Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4A2bCsPbqBXbc-RYLxklko_13PA.roa
File: 4A2bCsPbqBXbc-RYLxklko_13PA.roa (raw, json)
Hash identifier: GK66FFWFoAKXfd4QeLykjsn3yXixvT1XqSxdywjYYzI=
Subject key identifier: E0:0D:9B:0A:C3:DB:A8:15:DB:73:E4:58:2F:19:25:92:8F:F5:DC:F0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 38AD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4A2bCsPbqBXbc-RYLxklko_13PA.roa
Signing time: Thu 04 Apr 2024 03:52:21 +0000
ROA not before: Thu 04 Apr 2024 03:52:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14509 (0x38ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 03:52:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E00D9B0AC3DBA815DB73E4582F1925928FF5DCF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1d:9f:64:a2:52:83:41:a9:c5:ce:0a:5c:9e:
96:39:ed:4a:97:c1:bd:9f:ea:e8:6d:d2:90:d9:05:
01:49:3f:98:52:ae:bb:9a:e8:26:6d:6f:ce:07:85:
6f:54:8e:15:09:e6:95:d2:3c:3b:df:1a:8b:4f:4e:
98:a9:b2:46:59:d7:50:dc:c2:9f:2e:8a:19:79:88:
4f:5e:c6:8d:3c:99:37:f8:b3:bf:82:11:38:0a:ee:
82:34:48:7b:6d:0d:9b:e4:de:1f:d5:70:8f:35:cf:
fb:5e:8b:ac:3f:60:1e:c6:e8:01:4a:d3:ab:80:83:
dd:3a:06:6f:f9:5d:04:64:23:a9:8d:54:75:0b:a0:
2a:73:7c:e1:bb:bf:6b:4f:32:d5:b4:10:99:f7:2c:
ae:c8:56:47:3d:d6:98:66:e8:1a:24:47:0d:21:c7:
ad:15:73:62:48:1f:b9:70:83:51:56:5f:22:c1:25:
2f:6d:cc:c3:6c:38:e6:25:23:4e:d1:92:54:9b:49:
4b:2d:c2:bd:5b:a8:d4:58:67:de:e9:91:d5:cc:46:
57:dc:47:fa:76:32:27:07:74:b4:27:b5:8c:71:b9:
0e:d6:36:6c:05:a5:ae:25:ad:70:b8:54:b8:c0:82:
0b:8e:67:ff:24:83:2c:2c:60:c7:29:dc:ff:d2:55:
a9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:0D:9B:0A:C3:DB:A8:15:DB:73:E4:58:2F:19:25:92:8F:F5:DC:F0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4A2bCsPbqBXbc-RYLxklko_13PA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
18:2d:2e:53:15:f8:2d:5d:91:e3:ef:4e:d2:10:9c:c4:b6:35:
f4:96:1c:8c:31:7f:d7:94:9b:27:c2:a3:8b:3b:bf:4c:88:e9:
a8:6c:90:78:38:81:5a:38:ff:00:9d:56:e7:8c:85:fb:61:f7:
09:4a:bd:fa:28:e0:bf:db:59:61:86:1a:29:68:7b:e1:50:b3:
44:d2:d9:ff:27:06:2f:ff:b9:70:f2:f2:40:74:c2:b7:04:f3:
a4:76:30:fa:92:8a:05:31:3a:9a:e0:6a:1a:d6:f3:9e:1d:3c:
84:a7:14:4a:e2:bf:67:0b:1b:e1:57:2e:3e:6b:f8:09:8e:79:
4c:06:3d:d3:31:51:31:2c:14:71:1e:8d:fc:27:4d:c7:5d:36:
e2:16:66:d2:91:a3:88:5f:1c:f9:96:7f:8d:6c:ec:51:1d:4e:
3d:64:0f:9a:70:67:8c:0a:05:f8:2a:18:74:c7:a5:59:e1:35:
67:9c:a8:0a:ff:23:d9:86:3d:6e:b8:9f:da:8c:d8:80:e6:d9:
fb:80:d3:1a:3f:b9:1a:60:f8:b2:db:fb:cc:0f:4f:9c:0e:e8:
bc:16:93:6c:3b:81:bc:bf:5c:15:39:94:0b:da:c5:f7:e1:0b:
70:2e:43:aa:ed:ed:41:08:f5:d7:18:7b:3e:74:7c:32:3a:c1:
28:4e:bf:6e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOK0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQw
MzUyMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUwMEQ5QjBBQzNEQkE4
MTVEQjczRTQ1ODJGMTkyNTkyOEZGNURDRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0HZ9kolKDQanFzgpcnpY57UqXwb2f6uht0pDZBQFJP5hSrrua
6CZtb84HhW9UjhUJ5pXSPDvfGotPTpipskZZ11Dcwp8uihl5iE9exo08mTf4s7+C
ETgK7oI0SHttDZvk3h/VcI81z/tei6w/YB7G6AFK06uAg906Bm/5XQRkI6mNVHUL
oCpzfOG7v2tPMtW0EJn3LK7IVkc91phm6BokRw0hx60Vc2JIH7lwg1FWXyLBJS9t
zMNsOOYlI07RklSbSUstwr1bqNRYZ97pkdXMRlfcR/p2MicHdLQntYxxuQ7WNmwF
pa4lrXC4VLjAgguOZ/8kgywsYMcp3P/SVamHAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU4A2bCsPbqBXbc+RYLxklko/13PAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRBMmJDc1BicUJYYmMt
UllMeGtsa29fMTNQQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABgtLlMV+C1dkePv
TtIQnMS2NfSWHIwxf9eUmyfCo4s7v0yI6ahskHg4gVo4/wCdVueMhfth9wlKvfoo
4L/bWWGGGiloe+FQs0TS2f8nBi//uXDy8kB0wrcE86R2MPqSigUxOprgahrW854d
PISnFEriv2cLG+FXLj5r+AmOeUwGPdMxUTEsFHEejfwnTcddNuIWZtKRo4hfHPmW
f41s7FEdTj1kD5pwZ4wKBfgqGHTHpVnhNWecqAr/I9mGPW64n9qM2IDm2fuA0xo/
uRpg+LLb+8wPT5wO6LwWk2w7gby/XBU5lAvaxffhC3AuQ6rt7UEI9dcYez50fDI6
wShOv24=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:05 2024 by rpki-client on console-fra.rpki-client.org