Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/38jLXzMRXjDnUnO3cxJayp0fMBw.roa
File: 38jLXzMRXjDnUnO3cxJayp0fMBw.roa (raw, json)
Hash identifier: ctb2Ut8s6zgC6xF9xwJhW7L/JifD9NtlwcziYvgistI=
Subject key identifier: DF:C8:CB:5F:33:11:5E:30:E7:52:73:B7:73:12:5A:CA:9D:1F:30:1C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4309
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/38jLXzMRXjDnUnO3cxJayp0fMBw.roa
Signing time: Wed 17 Apr 2024 23:22:59 +0000
ROA not before: Wed 17 Apr 2024 23:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17161 (0x4309)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 23:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DFC8CB5F33115E30E75273B773125ACA9D1F301C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:01:a2:ac:1b:79:18:ea:6c:9c:5a:e2:4f:10:
64:90:ff:01:36:44:f2:3f:83:da:fe:d6:9a:43:c7:
9b:e7:a7:86:20:8f:97:b7:ae:ad:82:34:e9:a0:ca:
cf:6f:1a:59:28:5b:ca:0d:2f:59:eb:3d:50:10:4b:
c0:c2:a9:05:0e:42:81:98:a8:f4:da:08:6d:bf:f1:
21:eb:6d:dc:4c:ef:3c:43:44:ea:74:4f:43:af:1b:
a2:3d:e7:67:8c:36:c8:3f:df:dd:c3:58:51:3d:69:
eb:09:13:d5:e8:80:19:f1:00:8b:b4:87:c8:27:8f:
dc:ae:10:e2:41:84:84:70:f6:8e:ad:72:ba:65:36:
af:9e:b8:c2:c2:a0:22:84:5e:da:bc:9d:c4:9a:90:
f9:27:83:60:14:42:49:6e:1d:23:2b:49:61:ba:cf:
e9:53:05:8b:de:87:90:8b:ac:50:01:bf:18:7e:48:
ba:e2:6e:2c:b3:fa:39:91:cf:fe:ee:57:5c:bb:2e:
12:39:53:6a:ec:15:16:38:2b:a7:d5:02:a9:06:24:
cd:e2:21:bc:38:eb:5e:76:60:f2:aa:63:e1:5c:41:
ec:6f:38:20:64:cd:7b:48:59:ee:f7:8f:d1:1c:1d:
38:5e:df:47:9f:7c:8a:46:f7:55:55:96:6a:e9:bb:
c4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C8:CB:5F:33:11:5E:30:E7:52:73:B7:73:12:5A:CA:9D:1F:30:1C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/38jLXzMRXjDnUnO3cxJayp0fMBw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
43:36:2c:7a:c1:56:6b:9c:e7:f4:3a:01:2b:28:c7:66:3e:17:
52:5c:c7:f9:5d:8d:e8:0b:20:cc:61:fa:10:67:ad:2f:e5:04:
11:61:7e:71:38:9e:03:46:a0:c8:ad:65:68:11:26:22:db:a7:
d8:41:1f:76:9f:1f:78:de:75:03:4a:7f:aa:c0:8e:6f:c3:67:
fc:0b:7e:1a:17:51:b7:0e:12:a7:60:55:fe:3f:92:47:71:f6:
62:0c:8d:5f:dc:f4:bb:e8:3e:53:70:bc:81:ad:0e:85:79:ef:
52:2c:5b:a3:43:3d:30:c1:ca:41:d2:c1:6a:ce:b7:5a:25:b1:
66:df:68:aa:0c:f8:dd:28:12:05:3e:3b:7e:ab:0c:9d:f6:6f:
ec:82:4f:61:8a:66:63:31:5d:8f:fa:b2:ff:25:d2:e2:7f:d6:
a7:07:5a:49:1c:67:7e:b6:03:3b:27:22:76:c8:d3:0c:bf:9b:
8d:81:b1:60:30:84:93:ea:83:a9:38:87:99:7c:cc:18:a9:f4:
5e:46:03:60:4e:9e:9c:9d:6e:0b:d0:7a:fe:33:0b:c9:dc:2f:
4b:32:68:fc:02:29:ef:1a:f8:42:09:d1:cd:dc:3f:a3:56:3d:
d3:aa:97:66:61:33:b8:36:1b:31:2e:d0:2b:96:d5:a7:65:ce:
f1:54:87:a0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQwkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcy
MzIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERGQzhDQjVGMzMxMTVF
MzBFNzUyNzNCNzczMTI1QUNBOUQxRjMwMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCAaKsG3kY6mycWuJPEGSQ/wE2RPI/g9r+1ppDx5vnp4Ygj5e3
rq2CNOmgys9vGlkoW8oNL1nrPVAQS8DCqQUOQoGYqPTaCG2/8SHrbdxM7zxDROp0
T0OvG6I952eMNsg/393DWFE9aesJE9XogBnxAIu0h8gnj9yuEOJBhIRw9o6tcrpl
Nq+euMLCoCKEXtq8ncSakPkng2AUQkluHSMrSWG6z+lTBYveh5CLrFABvxh+SLri
biyz+jmRz/7uV1y7LhI5U2rsFRY4K6fVAqkGJM3iIbw46152YPKqY+FcQexvOCBk
zXtIWe73j9EcHThe30effIpG91VVlmrpu8TjAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU38jLXzMRXjDnUnO3cxJayp0fMBwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzM4akxYek1SWGpEblVu
TzNjeEpheXAwZk1Cdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEM2LHrBVmuc5/Q6
ASsox2Y+F1Jcx/ldjegLIMxh+hBnrS/lBBFhfnE4ngNGoMitZWgRJiLbp9hBH3af
H3jedQNKf6rAjm/DZ/wLfhoXUbcOEqdgVf4/kkdx9mIMjV/c9LvoPlNwvIGtDoV5
71IsW6NDPTDBykHSwWrOt1olsWbfaKoM+N0oEgU+O36rDJ32b+yCT2GKZmMxXY/6
sv8l0uJ/1qcHWkkcZ362AzsnInbI0wy/m42BsWAwhJPqg6k4h5l8zBip9F5GA2BO
npydbgvQev4zC8ncL0syaPwCKe8a+EIJ0c3cP6NWPdOql2ZhM7g2GzEu0CuW1adl
zvFUh6A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:12 2024 by rpki-client on console-ams.rpki-client.org