Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4O3pG0sbEwm3vQraDaIsLxAm7p0.roa
File: 4O3pG0sbEwm3vQraDaIsLxAm7p0.roa (raw, json)
Hash identifier: LPlxCqFIkoAn2/w5d7UCpl4xyPv2zbafrI8XZNRlh7s=
Subject key identifier: E0:ED:E9:1B:4B:1B:13:09:B7:BD:0A:DA:0D:A2:2C:2F:10:26:EE:9D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3405
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4O3pG0sbEwm3vQraDaIsLxAm7p0.roa
Signing time: Thu 28 Mar 2024 22:52:04 +0000
ROA not before: Thu 28 Mar 2024 22:52:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13317 (0x3405)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 22:52:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E0EDE91B4B1B1309B7BD0ADA0DA22C2F1026EE9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d6:2f:bf:ed:0d:ef:9f:f6:77:5b:ad:64:15:
56:c1:cb:9d:e7:99:f1:d6:c5:cc:08:e9:12:1f:19:
48:7c:c7:49:1a:c3:9d:53:5f:25:3b:7a:6e:dc:02:
4c:74:b8:e5:e7:27:78:48:da:a0:bb:c4:6e:53:81:
fa:fa:37:5d:3a:5c:62:35:01:36:25:52:98:de:93:
20:a6:6f:4e:0c:c4:8a:cb:04:fd:e0:bd:6f:05:79:
ef:00:07:a3:be:02:ef:71:a4:bf:3c:85:91:77:7d:
1c:68:f8:12:6d:4a:ca:b8:21:91:da:91:a5:7b:ec:
b2:f6:7f:e7:9f:46:07:ef:51:cc:b2:29:f6:61:74:
ff:6b:0d:d2:6b:9e:e2:4e:36:0e:57:9b:21:9e:b7:
c3:28:e4:04:1f:bd:08:39:36:31:52:fe:83:de:75:
e5:eb:a9:e8:05:f9:30:c9:21:a3:8a:6e:0e:9a:99:
80:d9:15:6e:f6:14:1d:8a:9d:aa:f2:2c:96:2a:0d:
ba:64:91:bc:1b:6d:83:b9:d8:5b:0d:6f:5f:a0:7b:
94:d2:a0:0c:62:76:46:62:2d:d6:48:e6:23:05:81:
43:6f:25:f4:9c:65:e4:49:ef:ee:de:a0:bc:d7:15:
70:80:70:d4:02:44:67:c9:87:6f:a6:c9:b6:a6:8a:
27:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:ED:E9:1B:4B:1B:13:09:B7:BD:0A:DA:0D:A2:2C:2F:10:26:EE:9D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4O3pG0sbEwm3vQraDaIsLxAm7p0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6b:15:e5:fa:dc:be:c1:f9:75:05:b9:9f:38:0b:b3:74:07:a2:
58:23:87:a0:35:f2:07:1d:71:a6:30:3d:d9:7f:69:b5:68:65:
e6:61:ad:b4:18:8d:0a:98:02:3a:eb:55:0f:1f:d4:20:47:ad:
4b:aa:30:cd:ee:a6:50:51:34:93:86:19:f7:b2:f4:46:16:30:
c3:e1:01:20:00:74:92:ef:92:54:c4:32:20:bc:61:90:bb:f5:
11:e2:db:4e:26:8a:1e:f1:16:12:17:7a:d6:ba:9c:bf:9b:35:
37:fe:67:26:d7:5e:83:34:a1:83:fb:76:2b:b9:61:5f:4d:91:
cf:f6:ba:ab:ae:c8:ba:9c:08:77:87:b6:9d:0a:cd:eb:7b:eb:
55:77:d8:1b:b1:ca:de:d1:20:44:76:de:bf:df:e9:e2:88:c1:
3b:54:d1:6b:e7:b0:6d:4b:12:67:35:ee:0a:81:b1:38:27:3d:
3c:ee:1b:9e:e5:21:03:f7:93:a0:83:c6:cf:7d:0a:c9:43:c5:
05:84:17:92:d2:c7:0f:2e:d0:94:41:fd:79:90:a4:5d:d5:20:
3e:1c:5c:25:55:41:ba:72:0e:a7:e6:2b:7c:b8:2d:cb:7b:65:
bb:61:bf:f2:dc:f9:82:ee:9c:2e:08:4f:bf:8c:09:1c:f2:bb:
a1:ad:84:4a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNAUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgy
MjUyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUwRURFOTFCNEIxQjEz
MDlCN0JEMEFEQTBEQTIyQzJGMTAyNkVFOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD1i+/7Q3vn/Z3W61kFVbBy53nmfHWxcwI6RIfGUh8x0kaw51T
XyU7em7cAkx0uOXnJ3hI2qC7xG5Tgfr6N106XGI1ATYlUpjekyCmb04MxIrLBP3g
vW8Fee8AB6O+Au9xpL88hZF3fRxo+BJtSsq4IZHakaV77LL2f+efRgfvUcyyKfZh
dP9rDdJrnuJONg5XmyGet8Mo5AQfvQg5NjFS/oPedeXrqegF+TDJIaOKbg6amYDZ
FW72FB2KnaryLJYqDbpkkbwbbYO52FsNb1+ge5TSoAxidkZiLdZI5iMFgUNvJfSc
ZeRJ7+7eoLzXFXCAcNQCRGfJh2+mybamiifDAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU4O3pG0sbEwm3vQraDaIsLxAm7p0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRPM3BHMHNiRXdtM3ZR
cmFEYUlzTHhBbTdwMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGsV5frcvsH5dQW5
nzgLs3QHolgjh6A18gcdcaYwPdl/abVoZeZhrbQYjQqYAjrrVQ8f1CBHrUuqMM3u
plBRNJOGGfey9EYWMMPhASAAdJLvklTEMiC8YZC79RHi204mih7xFhIXeta6nL+b
NTf+ZybXXoM0oYP7diu5YV9Nkc/2uquuyLqcCHeHtp0Kzet761V32Buxyt7RIER2
3r/f6eKIwTtU0WvnsG1LEmc17gqBsTgnPTzuG57lIQP3k6CDxs99CslDxQWEF5LS
xw8u0JRB/XmQpF3VID4cXCVVQbpyDqfmK3y4Lct7Zbthv/Lc+YLunC4IT7+MCRzy
u6GthEo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:05 2024 by rpki-client on console-fra.rpki-client.org