Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2wHBrw0nPykr2njXTGhR8kXy18k.roa
File: 2wHBrw0nPykr2njXTGhR8kXy18k.roa (raw, json)
Hash identifier: 4j7otcIhq0sQ3IFFWPsa+5A9RuhogwXUxKU52z2CFnk=
Subject key identifier: DB:01:C1:AF:0D:27:3F:29:2B:DA:78:D7:4C:68:51:F2:45:F2:D7:C9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41AD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2wHBrw0nPykr2njXTGhR8kXy18k.roa
Signing time: Tue 16 Apr 2024 03:52:56 +0000
ROA not before: Tue 16 Apr 2024 03:52:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16813 (0x41ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 03:52:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DB01C1AF0D273F292BDA78D74C6851F245F2D7C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e1:50:69:2b:4a:33:5b:ea:56:d8:01:5d:ba:
a7:13:15:54:92:da:0b:74:96:6d:62:38:bb:61:ac:
f3:72:90:bc:64:1b:65:9a:6a:ce:f6:b8:0f:8d:9e:
a2:2f:b7:b9:e0:56:b8:10:b6:9f:b4:1c:67:5f:d5:
b5:7e:c7:5b:e0:a6:0f:76:9a:0b:6c:b3:e3:51:13:
54:3a:a5:dd:aa:17:f3:fd:0b:be:a9:a5:d2:e7:d0:
4b:11:76:8a:a7:65:fd:13:a6:69:f0:30:eb:88:59:
0a:df:d0:81:b1:a0:8f:b2:19:74:3b:88:62:40:91:
40:1c:1b:cf:48:02:62:56:d9:5e:ef:5f:20:de:49:
f1:15:de:22:f8:11:cb:7c:17:e1:fd:ef:e3:0b:3e:
bf:7c:71:d4:c4:36:82:36:2c:2d:7f:65:16:1f:1d:
00:d0:71:35:1b:2a:60:8a:be:b7:f0:3d:ba:5a:8a:
f0:33:71:bc:93:48:ec:62:e3:cf:06:7d:b5:b3:45:
74:02:97:b4:f8:77:b5:64:6c:73:17:a4:c7:b7:14:
12:1b:c1:b7:25:cb:b0:85:20:b0:de:c9:50:8c:e2:
5d:0d:e9:5c:4e:b0:26:c9:4b:43:69:9d:9a:c3:1f:
ef:11:16:2e:6b:a8:19:8a:09:c8:7b:3f:f2:d8:c3:
75:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:01:C1:AF:0D:27:3F:29:2B:DA:78:D7:4C:68:51:F2:45:F2:D7:C9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2wHBrw0nPykr2njXTGhR8kXy18k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b3:5d:64:69:8b:57:85:b9:63:49:08:00:aa:ed:c6:16:88:8a:
5e:83:7d:fb:ea:3b:f7:c2:a3:50:cb:9b:58:2e:e4:74:d7:64:
a6:ad:13:1b:5f:e6:14:e5:91:f0:93:cf:1a:e5:0e:a7:4b:67:
d1:1d:6f:6e:19:07:57:df:35:9e:f7:9a:4e:68:64:55:1a:8d:
fe:85:41:f5:4f:ef:8b:a5:55:dd:70:5a:9b:8e:9a:97:0c:79:
f7:9f:ab:96:8a:2c:3f:30:ac:c6:f3:a9:10:91:28:0e:a0:f5:
e5:65:6e:55:ad:52:bf:a2:f2:1f:54:ec:57:72:15:af:a6:c7:
52:ab:fd:dd:19:6c:5b:b4:5d:0d:d4:23:d7:3f:5a:cb:70:59:
da:9c:f9:10:a6:82:2f:b5:69:cf:78:86:76:80:89:45:22:73:
26:e7:ad:12:69:d3:9b:31:5f:51:64:99:08:c3:32:f6:35:2f:
d1:a4:56:9a:3b:08:ad:22:6a:a9:64:45:ec:71:b5:e0:60:33:
78:c5:80:10:a4:36:af:93:f1:1f:4c:7f:8b:7e:bc:b7:a4:f3:
47:72:ab:79:c2:90:72:7f:3c:9c:ec:3c:6d:d9:36:7f:28:99:
c0:6b:2e:d2:cf:8b:9f:65:1b:5e:ec:7f:38:13:2e:d6:31:bf:
4c:a7:50:14
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQa0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
MzUyNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERCMDFDMUFGMEQyNzNG
MjkyQkRBNzhENzRDNjg1MUYyNDVGMkQ3QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDh4VBpK0ozW+pW2AFduqcTFVSS2gt0lm1iOLthrPNykLxkG2Wa
as72uA+NnqIvt7ngVrgQtp+0HGdf1bV+x1vgpg92mgtss+NRE1Q6pd2qF/P9C76p
pdLn0EsRdoqnZf0TpmnwMOuIWQrf0IGxoI+yGXQ7iGJAkUAcG89IAmJW2V7vXyDe
SfEV3iL4Ect8F+H97+MLPr98cdTENoI2LC1/ZRYfHQDQcTUbKmCKvrfwPbpaivAz
cbyTSOxi488GfbWzRXQCl7T4d7VkbHMXpMe3FBIbwbcly7CFILDeyVCM4l0N6VxO
sCbJS0NpnZrDH+8RFi5rqBmKCch7P/LYw3UPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU2wHBrw0nPykr2njXTGhR8kXy18kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJ3SEJydzBuUHlrcjJu
alhUR2hSOGtYeTE4ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALNdZGmLV4W5Y0kI
AKrtxhaIil6DffvqO/fCo1DLm1gu5HTXZKatExtf5hTlkfCTzxrlDqdLZ9Edb24Z
B1ffNZ73mk5oZFUajf6FQfVP74ulVd1wWpuOmpcMefefq5aKLD8wrMbzqRCRKA6g
9eVlblWtUr+i8h9U7FdyFa+mx1Kr/d0ZbFu0XQ3UI9c/WstwWdqc+RCmgi+1ac94
hnaAiUUicybnrRJp05sxX1FkmQjDMvY1L9GkVpo7CK0iaqlkRexxteBgM3jFgBCk
Nq+T8R9Mf4t+vLek80dyq3nCkHJ/PJzsPG3ZNn8omcBrLtLPi59lG17sfzgTLtYx
v0ynUBQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:04 2024 by rpki-client on console-fra.rpki-client.org