c:d2:5f:92:b1:bf:af:
ed:42:e4:99:da:cf:1f:88:07:7e:0b:12:1e:46:1d:df:2f:1f:
fa:cc:03:c8:97:cb:c8:07:3d:2a:15:73:6d:62:28:28:55:bc:
aa:5f:35:b8:ec:f6:9c:8b:9b:3b:0c:8e:74:3a:23:c9:30:0d:
b6:e8:ac:55:1f:5f:c3:40:86:bb:64:f8:39:63:33:ea:06:63:
db:23:f7:fd
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICROkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
MTIzMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQxRTA2M0RGNjkzQjc4
QkYyNDlDNkE5RDhFMTExQzIxQUNGNjRFMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlWxa3KbBJp5hdQTggnG5upNsRAE4lT+I0Xuj4NQL9MkDneE4X
N9YRub9BnZ+lCxJU3jU7tInskAPDQkAc8y8hSnfFNJoU7Ag79Co5/rqsX3O9vhSG
gPrhZNsh5sN3sA5LqR3D9xtemER1oJJpfEwlcJAuSXBOknB58jqWg8dVsTSzCW5W
dC8CPOUThePRSNTmeLDmng6/f4SS7p7OIlldSTOc2qrnKto1T5b9OW1XI1HOrzt/
dgwsBRrZhZBsxaenFS2olGjYjKlB+Dc1odb6lzuhszVrFWnG9D/FWKAA96hT1GMS
4f6jUmTobQF8ptkVLPoA9q0Gilx5Z/bqL6HRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU0eBj32k7eL8knGqdjhEcIaz2ThwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBlQmozMms3ZUw4a25H
cWRqaEVjSWF6MlRody5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAH8mSGx9mlZnxupH
/XyYz0Kwy5HWBJtPVmXuIXuGoKYsYrDWPN8hFQU4J89hMHhCQPdVucHg+0ARW441
TysWBIbmUtl+VztcvyNdMDtJZUbx7HyJKZ7/wfZE9bRS/gQqKHYOTB0+AXpxGp3n
VT3yV58fGOn0TzQ5NK9Ib+LsPgB22XuUOqFlgQVV2qclUXlWjuWYjrrK9098Tm5N
fWXNZYtedgOqI3uHIJDY5GctjNJfkrG/r+1C5Jnazx+IB34LEh5GHd8vH/rMA8iX
y8gHPSoVc21iKChVvKpfNbjs9pyLmzsMjnQ6I8kwDbborFUfX8NAhrtk+DljM+oG
Y9sj9/0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:08 2024 by rpki-client on console-ams.rpki-client.org