Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3pfafMufWMGRn59VNWApMroZb_A.roa
File: 3pfafMufWMGRn59VNWApMroZb_A.roa (raw, json)
Hash identifier: 4PBQkpu4xhcnB4ns0qre8DFBi13aJtrCDa0ZzhTYFww=
Subject key identifier: DE:97:DA:7C:CB:9F:58:C1:91:9F:9F:55:35:60:29:32:BA:19:6F:F0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3671
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3pfafMufWMGRn59VNWApMroZb_A.roa
Signing time: Mon 01 Apr 2024 04:22:16 +0000
ROA not before: Mon 01 Apr 2024 04:22:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13937 (0x3671)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 04:22:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DE97DA7CCB9F58C1919F9F5535602932BA196FF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:11:47:eb:01:fc:63:d9:69:aa:85:34:d5:13:
55:ac:44:cb:48:38:b6:1d:00:8b:a6:87:95:eb:67:
57:da:fa:1a:3f:ab:ad:e8:aa:ab:2f:0b:21:3f:60:
4f:19:9a:76:ea:41:29:a7:cc:5a:d7:a3:d3:7e:05:
5b:8a:1d:4f:3b:bd:63:9f:99:51:d5:aa:9e:a1:05:
18:7f:04:e8:3e:63:57:ff:96:c3:b8:fc:37:cd:94:
b0:5e:5f:6e:2d:19:f5:e8:67:59:11:33:72:e2:f9:
bd:f2:0c:e5:57:04:f3:de:97:07:3f:79:75:54:d9:
d1:3f:03:aa:f9:e2:2a:f6:37:4a:93:c2:ac:fb:c5:
1a:e3:19:39:09:16:bb:03:64:68:cc:9c:3d:72:dd:
3c:1c:4c:78:6e:ab:9b:a6:cc:87:1a:3a:d0:63:d7:
de:91:53:91:4e:63:8e:fb:99:88:b9:81:83:e0:46:
78:86:a2:44:3b:de:d5:b6:5d:fb:40:50:d4:ae:ed:
9c:72:a1:fc:88:71:c0:83:d8:37:96:c4:b6:b8:2c:
17:06:f5:b6:f0:2a:2e:b0:02:42:07:59:3f:b5:75:
0e:af:b4:5a:94:e6:90:b0:78:3f:54:91:12:6c:a1:
6d:2b:01:85:6d:45:23:f1:04:4b:a7:b3:ac:08:9f:
a6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:97:DA:7C:CB:9F:58:C1:91:9F:9F:55:35:60:29:32:BA:19:6F:F0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3pfafMufWMGRn59VNWApMroZb_A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9c:15:35:d3:78:2a:c9:ba:52:c5:02:ba:b7:cc:48:b0:2a:32:
a0:f6:23:eb:51:72:a9:38:72:87:40:97:e3:30:e8:ae:c0:f9:
2d:ba:e7:dd:df:83:39:47:6b:19:a8:f6:48:72:72:03:13:00:
26:3a:5b:e9:10:1a:15:b3:15:ee:54:5d:a1:8b:45:57:bf:3a:
8c:01:86:4f:bb:96:f7:06:da:a2:d7:51:10:bf:15:d7:9d:7f:
81:18:38:7e:41:c9:12:bb:87:90:dc:1f:b0:79:90:02:96:36:
d0:ac:71:9d:ee:6e:f2:77:83:b7:bf:34:62:38:6d:23:17:da:
f0:d9:07:4f:bc:4f:2b:a7:62:c4:67:13:f1:02:37:d3:50:94:
fd:a6:01:5f:98:84:0a:18:5a:be:6c:3b:12:b0:2d:21:a1:3a:
3a:b8:9c:73:df:c7:0e:89:72:2e:76:9c:4c:e7:c1:74:d6:88:
1c:30:08:29:13:26:24:76:4c:06:2f:84:a2:6f:31:84:5c:f6:
4a:9e:2c:ca:07:76:18:81:00:93:84:2d:d6:64:36:f0:4a:98:
62:ac:fc:6f:55:8b:a9:db:f5:ea:86:2f:86:6c:ec:e6:3b:5b:
87:b6:45:79:66:86:73:8e:e4:6b:09:46:e8:3e:2f:ad:5c:8b:
a0:20:5c:7d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNnEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEw
NDIyMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERFOTdEQTdDQ0I5RjU4
QzE5MTlGOUY1NTM1NjAyOTMyQkExOTZGRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnEUfrAfxj2WmqhTTVE1WsRMtIOLYdAIumh5XrZ1fa+ho/q63o
qqsvCyE/YE8ZmnbqQSmnzFrXo9N+BVuKHU87vWOfmVHVqp6hBRh/BOg+Y1f/lsO4
/DfNlLBeX24tGfXoZ1kRM3Li+b3yDOVXBPPelwc/eXVU2dE/A6r54ir2N0qTwqz7
xRrjGTkJFrsDZGjMnD1y3TwcTHhuq5umzIcaOtBj196RU5FOY477mYi5gYPgRniG
okQ73tW2XftAUNSu7ZxyofyIccCD2DeWxLa4LBcG9bbwKi6wAkIHWT+1dQ6vtFqU
5pCweD9UkRJsoW0rAYVtRSPxBEuns6wIn6Z1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU3pfafMufWMGRn59VNWApMroZb/AwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNwZmFmTXVmV01HUm41
OVZOV0FwTXJvWmJfQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJwVNdN4Ksm6UsUC
urfMSLAqMqD2I+tRcqk4codAl+Mw6K7A+S26593fgzlHaxmo9khycgMTACY6W+kQ
GhWzFe5UXaGLRVe/OowBhk+7lvcG2qLXURC/Fdedf4EYOH5ByRK7h5DcH7B5kAKW
NtCscZ3ubvJ3g7e/NGI4bSMX2vDZB0+8TyunYsRnE/ECN9NQlP2mAV+YhAoYWr5s
OxKwLSGhOjq4nHPfxw6Jci52nEznwXTWiBwwCCkTJiR2TAYvhKJvMYRc9kqeLMoH
dhiBAJOELdZkNvBKmGKs/G9Vi6nb9eqGL4Zs7OY7W4e2RXlmhnOO5GsJRug+L61c
i6AgXH0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:05 2024 by rpki-client on console-fra.rpki-client.org