Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3r7IfAGAjFIwpPKOdqTJuNjSeNc.roa
File: 3r7IfAGAjFIwpPKOdqTJuNjSeNc.roa (raw, json)
Hash identifier: dlKW0mFVWrcsqXYDhQ/efujoLvNpFzo1aWwr146Cbi4=
Subject key identifier: DE:BE:C8:7C:01:80:8C:52:30:A4:F2:8E:76:A4:C9:B8:D8:D2:78:D7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F49
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3r7IfAGAjFIwpPKOdqTJuNjSeNc.roa
Signing time: Sat 04 May 2024 07:23:52 +0000
ROA not before: Sat 04 May 2024 07:23:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20297 (0x4f49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 07:23:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DEBEC87C01808C5230A4F28E76A4C9B8D8D278D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7c:fb:66:83:49:fb:20:d3:ae:1f:b9:60:43:
11:b7:21:dc:a9:75:50:60:24:95:ab:2d:09:cc:3c:
0e:5a:f3:47:24:0c:f2:51:2e:cf:9d:33:9e:0e:65:
65:77:e7:f5:43:cd:e3:98:7f:8c:97:95:03:d5:b1:
1e:d4:7e:cd:0c:df:04:77:82:29:eb:2a:72:3c:d7:
6d:8b:81:36:c3:af:df:d6:47:b4:c6:47:c2:03:0c:
21:21:f2:16:ae:91:08:56:0a:31:d3:f8:90:60:8e:
c5:7b:a2:21:17:40:18:3b:1c:17:d3:ab:4a:e5:5c:
9e:d8:34:df:b6:0b:89:3b:46:7a:67:c6:97:c7:af:
6b:df:ef:f1:a6:0d:5f:86:9b:db:dc:3d:11:a1:79:
78:50:55:e4:9a:84:d5:08:42:9e:fe:f3:54:96:8d:
ac:ae:80:f2:51:da:53:0e:4e:c6:01:56:12:1e:0b:
a7:e9:0f:31:40:b2:11:80:66:e8:c2:2a:14:2e:b0:
a4:f3:2b:90:71:a3:5f:ac:02:a1:68:42:3b:ad:82:
75:09:d5:4e:f1:ae:ad:0a:e4:ac:dc:45:3d:50:8d:
3b:64:6e:df:a7:9e:95:47:d3:e6:eb:10:48:a1:82:
e6:45:01:a6:95:59:0f:02:2b:e2:ac:05:e6:7c:09:
00:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BE:C8:7C:01:80:8C:52:30:A4:F2:8E:76:A4:C9:B8:D8:D2:78:D7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3r7IfAGAjFIwpPKOdqTJuNjSeNc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2d:76:1c:6a:2d:75:8a:86:02:27:23:52:4b:24:9e:5f:2e:1d:
ee:b2:19:28:ee:07:82:13:80:10:e4:4b:09:8d:b9:dd:cf:1a:
88:35:fc:a3:11:b1:2c:ac:a5:14:4e:e1:85:8c:9d:f1:03:d9:
cf:01:09:d4:0e:35:93:b7:0f:8a:f8:42:04:b9:4b:fa:36:20:
73:58:46:ac:0a:72:c7:c8:1a:ff:9a:7f:36:78:f6:b6:69:38:
40:f1:02:36:bc:80:17:a9:95:bc:7b:05:ab:de:92:e2:8a:94:
fc:a9:50:50:69:4e:ab:02:59:e7:13:32:bb:39:37:52:fd:1b:
a6:d9:e0:b1:6a:25:56:c3:32:c1:a3:2c:76:ea:5a:e9:04:36:
32:7c:89:49:ba:44:4c:a0:05:cf:78:4c:44:7d:71:1e:48:da:
10:8a:38:13:c9:c1:6d:5e:12:1b:0e:db:8c:4c:b3:c7:d0:44:
d5:0f:e6:e1:31:80:2c:16:1b:24:73:19:ea:5f:c2:b1:60:c1:
27:a5:40:64:c8:b2:af:cb:db:f8:53:33:ca:bd:07:46:8a:b1:
aa:24:35:77:97:93:8a:d1:b8:1f:ec:91:3e:42:25:3b:9b:4b:
e9:b4:a0:5c:c8:6d:36:ee:07:a5:c0:63:1c:13:88:69:2b:bc:
88:70:a4:6a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICT0kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQw
NzIzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERFQkVDODdDMDE4MDhD
NTIzMEE0RjI4RTc2QTRDOUI4RDhEMjc4RDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMfPtmg0n7INOuH7lgQxG3IdypdVBgJJWrLQnMPA5a80ckDPJR
Ls+dM54OZWV35/VDzeOYf4yXlQPVsR7Ufs0M3wR3ginrKnI8122LgTbDr9/WR7TG
R8IDDCEh8haukQhWCjHT+JBgjsV7oiEXQBg7HBfTq0rlXJ7YNN+2C4k7RnpnxpfH
r2vf7/GmDV+Gm9vcPRGheXhQVeSahNUIQp7+81SWjayugPJR2lMOTsYBVhIeC6fp
DzFAshGAZujCKhQusKTzK5Bxo1+sAqFoQjutgnUJ1U7xrq0K5KzcRT1QjTtkbt+n
npVH0+brEEihguZFAaaVWQ8CK+KsBeZ8CQBHAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU3r7IfAGAjFIwpPKOdqTJuNjSeNcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNyN0lmQUdBakZJd3BQ
S09kcVRKdU5qU2VOYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAC12HGotdYqGAicj
Uksknl8uHe6yGSjuB4ITgBDkSwmNud3PGog1/KMRsSyspRRO4YWMnfED2c8BCdQO
NZO3D4r4QgS5S/o2IHNYRqwKcsfIGv+afzZ49rZpOEDxAja8gBeplbx7BavekuKK
lPypUFBpTqsCWecTMrs5N1L9G6bZ4LFqJVbDMsGjLHbqWukENjJ8iUm6REygBc94
TER9cR5I2hCKOBPJwW1eEhsO24xMs8fQRNUP5uExgCwWGyRzGepfwrFgwSelQGTI
sq/L2/hTM8q9B0aKsaokNXeXk4rRuB/skT5CJTubS+m0oFzIbTbuB6XAYxwTiGkr
vIhwpGo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:13 2024 by rpki-client on console-ams.rpki-client.org