Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2f58Xm74cTXM0avOPpw5yL89FFg.roa
File: 2f58Xm74cTXM0avOPpw5yL89FFg.roa (raw, json)
Hash identifier: o/ww8vdfoeGSXhU/RKeoEyKHoGzBbN9uUA2DnEPdvt0=
Subject key identifier: D9:FE:7C:5E:6E:F8:71:35:CC:D1:AB:CE:3E:9C:39:C8:BF:3D:14:58
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4331
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2f58Xm74cTXM0avOPpw5yL89FFg.roa
Signing time: Thu 18 Apr 2024 04:22:58 +0000
ROA not before: Thu 18 Apr 2024 04:22:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17201 (0x4331)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 04:22:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D9FE7C5E6EF87135CCD1ABCE3E9C39C8BF3D1458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2c:2a:ac:90:a5:7d:61:39:6e:77:83:15:7e:
e4:84:90:c1:cf:63:62:ec:d9:f7:b2:89:8a:61:ba:
24:da:48:43:6d:96:54:71:73:99:7f:c0:d6:f3:35:
f0:4b:e5:2f:cd:09:4e:76:c9:39:6d:43:68:1c:a7:
91:25:db:2e:86:87:75:52:eb:52:e9:33:61:98:69:
c0:41:3e:e0:d3:a4:46:a9:6a:39:32:f0:63:e3:17:
0c:e5:cf:fc:c3:d4:cc:9d:ab:2f:c9:1f:0b:63:cd:
3b:37:a6:85:89:b7:94:9d:ff:c5:7f:46:0f:40:14:
b8:e7:74:14:42:14:45:89:ef:94:39:c6:fa:0f:55:
b2:b8:d0:59:8f:ea:4e:c6:6c:dd:83:5b:09:09:8e:
a2:c0:1a:f7:03:0b:c6:13:56:de:34:da:e0:84:6b:
18:21:7d:0d:80:6a:ec:cc:ee:7b:3b:2d:c7:f1:56:
10:da:12:c4:81:ec:71:03:60:8a:11:f1:b8:9e:b3:
57:c4:1e:75:15:12:74:75:2f:71:d5:7e:b1:f3:b3:
b6:9c:37:b3:0c:39:14:21:aa:39:cf:ce:5e:76:91:
d2:5f:48:f3:0c:24:0f:4c:e3:b0:6b:7b:a0:55:f3:
be:8e:2a:3f:62:14:25:aa:19:e4:31:ee:09:cd:c8:
03:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FE:7C:5E:6E:F8:71:35:CC:D1:AB:CE:3E:9C:39:C8:BF:3D:14:58
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2f58Xm74cTXM0avOPpw5yL89FFg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
06:82:f7:0b:df:c6:d8:b0:32:98:e2:2b:3b:e3:d0:1b:90:9a:
30:3f:4e:f8:fe:6e:54:a8:d2:42:73:0d:51:0e:96:22:ab:c4:
f4:fa:23:51:df:6d:4a:17:d6:b9:a5:b0:e6:4d:7e:24:da:e1:
26:90:ab:ba:da:5c:1a:10:a0:d2:85:a4:fa:34:15:00:0a:3e:
53:de:26:90:2d:c1:67:1f:ae:97:ac:cb:33:99:93:d3:5d:36:
57:f7:b5:27:37:2c:ef:b9:4f:87:ee:71:12:9f:ce:7a:55:3e:
fa:37:8e:67:22:d3:03:09:0f:f5:da:51:e9:86:f3:3d:2a:ea:
cd:78:ac:d9:b4:b4:22:c5:2c:8a:ad:cc:5b:7f:a8:91:f1:c5:
ba:32:61:68:6f:77:0d:ac:30:5f:ca:57:50:92:ba:73:3b:90:
be:f8:68:4d:b8:5f:bd:79:53:dc:54:92:46:f2:90:9f:4b:c3:
7b:10:35:36:92:34:b2:62:39:51:2b:b6:f5:40:9e:f2:2e:a5:
f5:b6:4d:c5:6b:a5:11:fa:3f:9c:3a:6c:53:09:fb:7b:b6:06:
f1:41:33:3f:43:cf:f7:4b:91:6d:f1:40:8f:c0:ef:b7:65:d9:
63:5b:6d:65:ee:36:eb:f4:47:6b:89:17:58:01:df:de:4e:b8:
46:d9:f1:56
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQzEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgw
NDIyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ5RkU3QzVFNkVGODcx
MzVDQ0QxQUJDRTNFOUMzOUM4QkYzRDE0NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDELCqskKV9YTlud4MVfuSEkMHPY2Ls2feyiYphuiTaSENtllRx
c5l/wNbzNfBL5S/NCU52yTltQ2gcp5El2y6Gh3VS61LpM2GYacBBPuDTpEapajky
8GPjFwzlz/zD1Mydqy/JHwtjzTs3poWJt5Sd/8V/Rg9AFLjndBRCFEWJ75Q5xvoP
VbK40FmP6k7GbN2DWwkJjqLAGvcDC8YTVt402uCEaxghfQ2AauzM7ns7LcfxVhDa
EsSB7HEDYIoR8bies1fEHnUVEnR1L3HVfrHzs7acN7MMORQhqjnPzl52kdJfSPMM
JA9M47Bre6BV876OKj9iFCWqGeQx7gnNyAOHAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU2f58Xm74cTXM0avOPpw5yL89FFgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJmNThYbTc0Y1RYTTBh
dk9QcHc1eUw4OUZGZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAaC9wvfxtiwMpji
Kzvj0BuQmjA/Tvj+blSo0kJzDVEOliKrxPT6I1HfbUoX1rmlsOZNfiTa4SaQq7ra
XBoQoNKFpPo0FQAKPlPeJpAtwWcfrpesyzOZk9NdNlf3tSc3LO+5T4fucRKfznpV
Pvo3jmci0wMJD/XaUemG8z0q6s14rNm0tCLFLIqtzFt/qJHxxboyYWhvdw2sMF/K
V1CSunM7kL74aE24X715U9xUkkbykJ9Lw3sQNTaSNLJiOVErtvVAnvIupfW2TcVr
pRH6P5w6bFMJ+3u2BvFBMz9Dz/dLkW3xQI/A77dl2WNbbWXuNuv0R2uJF1gB395O
uEbZ8VY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:04 2024 by rpki-client on console-fra.rpki-client.org