Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3o1bQBEkDxjVioz2NI28yttgJt4.roa
File: 3o1bQBEkDxjVioz2NI28yttgJt4.roa (raw, json)
Hash identifier: nbQD7DXHxXno9/sV95GfbWoQIuwY5uGiLDPWdv0+pZ8=
Subject key identifier: DE:8D:5B:40:11:24:0F:18:D5:8A:8C:F6:34:8D:BC:CA:DB:60:26:DE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 341D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3o1bQBEkDxjVioz2NI28yttgJt4.roa
Signing time: Fri 29 Mar 2024 01:52:04 +0000
ROA not before: Fri 29 Mar 2024 01:52:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13341 (0x341d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 01:52:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DE8D5B4011240F18D58A8CF6348DBCCADB6026DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5c:6c:60:ac:18:3f:be:79:2f:41:2f:12:1d:
a2:d4:aa:3a:4c:15:6b:e8:a9:4f:84:96:1c:c0:5f:
a0:c1:71:72:8b:e7:d0:da:40:94:9c:39:75:b4:43:
b4:6f:f2:dc:e6:0c:2e:cd:fc:65:bf:1c:50:69:3c:
72:32:e7:27:1a:a9:5b:66:dc:4d:2b:62:d5:00:f5:
e2:c9:50:4d:f8:7d:51:b2:10:07:17:7c:33:a9:12:
30:ce:48:0f:a2:4f:04:4e:1d:8b:e3:c5:bc:81:aa:
34:e3:79:c5:cb:a5:7b:fa:e5:b4:a0:2d:9f:30:19:
e6:8e:3e:5e:5e:66:e4:41:aa:23:bc:04:9d:26:e3:
0c:6e:d3:99:d9:43:4f:35:00:fd:34:21:ca:98:cb:
b5:2d:85:d9:3f:ed:61:c1:96:de:8b:13:2e:a0:2b:
d3:5f:b7:f9:76:c1:68:0a:88:0e:7e:12:26:04:19:
32:e0:9b:ed:57:bc:ea:cf:22:e8:8a:ba:e7:8d:2b:
4a:c3:c8:67:4d:4e:cf:15:b4:b2:32:3d:04:75:d1:
03:18:86:21:96:0c:78:ce:07:a1:7c:65:a4:81:b5:
ab:08:e4:79:f8:7d:36:d1:b3:c8:13:f3:11:e0:59:
83:48:7f:13:3a:d4:38:b1:bb:8b:0b:e7:3c:b0:78:
24:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:8D:5B:40:11:24:0F:18:D5:8A:8C:F6:34:8D:BC:CA:DB:60:26:DE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3o1bQBEkDxjVioz2NI28yttgJt4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
15:3c:75:fa:f6:46:fe:cc:96:be:15:38:60:4e:6f:07:71:7a:
92:2f:4c:16:44:20:9d:ba:15:45:4c:d1:68:f2:36:71:aa:05:
30:b0:bc:f5:eb:a5:05:36:ed:7f:9c:16:b3:2f:e8:d1:44:22:
99:f0:3e:62:40:fb:e6:aa:41:25:f9:37:e1:5f:65:26:2f:13:
eb:be:2d:de:60:97:80:78:11:6d:13:00:5b:60:56:6b:d3:e2:
ae:9c:1a:ca:e4:38:89:51:31:ba:9c:e9:2d:d1:ba:4e:28:51:
47:1d:fe:49:89:fa:40:1c:23:25:43:02:5d:6f:64:51:15:0b:
36:0d:07:25:06:41:aa:c4:92:0e:b5:f6:35:c6:64:36:43:cc:
b9:ad:5d:6f:1b:0c:61:9d:15:3e:e9:55:4c:60:12:f1:32:dd:
53:58:e9:ce:c2:c0:c8:55:ec:d8:3f:c8:01:79:d8:6b:a0:e5:
93:af:8e:cf:91:58:9b:cb:5a:60:b9:06:76:4d:ec:de:9f:d6:
39:57:7e:96:50:8e:2f:54:10:8c:ba:30:74:3d:33:b9:1d:2e:
0d:12:e1:5e:d5:51:45:ff:52:fc:2f:6e:0c:86:64:d1:64:40:
f7:37:f6:8b:4a:64:1a:34:60:3f:d7:ae:42:6d:40:b0:e9:2d:
db:a7:80:1c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNB0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
MTUyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERFOEQ1QjQwMTEyNDBG
MThENThBOENGNjM0OERCQ0NBREI2MDI2REUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkXGxgrBg/vnkvQS8SHaLUqjpMFWvoqU+ElhzAX6DBcXKL59Da
QJScOXW0Q7Rv8tzmDC7N/GW/HFBpPHIy5ycaqVtm3E0rYtUA9eLJUE34fVGyEAcX
fDOpEjDOSA+iTwROHYvjxbyBqjTjecXLpXv65bSgLZ8wGeaOPl5eZuRBqiO8BJ0m
4wxu05nZQ081AP00IcqYy7Uthdk/7WHBlt6LEy6gK9Nft/l2wWgKiA5+EiYEGTLg
m+1XvOrPIuiKuueNK0rDyGdNTs8VtLIyPQR10QMYhiGWDHjOB6F8ZaSBtasI5Hn4
fTbRs8gT8xHgWYNIfxM61Dixu4sL5zyweCQRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU3o1bQBEkDxjVioz2NI28yttgJt4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNvMWJRQkVrRHhqVmlv
ejJOSTI4eXR0Z0p0NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABU8dfr2Rv7Mlr4V
OGBObwdxepIvTBZEIJ26FUVM0WjyNnGqBTCwvPXrpQU27X+cFrMv6NFEIpnwPmJA
++aqQSX5N+FfZSYvE+u+Ld5gl4B4EW0TAFtgVmvT4q6cGsrkOIlRMbqc6S3Ruk4o
UUcd/kmJ+kAcIyVDAl1vZFEVCzYNByUGQarEkg619jXGZDZDzLmtXW8bDGGdFT7p
VUxgEvEy3VNY6c7CwMhV7Ng/yAF52Gug5ZOvjs+RWJvLWmC5BnZN7N6f1jlXfpZQ
ji9UEIy6MHQ9M7kdLg0S4V7VUUX/UvwvbgyGZNFkQPc39otKZBo0YD/XrkJtQLDp
LdungBw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:05 2024 by rpki-client on console-fra.rpki-client.org