Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2pdpGCyaMDdqK7QgGDpWq-TAPVw.roa
File: 2pdpGCyaMDdqK7QgGDpWq-TAPVw.roa (raw, json)
Hash identifier: EgoQorXLE3ySlj1OEldCweZhnvQt53D0lWMQcQR62pc=
Subject key identifier: DA:97:69:18:2C:9A:30:37:6A:2B:B4:20:18:3A:56:AB:E4:C0:3D:5C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3379
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2pdpGCyaMDdqK7QgGDpWq-TAPVw.roa
Signing time: Thu 28 Mar 2024 05:22:01 +0000
ROA not before: Thu 28 Mar 2024 05:22:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13177 (0x3379)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 05:22:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DA9769182C9A30376A2BB420183A56ABE4C03D5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ec:cd:f4:ca:3d:57:fb:fc:9c:f8:3e:bb:74:
02:24:e9:71:02:81:f3:48:99:32:fb:e5:3c:ec:f1:
70:d2:f4:52:66:ab:d1:77:f8:d7:f2:47:b3:71:3f:
67:f3:32:fa:bd:d4:4e:e4:7b:00:71:f0:be:2e:6b:
f4:23:d7:f5:84:8e:36:bb:09:67:8f:d2:67:a3:71:
a9:05:54:6d:f6:d1:c5:96:4d:c1:d9:17:88:78:1d:
75:ce:32:c5:cd:6d:ec:78:d2:61:3b:36:89:70:83:
a2:ca:7c:7e:80:cd:04:9b:13:0e:af:76:74:d6:eb:
27:90:16:87:b1:c6:ef:80:6a:4a:c8:d0:c7:3b:0b:
cb:00:66:88:01:8e:f4:1f:b2:0e:62:69:66:f5:5f:
9a:86:21:36:80:60:32:3d:a1:ee:45:84:ab:4b:d1:
c5:7e:ea:8b:38:cc:66:dd:67:38:9d:42:8e:71:33:
d4:ec:92:4e:66:2e:3d:15:22:62:ca:de:21:9a:89:
da:3d:1d:d3:fa:f1:4b:34:45:fd:f2:f9:0f:05:f9:
d6:5f:2d:21:c6:70:d6:17:41:96:33:60:ab:6c:b6:
5c:cd:b2:f2:f6:02:90:2d:fd:75:65:71:24:71:7b:
c9:73:68:63:27:ec:90:58:67:93:c3:72:53:9f:d0:
e0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:97:69:18:2C:9A:30:37:6A:2B:B4:20:18:3A:56:AB:E4:C0:3D:5C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2pdpGCyaMDdqK7QgGDpWq-TAPVw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
11:69:03:86:d8:3f:14:16:9a:c1:25:a4:af:dd:ed:d1:1c:d1:
70:f6:03:5b:54:dd:86:d0:0c:3d:c3:09:59:e2:49:35:7b:80:
22:34:55:a7:5c:a8:cd:8d:52:64:da:42:1e:43:b8:37:76:c3:
a6:11:89:3c:06:8d:4c:31:7b:8c:78:24:87:00:45:e5:d4:0a:
6e:dc:14:77:c2:1d:a8:17:1c:fe:2d:f8:cc:fa:63:7b:f0:37:
b7:45:9e:4a:df:30:32:76:a0:28:19:bd:38:8a:86:7f:2e:e9:
61:89:ff:e4:7f:af:7d:58:91:b4:06:50:86:47:8e:08:a3:d0:
95:3f:74:c8:ad:6b:78:43:c8:a7:2b:8c:2a:6e:10:b4:7b:4c:
de:32:bd:70:c4:f5:a3:ab:6d:4b:1c:41:3f:5f:b5:ca:62:a4:
61:a5:fd:af:71:14:9d:19:e5:5e:b7:23:28:ff:0c:ff:9b:17:
54:c2:b9:a1:74:ec:7d:da:6b:0e:b4:9e:00:86:5d:30:ed:58:
5a:69:80:6a:50:5d:69:d1:3f:72:5a:a8:64:bb:48:52:e4:4c:
05:c5:c7:d9:a2:38:e4:7d:a9:49:27:24:f4:1f:1f:e3:8d:e1:
03:c2:9a:ae:89:98:77:26:fc:3c:d0:26:69:de:87:a6:ee:59:
3e:0d:3e:42
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICM3kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgw
NTIyMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBOTc2OTE4MkM5QTMw
Mzc2QTJCQjQyMDE4M0E1NkFCRTRDMDNENUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy7M30yj1X+/yc+D67dAIk6XECgfNImTL75Tzs8XDS9FJmq9F3
+NfyR7NxP2fzMvq91E7kewBx8L4ua/Qj1/WEjja7CWeP0mejcakFVG320cWWTcHZ
F4h4HXXOMsXNbex40mE7Nolwg6LKfH6AzQSbEw6vdnTW6yeQFoexxu+AakrI0Mc7
C8sAZogBjvQfsg5iaWb1X5qGITaAYDI9oe5FhKtL0cV+6os4zGbdZzidQo5xM9Ts
kk5mLj0VImLK3iGaido9HdP68Us0Rf3y+Q8F+dZfLSHGcNYXQZYzYKtstlzNsvL2
ApAt/XVlcSRxe8lzaGMn7JBYZ5PDclOf0ODFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU2pdpGCyaMDdqK7QgGDpWq+TAPVwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJwZHBHQ3lhTURkcUs3
UWdHRHBXcS1UQVBWdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABFpA4bYPxQWmsEl
pK/d7dEc0XD2A1tU3YbQDD3DCVniSTV7gCI0VadcqM2NUmTaQh5DuDd2w6YRiTwG
jUwxe4x4JIcAReXUCm7cFHfCHagXHP4t+Mz6Y3vwN7dFnkrfMDJ2oCgZvTiKhn8u
6WGJ/+R/r31YkbQGUIZHjgij0JU/dMita3hDyKcrjCpuELR7TN4yvXDE9aOrbUsc
QT9ftcpipGGl/a9xFJ0Z5V63Iyj/DP+bF1TCuaF07H3aaw60ngCGXTDtWFppgGpQ
XWnRP3JaqGS7SFLkTAXFx9miOOR9qUknJPQfH+ON4QPCmq6JmHcm/DzQJmneh6bu
WT4NPkI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:04 2024 by rpki-client on console-fra.rpki-client.org