Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6lpPoiXM3KFXM-0DsfYn-3fTKE0.roa
File: 6lpPoiXM3KFXM-0DsfYn-3fTKE0.roa (raw, json)
Hash identifier: +EpsGZ6oxec12U8s9jCxEEXOn9G2Q1mXE1/rNX64e3M=
Subject key identifier: EA:5A:4F:A2:25:CC:DC:A1:57:33:ED:03:B1:F6:27:FB:77:D3:28:4D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 342D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6lpPoiXM3KFXM-0DsfYn-3fTKE0.roa
Signing time: Fri 29 Mar 2024 03:52:03 +0000
ROA not before: Fri 29 Mar 2024 03:52:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13357 (0x342d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 03:52:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EA5A4FA225CCDCA15733ED03B1F627FB77D3284D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:85:b7:d4:1f:94:aa:11:a5:ac:19:02:d6:9a:
4a:ff:b6:fb:41:cb:58:11:c2:a1:76:4b:23:27:8b:
df:80:ed:75:84:51:38:ba:db:1c:86:1b:5f:1b:a8:
30:82:2e:07:91:2c:3e:c7:8c:a2:bb:03:91:1d:5b:
72:59:22:81:20:e6:18:27:b8:bf:fd:7f:f4:a6:d3:
c2:ea:71:92:5b:d7:ac:6a:e4:09:08:b6:14:cd:c4:
d4:3b:49:90:5c:ed:3d:44:69:41:f9:f2:b8:78:44:
a6:78:76:73:5a:98:54:5f:29:86:05:34:20:17:8e:
d2:03:80:e8:b1:13:95:c8:3b:db:0e:b0:86:a8:52:
f5:17:ba:b8:1e:d1:ed:b4:3b:10:2f:f0:6a:c0:62:
75:1c:e3:36:ab:cd:0e:84:09:65:0f:d1:d8:12:13:
cc:9a:24:39:d6:53:75:19:c1:bc:f0:12:16:9d:b7:
60:11:cf:14:88:2f:df:0c:fa:29:d2:33:8d:50:a3:
a5:03:83:3e:bb:1d:b6:81:82:b0:5e:3d:61:93:e5:
b8:84:e1:e9:cd:9e:cf:a5:9b:6f:96:60:14:f2:21:
60:37:bd:07:7d:05:f6:38:78:d9:63:7b:1a:0d:88:
10:fd:64:d5:8b:60:91:b2:d9:b1:2b:b3:3e:fe:04:
d8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:5A:4F:A2:25:CC:DC:A1:57:33:ED:03:B1:F6:27:FB:77:D3:28:4D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6lpPoiXM3KFXM-0DsfYn-3fTKE0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a3:0f:f6:7d:4b:36:58:ab:3b:8f:d9:ec:34:b1:d1:4a:46:71:
f8:99:4e:cd:ae:f6:82:0c:98:de:de:8f:5e:43:52:c2:19:65:
8a:c4:3a:4a:6a:69:dd:f9:0e:41:3a:2a:42:01:02:cc:53:99:
70:ec:24:38:41:73:fe:07:8b:d5:58:b6:a1:37:b0:3d:22:31:
63:c2:b2:32:9f:7e:47:90:59:cd:60:39:f2:f4:d8:cb:21:65:
ad:62:bb:18:ca:a2:3f:a8:e9:05:d7:75:34:29:52:4f:ce:54:
54:7d:a7:f5:ea:5b:5d:30:4e:92:53:f5:ad:d5:6d:24:c5:a9:
8e:e5:49:84:ae:3a:2b:13:95:26:66:ae:b5:aa:cc:96:c5:86:
9a:bc:4b:ce:f7:d8:37:01:16:d6:4c:2c:c1:a0:70:a9:85:3c:
1f:c0:e2:8c:b2:6e:56:74:e8:26:af:93:f7:13:71:2c:b4:a8:
7c:75:fb:7c:22:e4:cd:92:93:62:ab:c1:af:9e:7d:45:d3:de:
cd:70:f3:73:2f:77:10:d9:0e:72:36:c9:c7:3f:02:4b:6d:bd:
65:53:0f:a9:ad:c2:0c:a9:81:f6:29:0d:9e:e0:3c:ca:6b:f0:
1a:75:37:e5:ff:c6:2b:61:d3:62:2e:b4:c5:2c:13:19:e5:e8:
ba:5c:6a:45
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNC0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
MzUyMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVBNUE0RkEyMjVDQ0RD
QTE1NzMzRUQwM0IxRjYyN0ZCNzdEMzI4NEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6hbfUH5SqEaWsGQLWmkr/tvtBy1gRwqF2SyMni9+A7XWEUTi6
2xyGG18bqDCCLgeRLD7HjKK7A5EdW3JZIoEg5hgnuL/9f/Sm08LqcZJb16xq5AkI
thTNxNQ7SZBc7T1EaUH58rh4RKZ4dnNamFRfKYYFNCAXjtIDgOixE5XIO9sOsIao
UvUXurge0e20OxAv8GrAYnUc4zarzQ6ECWUP0dgSE8yaJDnWU3UZwbzwEhadt2AR
zxSIL98M+inSM41Qo6UDgz67HbaBgrBePWGT5biE4enNns+lm2+WYBTyIWA3vQd9
BfY4eNljexoNiBD9ZNWLYJGy2bErsz7+BNiLAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU6lpPoiXM3KFXM+0DsfYn+3fTKE0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZscFBvaVhNM0tGWE0t
MERzZlluLTNmVEtFMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKMP9n1LNlirO4/Z
7DSx0UpGcfiZTs2u9oIMmN7ej15DUsIZZYrEOkpqad35DkE6KkIBAsxTmXDsJDhB
c/4Hi9VYtqE3sD0iMWPCsjKffkeQWc1gOfL02MshZa1iuxjKoj+o6QXXdTQpUk/O
VFR9p/XqW10wTpJT9a3VbSTFqY7lSYSuOisTlSZmrrWqzJbFhpq8S8732DcBFtZM
LMGgcKmFPB/A4oyyblZ06Cavk/cTcSy0qHx1+3wi5M2Sk2Krwa+efUXT3s1w83Mv
dxDZDnI2ycc/AkttvWVTD6mtwgypgfYpDZ7gPMpr8Bp1N+X/xith02IutMUsExnl
6LpcakU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:08 2024 by rpki-client on console-fra.rpki-client.org