Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2oTgPtuqN-kIdwlg_am44O27H-8.roa
File: 2oTgPtuqN-kIdwlg_am44O27H-8.roa (raw, json)
Hash identifier: bByKIYwcVCf9+EzfMfkk+lLk/tvW9xIjJUcDJITKYyo=
Subject key identifier: DA:84:E0:3E:DB:AA:37:E9:08:77:09:60:FD:A9:B8:E0:ED:BB:1F:EF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DF9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2oTgPtuqN-kIdwlg_am44O27H-8.roa
Signing time: Thu 11 Apr 2024 05:22:44 +0000
ROA not before: Thu 11 Apr 2024 05:22:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15865 (0x3df9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 05:22:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DA84E03EDBAA37E908770960FDA9B8E0EDBB1FEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:23:6a:a4:78:6c:bd:a2:15:94:e4:3e:58:d9:
b4:05:ec:dc:bc:a6:8a:d5:a8:33:20:60:1d:7c:f7:
28:c0:98:66:e3:d0:61:c9:97:50:17:21:54:c1:55:
01:e6:18:fe:12:9b:61:c3:a8:0b:ee:71:99:cf:ea:
e9:79:e6:37:02:2d:24:66:b3:92:29:b7:aa:d4:2e:
4f:6c:f8:d5:4e:74:a9:95:42:46:5e:6c:ad:9e:5a:
cb:67:46:2e:6f:c1:3c:56:a5:29:4e:ce:36:4d:fa:
9d:7b:7b:26:b7:58:67:5d:45:27:be:03:6a:a4:f5:
97:35:30:3f:73:b0:d7:f0:9c:d6:cb:0d:4f:e5:7c:
a5:4b:a2:0d:86:27:4b:f7:df:8f:53:6e:8a:5f:ff:
29:c1:64:cc:90:7a:1e:01:fa:89:40:29:0d:7c:ff:
f7:97:ea:50:5d:f7:1e:eb:67:a6:28:0f:2f:70:40:
1e:8c:d5:6b:d6:ba:52:65:8b:5a:77:99:9f:ab:4e:
c2:bd:dc:ed:0e:66:fe:70:e6:c5:5b:66:c3:ab:8b:
1c:bf:bc:ce:b3:5f:09:82:77:22:64:48:67:fe:79:
1b:31:c8:2d:82:5a:14:98:f6:8a:01:20:c6:c0:f2:
8b:2b:c7:13:13:81:40:08:61:83:2a:ab:54:a3:d5:
a9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:84:E0:3E:DB:AA:37:E9:08:77:09:60:FD:A9:B8:E0:ED:BB:1F:EF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2oTgPtuqN-kIdwlg_am44O27H-8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4d:07:d5:7a:b8:68:f1:6f:b2:e2:f1:07:f0:b4:84:16:0c:40:
2d:b0:30:ab:41:16:0d:0b:fc:c0:d1:38:e3:5a:68:d5:cb:ec:
dd:96:73:59:90:80:c7:53:02:eb:50:3f:d9:65:a1:92:1a:2e:
93:7c:ed:cf:da:46:ef:31:52:f0:5a:55:30:b4:dc:7c:e4:d2:
fd:52:1a:3e:66:53:30:3f:72:d4:da:45:7f:df:65:61:a3:bf:
f4:6f:14:e6:cf:4c:ae:9e:e1:2f:3d:47:a2:13:b8:54:53:71:
56:4e:0b:e3:bf:d9:1a:a0:ff:7a:03:a1:25:19:46:99:03:94:
d6:c7:66:b4:69:62:fb:8c:b6:42:69:e5:bd:ce:cc:17:ba:bc:
c3:c1:96:0b:42:e6:8c:ca:89:d9:29:0c:0c:e9:a6:28:48:fa:
85:4a:aa:87:3d:87:9d:c1:2d:57:32:dc:32:b7:1e:29:ba:27:
c2:73:2f:b6:f7:24:4a:0d:71:2a:60:80:3b:4f:a6:e5:98:91:
04:e4:8f:ab:43:6d:c0:02:c3:c8:9c:8b:bc:95:6d:ea:f3:ed:
22:0f:dc:98:82:23:c4:da:25:72:e3:d8:1a:72:06:c4:20:bd:
eb:0c:51:dd:c7:1a:3a:13:83:1b:31:e7:c8:93:31:f8:1b:06:
72:bd:ba:da
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPfkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
NTIyNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBODRFMDNFREJBQTM3
RTkwODc3MDk2MEZEQTlCOEUwRURCQjFGRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRI2qkeGy9ohWU5D5Y2bQF7Ny8porVqDMgYB189yjAmGbj0GHJ
l1AXIVTBVQHmGP4Sm2HDqAvucZnP6ul55jcCLSRms5Ipt6rULk9s+NVOdKmVQkZe
bK2eWstnRi5vwTxWpSlOzjZN+p17eya3WGddRSe+A2qk9Zc1MD9zsNfwnNbLDU/l
fKVLog2GJ0v3349Tbopf/ynBZMyQeh4B+olAKQ18//eX6lBd9x7rZ6YoDy9wQB6M
1WvWulJli1p3mZ+rTsK93O0OZv5w5sVbZsOrixy/vM6zXwmCdyJkSGf+eRsxyC2C
WhSY9ooBIMbA8osrxxMTgUAIYYMqq1Sj1alNAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU2oTgPtuqN+kIdwlg/am44O27H+8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJvVGdQdHVxTi1rSWR3
bGdfYW00NE8yN0gtOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAE0H1Xq4aPFvsuLx
B/C0hBYMQC2wMKtBFg0L/MDROONaaNXL7N2Wc1mQgMdTAutQP9lloZIaLpN87c/a
Ru8xUvBaVTC03Hzk0v1SGj5mUzA/ctTaRX/fZWGjv/RvFObPTK6e4S89R6ITuFRT
cVZOC+O/2Rqg/3oDoSUZRpkDlNbHZrRpYvuMtkJp5b3OzBe6vMPBlgtC5ozKidkp
DAzppihI+oVKqoc9h53BLVcy3DK3Him6J8JzL7b3JEoNcSpggDtPpuWYkQTkj6tD
bcACw8ici7yVberz7SIP3JiCI8TaJXLj2BpyBsQgvesMUd3HGjoTgxsx58iTMfgb
BnK9uto=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:12 2024 by rpki-client on console-ams.rpki-client.org