Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/17mVxpGqcpFYXPdJ0FecROgQu4w.roa
File: 17mVxpGqcpFYXPdJ0FecROgQu4w.roa (raw, json)
Hash identifier: NC5PI6tmRDaqAqQb5oPJt1Sx0WDHQdbGEqfte/IdBI0=
Subject key identifier: D7:B9:95:C6:91:AA:72:91:58:5C:F7:49:D0:57:9C:44:E8:10:BB:8C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34CD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/17mVxpGqcpFYXPdJ0FecROgQu4w.roa
Signing time: Fri 29 Mar 2024 23:52:07 +0000
ROA not before: Fri 29 Mar 2024 23:52:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13517 (0x34cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 23:52:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D7B995C691AA7291585CF749D0579C44E810BB8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c1:8f:b8:53:2a:95:39:ef:cd:54:80:91:94:
77:78:5c:03:56:7a:8e:04:88:5e:8c:aa:c2:7b:a4:
5a:8e:ad:fb:d6:b2:ef:e4:0a:a7:86:77:c4:6b:36:
93:9e:13:a5:a7:01:4e:35:ff:02:f0:a7:51:74:0e:
07:d9:dd:b7:8d:f6:4b:7c:94:54:50:24:b4:5e:9c:
03:8b:28:c8:82:9f:86:43:af:e4:c0:b6:4c:76:c5:
5a:d3:e0:02:98:d1:2b:79:92:e5:cd:59:6b:3d:21:
30:47:05:5f:d1:01:37:37:40:60:1a:35:8e:95:1d:
b9:ee:1a:f3:3b:53:74:5d:2e:5f:37:1a:e6:6a:4f:
e9:91:83:f1:06:22:b0:50:40:90:6e:37:f0:1f:88:
20:e7:07:00:43:6d:30:f8:6b:e2:c2:54:68:a7:75:
5e:92:1b:56:16:56:33:60:55:5b:7c:74:85:bc:25:
39:2c:e2:29:62:6b:46:df:45:7f:fb:cf:55:c5:e0:
23:0e:5c:fd:cd:79:f6:88:3b:ee:1b:a1:ff:f9:cf:
4e:90:12:71:a0:85:15:36:88:a3:c8:7a:ac:28:98:
11:a7:7d:6f:8f:69:93:2e:a9:37:b3:d2:34:be:48:
e3:ec:90:e5:49:f4:72:fe:93:bb:08:4a:e1:e7:41:
a1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B9:95:C6:91:AA:72:91:58:5C:F7:49:D0:57:9C:44:E8:10:BB:8C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/17mVxpGqcpFYXPdJ0FecROgQu4w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
02:92:b8:74:ba:f6:2d:4e:c6:36:36:b9:c9:4b:9a:05:3d:b9:
87:07:82:cc:51:e1:3a:b6:a6:d1:63:67:c2:6c:e0:84:d3:50:
9c:d7:33:9b:14:54:67:44:a4:cc:98:1a:74:bb:0e:04:7c:58:
bc:d5:88:fe:a8:25:6a:dd:b1:63:d5:e5:68:44:28:e9:81:fe:
a2:ee:2c:0f:79:c3:47:6a:f2:f9:bc:fd:c5:e0:ac:50:42:fd:
21:4b:6c:16:3e:15:30:9f:93:90:b8:95:9a:c4:34:60:c1:10:
51:1c:bd:c0:54:36:a5:69:5a:7a:55:45:b3:73:47:dd:3b:a7:
3b:e4:66:46:ee:e0:86:d6:e8:5f:47:e4:10:2e:42:b3:1d:95:
34:33:d6:37:56:5b:fc:4f:3c:5c:94:e1:18:38:4a:70:a5:44:
34:8d:43:64:2b:81:a8:97:f5:b7:66:4f:ee:c0:3e:f6:9e:b0:
77:b1:5d:39:e4:5f:79:97:a6:ac:ca:3e:42:cc:8f:d7:11:40:
ca:8a:c2:b3:c2:e8:62:eb:0f:dc:8e:67:71:65:13:23:4b:1b:
a3:0e:ae:e0:c8:8b:ca:44:d5:62:52:49:4c:42:28:fe:cd:6d:
6e:ad:ca:9e:1a:5a:8d:f5:85:d3:83:d4:45:84:6d:76:c9:be:
7b:e6:b0:ab
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNM0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjky
MzUyMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ3Qjk5NUM2OTFBQTcy
OTE1ODVDRjc0OUQwNTc5QzQ0RTgxMEJCOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCywY+4UyqVOe/NVICRlHd4XANWeo4EiF6MqsJ7pFqOrfvWsu/k
CqeGd8RrNpOeE6WnAU41/wLwp1F0DgfZ3beN9kt8lFRQJLRenAOLKMiCn4ZDr+TA
tkx2xVrT4AKY0St5kuXNWWs9ITBHBV/RATc3QGAaNY6VHbnuGvM7U3RdLl83GuZq
T+mRg/EGIrBQQJBuN/AfiCDnBwBDbTD4a+LCVGindV6SG1YWVjNgVVt8dIW8JTks
4ilia0bfRX/7z1XF4CMOXP3NefaIO+4bof/5z06QEnGghRU2iKPIeqwomBGnfW+P
aZMuqTez0jS+SOPskOVJ9HL+k7sISuHnQaFtAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU17mVxpGqcpFYXPdJ0FecROgQu4wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzE3bVZ4cEdxY3BGWVhQ
ZEowRmVjUk9nUXU0dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAKSuHS69i1OxjY2
uclLmgU9uYcHgsxR4Tq2ptFjZ8Js4ITTUJzXM5sUVGdEpMyYGnS7DgR8WLzViP6o
JWrdsWPV5WhEKOmB/qLuLA95w0dq8vm8/cXgrFBC/SFLbBY+FTCfk5C4lZrENGDB
EFEcvcBUNqVpWnpVRbNzR907pzvkZkbu4IbW6F9H5BAuQrMdlTQz1jdWW/xPPFyU
4Rg4SnClRDSNQ2QrgaiX9bdmT+7APvaesHexXTnkX3mXpqzKPkLMj9cRQMqKwrPC
6GLrD9yOZ3FlEyNLG6MOruDIi8pE1WJSSUxCKP7NbW6typ4aWo31hdOD1EWEbXbJ
vnvmsKs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:02 2024 by rpki-client on console-fra.rpki-client.org