Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8D6iT6Ax6b-QohUotlq27--QcVc.roa
File: 8D6iT6Ax6b-QohUotlq27--QcVc.roa (raw, json)
Hash identifier: xAatzOxdiMLl0GUdIj9KpHz+2trXUe/EjyVvcSvQRS4=
Subject key identifier: F0:3E:A2:4F:A0:31:E9:BF:90:A2:15:28:B6:5A:B6:EF:EF:90:71:57
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C65
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8D6iT6Ax6b-QohUotlq27--QcVc.roa
Signing time: Tue 09 Apr 2024 02:52:51 +0000
ROA not before: Tue 09 Apr 2024 02:52:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15461 (0x3c65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 02:52:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F03EA24FA031E9BF90A21528B65AB6EFEF907157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:60:49:eb:21:ed:cc:78:d3:25:17:6f:ba:26:
8b:c7:9c:3f:75:52:33:7c:03:02:d0:6c:d2:9d:7e:
81:f5:72:eb:b0:96:03:0b:29:b8:fa:4c:6b:57:a7:
04:86:ce:87:b5:13:69:7a:49:cc:13:de:cd:37:7c:
30:7c:c9:c8:e0:f0:31:27:6a:9c:d5:78:47:98:2c:
da:ae:05:4a:8a:4b:51:60:db:8b:4c:70:63:8d:46:
25:48:cc:d3:65:b8:6d:be:75:25:a3:c2:0e:f4:e9:
50:3d:24:35:53:84:49:ee:d5:a6:da:36:2a:52:a6:
a9:a7:82:25:01:86:fd:92:93:38:d8:b2:82:1d:56:
60:8d:fe:e4:8e:02:e7:f0:59:f2:1f:fa:4c:6c:80:
87:63:15:27:60:20:47:3a:7b:2e:8d:87:0c:74:a8:
dd:eb:64:6d:85:9e:f8:0b:61:2c:37:15:d4:07:34:
3e:b4:43:e4:12:67:49:c4:dc:96:06:19:42:84:d0:
90:8e:5a:c4:8b:41:18:6d:10:2e:52:9f:44:3e:af:
1d:d2:27:9e:ca:14:d6:71:e4:91:ab:90:e7:17:02:
50:71:5d:be:8d:ef:12:e0:3c:5b:bc:09:45:2e:b5:
af:d5:0d:7c:a3:79:db:b1:6a:a6:c1:54:36:2d:c0:
73:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3E:A2:4F:A0:31:E9:BF:90:A2:15:28:B6:5A:B6:EF:EF:90:71:57
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8D6iT6Ax6b-QohUotlq27--QcVc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
41:a6:ef:29:ec:af:31:bd:19:64:a4:41:f3:61:2b:a5:5d:fb:
79:a2:38:a6:02:55:8d:d5:6e:37:38:3b:e3:26:3b:67:58:d9:
89:b8:91:c1:62:a7:d1:c1:3a:85:eb:27:3d:63:e4:13:73:d5:
b1:57:2d:7f:c2:ce:2a:cd:11:bb:61:35:9c:d3:e7:a5:2c:1a:
a0:d4:90:28:d7:85:52:95:34:e4:ed:a4:86:82:43:f4:8c:0b:
d4:97:9c:e0:46:c2:cb:64:f9:d1:e2:ac:ea:eb:4d:69:b9:a4:
c2:86:96:9d:28:31:e0:83:41:53:f4:ce:7b:40:77:40:6a:bf:
76:dd:ba:b1:21:01:84:c1:5b:b9:45:80:f9:47:c0:c9:b1:f1:
9b:c8:ee:1b:ce:26:0f:56:be:c9:d5:33:30:75:79:7f:04:bb:
ae:32:de:be:a7:5a:2a:71:3d:6f:16:55:bb:78:5b:5f:4a:ea:
b5:1e:9d:e6:70:4c:04:7d:c9:e7:a2:f6:3a:b3:93:c0:d6:72:
7e:6b:e2:81:1f:87:72:e6:55:d9:2b:ff:55:d5:b5:a7:de:fa:
3a:12:1d:4f:1d:d8:c9:1e:70:ba:fc:18:1c:90:2a:3b:92:0e:
f2:ab:86:6b:de:94:64:d9:b7:9d:f6:92:db:5f:f5:c6:ce:81:
c6:a5:56:65
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPGUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkw
MjUyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYwM0VBMjRGQTAzMUU5
QkY5MEEyMTUyOEI2NUFCNkVGRUY5MDcxNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnYEnrIe3MeNMlF2+6JovHnD91UjN8AwLQbNKdfoH1cuuwlgML
Kbj6TGtXpwSGzoe1E2l6ScwT3s03fDB8ycjg8DEnapzVeEeYLNquBUqKS1Fg24tM
cGONRiVIzNNluG2+dSWjwg706VA9JDVThEnu1abaNipSpqmngiUBhv2SkzjYsoId
VmCN/uSOAufwWfIf+kxsgIdjFSdgIEc6ey6Nhwx0qN3rZG2FnvgLYSw3FdQHND60
Q+QSZ0nE3JYGGUKE0JCOWsSLQRhtEC5Sn0Q+rx3SJ57KFNZx5JGrkOcXAlBxXb6N
7xLgPFu8CUUuta/VDXyjeduxaqbBVDYtwHN7AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU8D6iT6Ax6b+QohUotlq27++QcVcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhENmlUNkF4NmItUW9o
VW90bHEyNy0tUWNWYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEGm7ynsrzG9GWSk
QfNhK6Vd+3miOKYCVY3Vbjc4O+MmO2dY2Ym4kcFip9HBOoXrJz1j5BNz1bFXLX/C
zirNEbthNZzT56UsGqDUkCjXhVKVNOTtpIaCQ/SMC9SXnOBGwstk+dHirOrrTWm5
pMKGlp0oMeCDQVP0zntAd0Bqv3bdurEhAYTBW7lFgPlHwMmx8ZvI7hvOJg9WvsnV
MzB1eX8Eu64y3r6nWipxPW8WVbt4W19K6rUeneZwTAR9yeei9jqzk8DWcn5r4oEf
h3LmVdkr/1XVtafe+joSHU8d2MkecLr8GByQKjuSDvKrhmvelGTZt532kttf9cbO
gcalVmU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:09 2024 by rpki-client on console-fra.rpki-client.org