Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7C_W1nu45apwrlVetNrU3G01gac.roa
File: 7C_W1nu45apwrlVetNrU3G01gac.roa (raw, json)
Hash identifier: dFWjP28HS4CYDAuPukQRfBB7S4qFIXmAWcH4WjWSvdY=
Subject key identifier: EC:2F:D6:D6:7B:B8:E5:AA:70:AE:55:5E:B4:DA:D4:DC:6D:35:81:A7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3691
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7C_W1nu45apwrlVetNrU3G01gac.roa
Signing time: Mon 01 Apr 2024 08:22:11 +0000
ROA not before: Mon 01 Apr 2024 08:22:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13969 (0x3691)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 08:22:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EC2FD6D67BB8E5AA70AE555EB4DAD4DC6D3581A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:17:81:c8:b7:9a:80:c1:1f:67:64:d2:b3:a8:
06:9a:1f:4e:c4:9c:71:94:27:57:e8:72:f8:43:9e:
21:0c:49:22:5a:19:ec:f4:15:41:9e:72:67:ab:9e:
e8:72:d8:35:9e:96:28:d7:bb:0b:4f:ee:1b:1e:9d:
44:c4:e6:1b:ff:3a:74:07:f2:a1:c8:ea:b0:20:b1:
f9:fd:8c:9a:fe:52:bb:ef:60:b4:3b:3f:80:57:60:
46:29:8b:32:b4:2c:0a:f6:a2:e7:e7:1f:c2:b4:47:
aa:80:37:5f:e3:41:85:ba:a5:dc:a9:9e:97:e8:dd:
32:3f:2f:b3:f4:84:5e:e2:53:9f:6a:80:cf:16:78:
79:53:fd:0e:87:eb:63:98:f3:b4:6b:f1:58:8d:4f:
f7:72:f3:41:fd:9e:0c:52:51:bb:68:69:8f:e9:f9:
8a:17:25:62:e2:36:5b:88:64:81:26:56:ea:95:cb:
2c:7c:e4:ec:d5:6d:9d:d3:9c:d4:f9:72:17:84:9a:
9c:67:82:11:79:c8:0b:1d:b9:0b:18:cf:08:b8:90:
43:1b:74:b9:ff:86:ad:55:79:2c:45:d0:52:97:1d:
22:2a:3a:c6:fe:28:d0:b7:95:29:16:3f:94:51:fb:
67:81:7d:1d:9c:24:e4:c9:c2:e0:dd:f5:3b:ad:60:
1e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:2F:D6:D6:7B:B8:E5:AA:70:AE:55:5E:B4:DA:D4:DC:6D:35:81:A7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7C_W1nu45apwrlVetNrU3G01gac.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
14:98:59:6a:f6:ca:3f:dd:a1:bf:d5:ad:68:d8:b1:4d:15:f3:
5b:f5:2a:25:cc:28:8d:23:3a:06:ba:25:d1:7b:37:5c:cf:90:
45:f0:20:e1:08:ee:fe:14:b8:f8:b6:08:a4:46:06:65:52:e1:
30:a6:be:de:08:dc:a2:b8:d7:bc:0d:36:ed:f6:49:bf:1c:2e:
18:78:05:6b:bc:56:10:45:1a:78:e1:6e:08:04:7f:fb:40:4c:
2d:e6:12:f1:da:40:7d:48:2e:28:86:c7:3c:82:66:88:a5:e2:
35:6e:66:81:b1:43:8f:f1:0a:10:e1:39:5f:9e:9f:a4:d7:f5:
6d:83:95:7f:68:34:32:fc:b3:4f:17:c7:91:f4:4a:db:48:9d:
75:93:6f:eb:54:4e:a7:26:b0:b0:6c:a8:1b:99:6b:5c:85:b9:
56:af:b7:37:d1:d3:a4:a8:80:13:9f:c8:3d:5b:46:6a:46:67:
01:13:fd:fe:5c:13:df:f9:3c:10:19:2c:ae:e4:99:e6:0e:e6:
6c:16:5d:04:c9:58:ca:94:b9:c0:0e:16:43:f8:f6:84:82:97:
b6:b2:81:36:b4:2e:7f:ba:92:2d:f4:1f:ab:97:80:11:e4:ed:
18:ed:b3:62:51:d6:54:64:32:9a:d6:14:62:b7:d7:09:79:1b:
55:09:ef:e9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNpEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEw
ODIyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVDMkZENkQ2N0JCOEU1
QUE3MEFFNTU1RUI0REFENERDNkQzNTgxQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0F4HIt5qAwR9nZNKzqAaaH07EnHGUJ1focvhDniEMSSJaGez0
FUGecmernuhy2DWelijXuwtP7hsenUTE5hv/OnQH8qHI6rAgsfn9jJr+UrvvYLQ7
P4BXYEYpizK0LAr2oufnH8K0R6qAN1/jQYW6pdypnpfo3TI/L7P0hF7iU59qgM8W
eHlT/Q6H62OY87Rr8ViNT/dy80H9ngxSUbtoaY/p+YoXJWLiNluIZIEmVuqVyyx8
5OzVbZ3TnNT5cheEmpxnghF5yAsduQsYzwi4kEMbdLn/hq1VeSxF0FKXHSIqOsb+
KNC3lSkWP5RR+2eBfR2cJOTJwuDd9TutYB7pAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU7C/W1nu45apwrlVetNrU3G01gacwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdDX1cxbnU0NWFwd3Js
VmV0TnJVM0cwMWdhYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABSYWWr2yj/dob/V
rWjYsU0V81v1KiXMKI0jOga6JdF7N1zPkEXwIOEI7v4UuPi2CKRGBmVS4TCmvt4I
3KK417wNNu32Sb8cLhh4BWu8VhBFGnjhbggEf/tATC3mEvHaQH1ILiiGxzyCZoil
4jVuZoGxQ4/xChDhOV+en6TX9W2DlX9oNDL8s08Xx5H0SttInXWTb+tUTqcmsLBs
qBuZa1yFuVavtzfR06SogBOfyD1bRmpGZwET/f5cE9/5PBAZLK7kmeYO5mwWXQTJ
WMqUucAOFkP49oSCl7aygTa0Ln+6ki30H6uXgBHk7Rjts2JR1lRkMprWFGK31wl5
G1UJ7+k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:17 2024 by rpki-client on console-ams.rpki-client.org