Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3TmdpKCHydgJkaZvNMeFHWV-20E.roa
File: 3TmdpKCHydgJkaZvNMeFHWV-20E.roa (raw, json)
Hash identifier: DvtoJXUffo0dodbOHsbJy2Dy9UbUWReJmDNo52PbqmE=
Subject key identifier: DD:39:9D:A4:A0:87:C9:D8:09:91:A6:6F:34:C7:85:1D:65:7E:DB:41
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F4D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3TmdpKCHydgJkaZvNMeFHWV-20E.roa
Signing time: Fri 12 Apr 2024 23:52:50 +0000
ROA not before: Fri 12 Apr 2024 23:52:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16205 (0x3f4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 23:52:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DD399DA4A087C9D80991A66F34C7851D657EDB41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c0:fb:83:38:54:35:93:67:59:1e:22:5d:bd:
d0:ae:83:2a:12:65:75:3c:45:e5:49:09:db:eb:62:
9c:e8:e8:b6:8a:67:67:ef:89:93:f0:fc:9e:73:59:
bf:e9:71:13:00:62:2e:4f:d7:27:c7:d1:2c:b5:5a:
dd:1e:1e:b9:d4:ab:84:00:78:04:f1:69:78:e9:2b:
48:db:ce:96:0f:d0:a9:94:15:8c:b8:e5:73:77:6d:
85:28:11:92:bd:af:73:f5:f6:72:5c:dc:3d:33:75:
aa:d2:b1:6c:9a:db:bd:9b:04:09:32:3c:bc:c0:5c:
0a:01:a9:a4:61:81:98:6c:f5:b2:c6:75:09:bb:35:
91:a2:37:83:77:37:97:1e:a5:4c:74:a3:21:eb:f1:
d8:41:8b:c1:5d:cd:4a:4c:1e:38:2c:66:19:69:2d:
0a:dc:54:2a:fd:0f:e6:89:bb:03:bf:94:e5:d5:7f:
b0:30:7b:06:24:a5:ab:c6:a9:43:50:1b:f1:a7:1b:
14:64:53:79:61:8e:30:ab:33:81:20:b0:bf:c6:4a:
31:ba:4a:12:14:be:23:0b:26:97:e9:95:77:f8:58:
35:2b:a8:1b:36:7c:e8:3a:9c:4d:48:77:28:15:ad:
aa:23:cb:51:cb:d2:9f:e7:85:4a:9c:32:84:aa:18:
cf:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:39:9D:A4:A0:87:C9:D8:09:91:A6:6F:34:C7:85:1D:65:7E:DB:41
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3TmdpKCHydgJkaZvNMeFHWV-20E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a8:c5:db:5d:36:b4:fc:ce:94:0d:c7:d6:1b:a6:2f:43:40:38:
28:07:ee:63:f4:14:fd:e0:66:ab:fc:9b:20:4e:70:b0:fc:57:
a2:f6:72:2e:d6:40:18:8f:9c:aa:fe:57:43:ae:a0:cb:be:a9:
c7:9a:8e:13:9c:0b:c6:ba:70:5d:4f:65:d9:17:b2:1f:28:dd:
60:c7:93:2f:fd:16:ac:cd:97:46:15:fc:7b:94:cf:c3:02:1b:
17:35:cc:7b:4d:d8:7b:0b:16:7c:58:a2:09:16:c8:51:1e:ca:
71:b4:2a:a5:29:48:69:c3:96:11:75:b7:8b:6a:c6:f5:7c:6c:
f5:26:f9:0a:56:b0:34:15:82:d4:65:fd:12:d3:b9:ed:a2:e2:
a7:c6:2b:ab:63:34:0d:de:0b:b6:05:e6:a0:52:58:f5:61:69:
e6:d0:eb:09:bd:06:bb:aa:85:e2:ff:ce:fd:c9:98:ff:90:0a:
72:b2:88:fe:c1:d1:27:a0:b0:92:88:e5:4f:8e:ac:34:37:1b:
8c:89:83:00:da:03:8e:36:cf:e4:7a:3d:85:01:4b:92:16:01:
48:96:30:18:d0:6b:e8:bf:bd:a6:1f:2e:36:e0:8c:9b:e2:05:
f6:a5:00:bc:b2:42:71:21:73:ca:4b:d5:74:35:96:06:75:16:
4a:5b:d4:00
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP00wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIy
MzUyNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEREMzk5REE0QTA4N0M5
RDgwOTkxQTY2RjM0Qzc4NTFENjU3RURCNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkwPuDOFQ1k2dZHiJdvdCugyoSZXU8ReVJCdvrYpzo6LaKZ2fv
iZPw/J5zWb/pcRMAYi5P1yfH0Sy1Wt0eHrnUq4QAeATxaXjpK0jbzpYP0KmUFYy4
5XN3bYUoEZK9r3P19nJc3D0zdarSsWya272bBAkyPLzAXAoBqaRhgZhs9bLGdQm7
NZGiN4N3N5cepUx0oyHr8dhBi8FdzUpMHjgsZhlpLQrcVCr9D+aJuwO/lOXVf7Aw
ewYkpavGqUNQG/GnGxRkU3lhjjCrM4EgsL/GSjG6ShIUviMLJpfplXf4WDUrqBs2
fOg6nE1IdygVraojy1HL0p/nhUqcMoSqGM/NAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU3TmdpKCHydgJkaZvNMeFHWV+20EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNUbWRwS0NIeWRnSmth
WnZOTWVGSFdWLTIwRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKjF2102tPzOlA3H
1humL0NAOCgH7mP0FP3gZqv8myBOcLD8V6L2ci7WQBiPnKr+V0OuoMu+qceajhOc
C8a6cF1PZdkXsh8o3WDHky/9FqzNl0YV/HuUz8MCGxc1zHtN2HsLFnxYogkWyFEe
ynG0KqUpSGnDlhF1t4tqxvV8bPUm+QpWsDQVgtRl/RLTue2i4qfGK6tjNA3eC7YF
5qBSWPVhaebQ6wm9BruqheL/zv3JmP+QCnKyiP7B0SegsJKI5U+OrDQ3G4yJgwDa
A442z+R6PYUBS5IWAUiWMBjQa+i/vaYfLjbgjJviBfalALyyQnEhc8pL1XQ1lgZ1
Fkpb1AA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:05 2024 by rpki-client on console-fra.rpki-client.org