Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/60-_0fI3myGPp0lui5zb4-uSQm4.roa
File: 60-_0fI3myGPp0lui5zb4-uSQm4.roa (raw, json)
Hash identifier: a5DMxCINo7F+air9kQQv+KfGCJ26igedjW6lhjvxriU=
Subject key identifier: EB:4F:BF:D1:F2:37:9B:21:8F:A7:49:6E:8B:9C:DB:E3:EB:92:42:6E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A2D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/60-_0fI3myGPp0lui5zb4-uSQm4.roa
Signing time: Sat 06 Apr 2024 03:52:27 +0000
ROA not before: Sat 06 Apr 2024 03:52:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14893 (0x3a2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 03:52:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EB4FBFD1F2379B218FA7496E8B9CDBE3EB92426E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:21:5a:b3:b8:62:f4:45:c7:6c:26:8a:65:c8:
54:5b:33:89:bc:6f:45:d2:75:e7:c0:fe:b0:4a:00:
6a:b9:b3:b3:48:e7:34:e6:0f:47:9d:e0:8c:b5:68:
80:f0:c5:ad:46:dd:78:a0:98:ae:1f:6b:ce:86:e0:
3c:52:01:30:bd:30:22:c8:1c:54:e9:e4:c5:7c:3d:
2a:06:69:22:5c:8a:1e:56:4a:90:ee:7f:f4:0d:ca:
bb:f9:a1:1e:df:8b:c2:7b:78:1c:95:99:72:11:a3:
56:90:ed:87:87:00:72:1d:c9:33:d6:e0:b4:ff:79:
0b:45:71:57:26:10:db:a7:4e:26:09:af:06:bc:d8:
c3:2f:9e:c4:6c:98:ea:de:58:6f:48:45:09:89:ed:
04:60:8f:01:4a:b9:b0:a4:0f:76:2c:12:38:c0:73:
b9:81:75:97:fc:3d:5e:dd:f8:78:36:b3:4d:b7:ae:
b5:93:07:eb:33:d1:7e:44:12:df:e5:b0:31:ec:9b:
e7:9e:13:74:62:d2:01:d9:12:af:34:d8:76:8b:d5:
90:ad:1c:51:bd:6d:f6:f8:b6:0f:5a:98:05:df:9e:
c8:df:28:9f:ea:bd:00:d5:b9:51:bd:5e:69:d6:d1:
7e:37:43:6b:cf:9c:6f:ed:bf:71:ea:9a:38:ed:35:
69:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:4F:BF:D1:F2:37:9B:21:8F:A7:49:6E:8B:9C:DB:E3:EB:92:42:6E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/60-_0fI3myGPp0lui5zb4-uSQm4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
66:fe:03:6b:36:87:09:f1:5f:a4:85:19:11:a4:d0:d2:c4:51:
38:19:61:15:1a:cb:4b:b2:c7:42:6f:fe:d1:04:2d:15:f1:0f:
dd:7c:e9:01:07:10:76:af:2c:75:23:1a:b5:05:8a:71:d0:3a:
e2:cd:39:87:aa:39:4d:a1:31:ef:0f:b6:ca:38:26:e2:cf:0a:
1e:11:44:12:6b:87:8b:69:12:2b:68:5f:a5:ec:b9:98:45:c4:
2c:64:8c:34:cd:b3:8b:c7:f6:32:61:42:5e:85:f4:e9:f7:24:
c4:9b:be:5a:1b:40:eb:d1:ce:cc:09:6b:93:dd:37:c6:d6:b9:
01:2b:10:a2:55:de:69:a7:df:cf:6f:52:25:b7:02:f3:95:04:
69:a9:f6:18:4b:7b:33:b6:58:76:7e:94:6a:7c:b5:f6:99:4c:
01:9a:f4:5c:b4:ea:77:44:5a:d2:8c:76:a2:69:36:2e:a4:2f:
e7:ee:dc:f2:11:1b:af:d4:45:b9:6a:47:9c:63:34:ce:cd:7f:
56:9c:69:2c:09:c1:3a:23:7d:fe:f2:d8:b6:88:ff:0f:d7:96:
10:a0:9e:ae:85:f2:e5:ef:3f:ac:e4:12:9d:df:ce:b7:c7:36:
0c:42:dc:ab:50:4e:eb:c5:8b:2d:fc:a3:d1:a5:a4:d4:b8:ed:
f1:63:18:8a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOi0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYw
MzUyMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVCNEZCRkQxRjIzNzlC
MjE4RkE3NDk2RThCOUNEQkUzRUI5MjQyNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtIVqzuGL0RcdsJoplyFRbM4m8b0XSdefA/rBKAGq5s7NI5zTm
D0ed4Iy1aIDwxa1G3XigmK4fa86G4DxSATC9MCLIHFTp5MV8PSoGaSJcih5WSpDu
f/QNyrv5oR7fi8J7eByVmXIRo1aQ7YeHAHIdyTPW4LT/eQtFcVcmENunTiYJrwa8
2MMvnsRsmOreWG9IRQmJ7QRgjwFKubCkD3YsEjjAc7mBdZf8PV7d+Hg2s023rrWT
B+sz0X5EEt/lsDHsm+eeE3Ri0gHZEq802HaL1ZCtHFG9bfb4tg9amAXfnsjfKJ/q
vQDVuVG9XmnW0X43Q2vPnG/tv3HqmjjtNWkPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU60+/0fI3myGPp0lui5zb4+uSQm4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzYwLV8wZkkzbXlHUHAw
bHVpNXpiNC11U1FtNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGb+A2s2hwnxX6SF
GRGk0NLEUTgZYRUay0uyx0Jv/tEELRXxD9186QEHEHavLHUjGrUFinHQOuLNOYeq
OU2hMe8Ptso4JuLPCh4RRBJrh4tpEitoX6XsuZhFxCxkjDTNs4vH9jJhQl6F9On3
JMSbvlobQOvRzswJa5PdN8bWuQErEKJV3mmn389vUiW3AvOVBGmp9hhLezO2WHZ+
lGp8tfaZTAGa9Fy06ndEWtKMdqJpNi6kL+fu3PIRG6/URblqR5xjNM7Nf1acaSwJ
wTojff7y2LaI/w/XlhCgnq6F8uXvP6zkEp3fzrfHNgxC3KtQTuvFiy38o9GlpNS4
7fFjGIo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:07 2024 by rpki-client on console-fra.rpki-client.org