Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/36wp5qLEL25XDuoiTMkT0izZ__8.roa
File: 36wp5qLEL25XDuoiTMkT0izZ__8.roa (raw, json)
Hash identifier: 5bhOzvS3WRlPH30T80j0VmFu3DuVHKMt6ikaGAobhHc=
Subject key identifier: DF:AC:29:E6:A2:C4:2F:6E:57:0E:EA:22:4C:C9:13:D2:2C:D9:FF:FF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4285
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/36wp5qLEL25XDuoiTMkT0izZ__8.roa
Signing time: Wed 17 Apr 2024 06:52:58 +0000
ROA not before: Wed 17 Apr 2024 06:52:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17029 (0x4285)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 06:52:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DFAC29E6A2C42F6E570EEA224CC913D22CD9FFFF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fc:19:ea:c3:df:3c:7f:a3:51:7b:cc:fd:1b:
5c:5f:01:40:0e:17:98:2e:a8:4f:cd:e9:c5:45:16:
30:22:16:e1:86:e8:87:ba:68:36:4a:13:f3:6b:48:
6b:5d:cb:d3:41:7c:06:36:90:b9:c1:57:b3:d4:f3:
ba:9a:58:ec:4a:43:3e:1b:1a:11:42:2b:0e:5c:de:
b0:67:54:d7:8a:58:f5:f3:03:4d:22:75:5e:09:ad:
be:ac:71:38:06:cf:de:64:11:e0:56:27:12:73:76:
b2:71:82:ea:e8:be:6e:4e:f3:76:24:f5:ca:f9:29:
9c:bb:34:59:10:31:73:33:0f:39:78:ce:6a:81:ff:
41:48:63:6f:ce:24:7f:cc:46:bf:e8:0a:28:99:58:
2b:a6:da:b2:22:93:18:c5:64:ad:67:9d:54:51:1b:
e4:79:63:ff:9f:97:8c:ea:3b:15:cf:f9:4b:0c:b8:
c3:97:6f:25:e2:45:b9:21:4b:ed:19:f5:42:91:7b:
26:ab:20:e8:6c:70:16:fd:19:b5:c1:de:fb:00:2d:
af:94:8e:b0:51:84:a8:a0:87:d1:08:02:ac:c2:5c:
56:84:82:e7:91:5c:c0:1f:51:05:d0:7f:82:b4:01:
d0:e6:5f:fc:7a:35:ac:d5:94:ae:fb:ee:1b:f9:1e:
51:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:AC:29:E6:A2:C4:2F:6E:57:0E:EA:22:4C:C9:13:D2:2C:D9:FF:FF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/36wp5qLEL25XDuoiTMkT0izZ__8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3a:3b:b9:b0:9f:1c:aa:80:46:c8:c3:3b:d0:01:68:5d:02:0f:
99:bb:d0:60:12:cb:fd:e7:c5:8b:30:b0:25:65:19:69:06:40:
a7:f2:e0:ce:18:34:6d:73:64:86:fd:15:4c:01:ed:ac:b8:ef:
34:d0:09:03:e0:6c:a9:5e:f7:c1:59:97:91:d1:ef:a5:a4:2d:
94:62:60:1f:10:2f:60:a4:2a:a7:07:ac:50:c3:03:c7:f4:bb:
37:89:23:44:e6:9f:8f:e3:e4:ad:f3:d8:29:51:a2:1f:02:41:
f5:07:42:55:f0:6f:b7:a0:40:a3:9f:2b:b7:fd:e9:2a:df:3e:
37:9b:8e:54:58:c3:51:8e:15:86:b0:47:6b:60:75:c5:0a:d6:
9c:33:ae:55:51:37:8f:50:c1:b0:00:03:90:7b:3c:09:a5:06:
d2:7b:29:1c:09:ae:85:c6:a9:21:1b:09:6b:62:c9:3a:ea:59:
b5:bd:41:b2:46:07:51:b1:de:d8:03:93:39:9d:fc:8e:06:34:
19:dd:fb:6e:eb:d8:5d:b9:e7:92:53:ae:ec:2a:8d:ad:ef:cb:
10:d7:25:49:bd:b6:a6:bb:42:4d:cd:b1:61:90:b3:96:05:32:
3a:87:b0:17:4f:18:67:d3:62:9d:e5:99:0f:6e:46:b1:8d:23:
fd:14:af:30
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQoUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
NjUyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERGQUMyOUU2QTJDNDJG
NkU1NzBFRUEyMjRDQzkxM0QyMkNEOUZGRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQ/Bnqw988f6NRe8z9G1xfAUAOF5guqE/N6cVFFjAiFuGG6Ie6
aDZKE/NrSGtdy9NBfAY2kLnBV7PU87qaWOxKQz4bGhFCKw5c3rBnVNeKWPXzA00i
dV4Jrb6scTgGz95kEeBWJxJzdrJxgurovm5O83Yk9cr5KZy7NFkQMXMzDzl4zmqB
/0FIY2/OJH/MRr/oCiiZWCum2rIikxjFZK1nnVRRG+R5Y/+fl4zqOxXP+UsMuMOX
byXiRbkhS+0Z9UKReyarIOhscBb9GbXB3vsALa+UjrBRhKigh9EIAqzCXFaEgueR
XMAfUQXQf4K0AdDmX/x6NazVlK777hv5HlHNAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU36wp5qLEL25XDuoiTMkT0izZ//8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzM2d3A1cUxFTDI1WER1
b2lUTWtUMGl6Wl9fOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADo7ubCfHKqARsjD
O9ABaF0CD5m70GASy/3nxYswsCVlGWkGQKfy4M4YNG1zZIb9FUwB7ay47zTQCQPg
bKle98FZl5HR76WkLZRiYB8QL2CkKqcHrFDDA8f0uzeJI0Tmn4/j5K3z2ClRoh8C
QfUHQlXwb7egQKOfK7f96SrfPjebjlRYw1GOFYawR2tgdcUK1pwzrlVRN49QwbAA
A5B7PAmlBtJ7KRwJroXGqSEbCWtiyTrqWbW9QbJGB1Gx3tgDkzmd/I4GNBnd+27r
2F2555JTruwqja3vyxDXJUm9tqa7Qk3NsWGQs5YFMjqHsBdPGGfTYp3lmQ9uRrGN
I/0UrzA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:04 2024 by rpki-client on console-fra.rpki-client.org