Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4I1eff1GcO754IL-Mmh3xA0o_dw.roa
File: 4I1eff1GcO754IL-Mmh3xA0o_dw.roa (raw, json)
Hash identifier: Zso3HnqfW28uHc+5SIYsoPTyEW+rTeYrbs4wLTYjX2A=
Subject key identifier: E0:8D:5E:7D:FD:46:70:EE:F9:E0:82:FE:32:68:77:C4:0D:28:FD:DC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F71
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4I1eff1GcO754IL-Mmh3xA0o_dw.roa
Signing time: Sat 13 Apr 2024 04:22:52 +0000
ROA not before: Sat 13 Apr 2024 04:22:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16241 (0x3f71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 04:22:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E08D5E7DFD4670EEF9E082FE326877C40D28FDDC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:81:68:5e:56:26:45:c0:29:26:f9:0d:b4:d6:
66:eb:a9:17:9a:3d:6d:4d:61:fc:2a:25:b4:e0:23:
b4:b4:68:8c:10:bf:60:c6:91:57:8c:b0:1a:77:27:
43:0d:82:03:fb:69:ee:2b:ca:ab:69:e0:be:22:35:
fe:ed:2a:31:1a:70:7a:b6:df:af:f6:21:89:70:b7:
29:02:c4:b8:f2:24:92:61:55:0c:eb:0e:5a:3a:32:
a6:9a:c6:69:e1:98:90:9c:03:0f:5b:71:9d:55:75:
30:7b:f9:55:5b:ef:fc:32:65:ae:23:d4:f5:f0:8e:
09:2d:e1:9d:fb:fa:b8:21:99:72:1a:70:24:2c:40:
cb:f9:89:e0:45:06:f8:ab:14:cb:d5:69:9b:11:db:
6e:da:5b:87:e3:81:64:b1:2a:1a:cd:f6:99:06:d8:
02:1d:3f:99:b3:78:d2:ab:6b:3f:d1:df:37:ca:7f:
9e:db:00:79:27:95:7e:8c:07:48:b6:c3:3f:30:b9:
74:ac:ea:ee:71:2e:fa:9e:52:0d:b3:86:b1:6a:bc:
0e:42:dc:62:62:b2:36:7f:95:9e:02:99:0f:ed:23:
bf:e6:df:bb:06:bd:17:a5:77:fb:30:ac:81:5b:47:
0c:a2:79:b0:94:55:33:d3:9a:d6:6e:86:65:14:66:
26:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:8D:5E:7D:FD:46:70:EE:F9:E0:82:FE:32:68:77:C4:0D:28:FD:DC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4I1eff1GcO754IL-Mmh3xA0o_dw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9e:c4:be:cb:38:a9:b1:b2:f4:c5:04:c9:80:7a:90:29:9c:47:
77:bf:0f:31:8b:fb:03:9d:a2:a5:cf:5b:91:b6:4e:f0:be:e4:
a1:28:03:f1:14:82:7d:e4:67:30:5e:31:ff:a9:9e:e4:49:93:
64:93:30:6f:96:66:5e:2f:1e:4d:5b:44:a8:ea:a9:21:48:b2:
1d:bd:00:d8:e0:09:ed:62:46:79:4f:cc:61:19:b5:8d:c4:ca:
21:9e:86:b2:93:de:e2:77:c4:cd:ab:61:54:e1:87:cc:1e:48:
13:8c:62:99:a9:37:b1:05:61:80:d5:87:9a:ae:f8:98:76:e7:
99:44:7e:a2:cb:82:9a:ce:56:4a:a9:ae:71:76:cf:c5:54:79:
7f:5f:23:d7:c2:25:bf:0a:f2:49:3f:f8:57:39:28:60:7b:17:
fc:d2:4a:d7:1c:bd:0f:5d:44:db:dc:57:cc:e3:f8:5d:c2:d2:
f0:8e:66:fc:a7:23:82:2b:36:da:9b:a8:f6:55:e0:9c:15:53:
45:da:fa:d7:70:89:1e:33:e3:7c:58:ef:f1:ef:44:c5:1d:4a:
a9:56:a2:37:82:3e:4d:cf:0f:11:f9:a9:80:6c:44:8a:86:ad:
45:ad:9b:87:93:70:24:e0:f1:5a:41:6e:02:1b:f8:de:c7:da:
74:05:c8:22
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP3EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMw
NDIyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUwOEQ1RTdERkQ0Njcw
RUVGOUUwODJGRTMyNjg3N0M0MEQyOEZEREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfgWheViZFwCkm+Q201mbrqReaPW1NYfwqJbTgI7S0aIwQv2DG
kVeMsBp3J0MNggP7ae4ryqtp4L4iNf7tKjEacHq236/2IYlwtykCxLjyJJJhVQzr
Dlo6MqaaxmnhmJCcAw9bcZ1VdTB7+VVb7/wyZa4j1PXwjgkt4Z37+rghmXIacCQs
QMv5ieBFBvirFMvVaZsR227aW4fjgWSxKhrN9pkG2AIdP5mzeNKraz/R3zfKf57b
AHknlX6MB0i2wz8wuXSs6u5xLvqeUg2zhrFqvA5C3GJisjZ/lZ4CmQ/tI7/m37sG
vReld/swrIFbRwyiebCUVTPTmtZuhmUUZibBAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU4I1eff1GcO754IL+Mmh3xA0o/dwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRJMWVmZjFHY083NTRJ
TC1NbWgzeEEwb19kdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJ7Evss4qbGy9MUE
yYB6kCmcR3e/DzGL+wOdoqXPW5G2TvC+5KEoA/EUgn3kZzBeMf+pnuRJk2STMG+W
Zl4vHk1bRKjqqSFIsh29ANjgCe1iRnlPzGEZtY3EyiGehrKT3uJ3xM2rYVThh8we
SBOMYpmpN7EFYYDVh5qu+Jh255lEfqLLgprOVkqprnF2z8VUeX9fI9fCJb8K8kk/
+Fc5KGB7F/zSStccvQ9dRNvcV8zj+F3C0vCOZvynI4IrNtqbqPZV4JwVU0Xa+tdw
iR4z43xY7/HvRMUdSqlWojeCPk3PDxH5qYBsRIqGrUWtm4eTcCTg8VpBbgIb+N7H
2nQFyCI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:13 2024 by rpki-client on console-ams.rpki-client.org