Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4s58htBveMFi_eermImJA26uKsk.roa
File: 4s58htBveMFi_eermImJA26uKsk.roa (raw, json)
Hash identifier: qjfE+hMw7x5jtXDCHX6pGrHoADSlNXaPb8Xy3jVvRdY=
Subject key identifier: E2:CE:7C:86:D0:6F:78:C1:62:FD:E7:AB:98:89:89:03:6E:AE:2A:C9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 420D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4s58htBveMFi_eermImJA26uKsk.roa
Signing time: Tue 16 Apr 2024 15:52:57 +0000
ROA not before: Tue 16 Apr 2024 15:52:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16909 (0x420d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 15:52:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E2CE7C86D06F78C162FDE7AB988989036EAE2AC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1f:99:97:3c:3f:ce:d0:33:46:86:00:38:82:
70:e7:81:a8:fd:e1:ba:d5:40:bb:d0:d5:c8:c1:7c:
b6:8e:b6:a8:5e:f4:f1:38:f5:f9:3f:2c:f6:c5:a6:
ff:d9:67:c7:43:a6:ba:6b:26:31:b9:7f:fa:b3:e9:
91:76:57:38:eb:2d:f4:d1:dc:e2:c6:41:f8:4f:0a:
34:24:fb:36:a0:17:00:23:29:19:7c:ec:83:cf:cb:
4a:6b:2b:57:25:6b:ff:b6:bc:6d:9c:d2:51:a5:4b:
94:a6:42:95:ed:fd:d8:77:f2:7b:50:60:7e:26:77:
78:81:82:b5:78:17:d3:59:52:fb:30:0a:a9:e9:8c:
31:5c:1c:4b:26:be:41:ac:35:d9:dd:f1:38:f6:8c:
54:19:b7:61:00:d6:26:2e:3d:ad:fb:9d:a7:78:5b:
58:18:55:44:a8:87:2d:7f:8b:d6:47:65:22:fb:46:
f4:a9:95:78:4a:d6:b0:db:4f:38:0a:02:ea:a6:dc:
12:6b:d9:4d:b3:89:95:9a:f9:d2:e7:b2:99:71:cd:
e7:e5:05:08:33:c6:36:73:6a:ff:0f:cf:a5:c0:5c:
13:18:31:63:9c:ae:f5:e9:6d:78:0d:d1:44:60:aa:
4c:7d:fe:d0:1e:e4:8e:4d:6a:d7:44:f8:ad:96:22:
09:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:CE:7C:86:D0:6F:78:C1:62:FD:E7:AB:98:89:89:03:6E:AE:2A:C9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4s58htBveMFi_eermImJA26uKsk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6b:a4:a9:6d:d7:92:cf:f1:8c:7b:d4:e1:2d:a7:a9:db:3d:e3:
fd:7c:d8:14:f0:27:1a:3a:59:3f:a5:f8:22:9c:b4:9d:a5:42:
41:48:2b:60:1c:44:48:35:77:a1:0b:9d:03:01:f7:af:87:05:
6b:0b:71:d3:c5:55:f7:65:51:20:8a:7f:5d:cd:6d:2c:27:e8:
12:f7:a4:b1:b9:b8:70:c4:d6:75:05:b5:49:b0:bf:93:24:5b:
21:79:5e:94:a3:ee:7a:53:4b:52:00:e0:4c:56:93:11:d1:2f:
6d:7b:1d:67:1d:ef:a3:8e:f0:cd:33:ea:29:f0:8e:0b:2e:46:
49:cb:b2:ba:e1:40:35:33:b7:84:3a:87:33:9c:74:35:15:96:
3f:34:25:d4:a6:4e:15:13:77:b7:1d:20:62:9e:06:d0:f4:7c:
b5:15:8c:9a:84:dd:45:83:da:56:97:ed:b1:db:7e:d9:99:2b:
b1:d2:d4:c2:49:c5:f4:e7:68:d1:99:e5:b9:82:d3:8b:1a:bc:
18:79:5c:3c:d8:86:3e:f9:79:a9:eb:8e:db:82:c4:60:8c:0a:
18:f2:ed:f6:3e:7a:f5:5b:28:f5:88:af:8c:9d:a8:72:94:ff:
fd:93:77:84:4c:35:a1:e5:03:1a:33:e9:47:b1:49:a5:e3:41:
ab:60:78:86
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQg0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYx
NTUyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUyQ0U3Qzg2RDA2Rjc4
QzE2MkZERTdBQjk4ODk4OTAzNkVBRTJBQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3H5mXPD/O0DNGhgA4gnDngaj94brVQLvQ1cjBfLaOtqhe9PE4
9fk/LPbFpv/ZZ8dDprprJjG5f/qz6ZF2VzjrLfTR3OLGQfhPCjQk+zagFwAjKRl8
7IPPy0prK1cla/+2vG2c0lGlS5SmQpXt/dh38ntQYH4md3iBgrV4F9NZUvswCqnp
jDFcHEsmvkGsNdnd8Tj2jFQZt2EA1iYuPa37nad4W1gYVUSohy1/i9ZHZSL7RvSp
lXhK1rDbTzgKAuqm3BJr2U2ziZWa+dLnsplxzeflBQgzxjZzav8Pz6XAXBMYMWOc
rvXpbXgN0URgqkx9/tAe5I5NatdE+K2WIgkNAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU4s58htBveMFi/eermImJA26uKskwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRzNThodEJ2ZU1GaV9l
ZXJtSW1KQTI2dUtzay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGukqW3Xks/xjHvU
4S2nqds94/182BTwJxo6WT+l+CKctJ2lQkFIK2AcREg1d6ELnQMB96+HBWsLcdPF
VfdlUSCKf13NbSwn6BL3pLG5uHDE1nUFtUmwv5MkWyF5XpSj7npTS1IA4ExWkxHR
L217HWcd76OO8M0z6inwjgsuRknLsrrhQDUzt4Q6hzOcdDUVlj80JdSmThUTd7cd
IGKeBtD0fLUVjJqE3UWD2laX7bHbftmZK7HS1MJJxfTnaNGZ5bmC04savBh5XDzY
hj75eanrjtuCxGCMChjy7fY+evVbKPWIr4ydqHKU//2Td4RMNaHlAxoz6UexSaXj
QatgeIY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:06 2024 by rpki-client on console-fra.rpki-client.org