Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/9N8xGnAvwWwrm2NlOufkaYoBfVo.roa
File: 9N8xGnAvwWwrm2NlOufkaYoBfVo.roa (raw, json)
Hash identifier: lgeL5xpMM1fE/2Gy5vcUzZ9rUE81DWEmYXFqxUn+rRU=
Subject key identifier: F4:DF:31:1A:70:2F:C1:6C:2B:9B:63:65:3A:E7:E4:69:8A:01:7D:5A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4525
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9N8xGnAvwWwrm2NlOufkaYoBfVo.roa
Signing time: Sat 20 Apr 2024 18:53:28 +0000
ROA not before: Sat 20 Apr 2024 18:53:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17701 (0x4525)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 18:53:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F4DF311A702FC16C2B9B63653AE7E4698A017D5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d6:9c:73:6a:9a:5a:fe:c5:e8:86:ab:08:21:
4c:9c:0b:e5:69:67:9d:f6:f1:27:3e:a8:7e:cd:8e:
c5:f9:a1:22:db:2b:8b:90:e4:1b:5c:a0:64:45:50:
fb:d5:b4:c0:f8:77:01:60:1c:81:ac:2d:ab:54:a4:
ba:7f:f3:c2:16:4d:08:a9:9d:99:58:bb:f3:46:a1:
20:f3:8e:a0:d2:49:c1:1d:17:50:3e:c0:eb:ca:59:
f9:e7:0e:3e:72:9c:f7:49:dd:02:c0:3b:3f:2d:ad:
04:af:a5:d6:97:ab:65:df:cf:c3:43:ef:67:e4:c2:
b9:ed:f1:7c:96:7b:93:40:83:c4:ea:b5:5b:7d:c9:
05:78:31:7d:4a:21:a2:01:9e:4a:eb:54:20:ba:a0:
9f:d0:9f:c0:b2:86:66:8a:66:cb:ea:0d:c3:17:91:
ba:09:4f:03:4d:af:f8:77:8d:e3:6f:15:9d:87:82:
10:6e:52:5c:a2:69:51:8a:a2:60:5e:42:7c:ce:9a:
c1:f1:6a:74:cd:75:6d:a2:c1:ad:d1:e4:a1:f5:e7:
26:d7:b6:67:ff:11:0c:c1:b4:65:ed:3b:00:a3:c0:
31:eb:3f:e1:c5:f5:e3:d3:78:72:cc:80:aa:9f:42:
14:57:32:7a:a8:17:25:28:7c:fc:46:b4:f6:0d:2f:
73:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:DF:31:1A:70:2F:C1:6C:2B:9B:63:65:3A:E7:E4:69:8A:01:7D:5A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9N8xGnAvwWwrm2NlOufkaYoBfVo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ad:3c:c1:64:cb:67:ec:01:da:e2:3c:6e:51:1e:db:ba:f5:02:
63:eb:f3:49:6d:30:c3:b4:f4:82:36:cb:2a:6b:61:be:11:8a:
9c:59:ca:a1:29:3b:57:40:e2:54:d6:82:c0:dc:8a:83:e9:21:
80:77:c9:a5:ab:5c:3a:09:f3:23:cb:d2:08:08:d1:22:43:d0:
b3:86:8d:35:82:42:32:24:ab:76:17:20:20:37:4a:ca:5e:ee:
ef:02:6e:78:11:de:c7:d4:d4:75:68:cc:f2:08:fb:23:f7:e0:
94:7f:59:34:a9:f2:ab:82:d8:35:a0:a9:26:76:3c:ed:12:ce:
8f:0b:10:bb:20:88:4f:f4:79:73:04:56:8b:05:7d:61:f0:74:
66:82:d4:84:b5:eb:70:df:62:e8:8f:b1:8d:da:1e:12:e6:52:
a7:6c:7e:a7:52:8d:ba:68:79:e6:35:79:d5:05:ae:97:ee:c0:
b4:1b:22:9e:ac:65:ad:4d:f3:1f:1e:68:7f:4a:38:74:42:33:
ec:08:ca:bf:8b:d0:1b:07:ec:df:04:71:a7:b5:0d:bd:19:42:
18:53:c4:e7:f3:b8:09:a9:a4:1a:18:34:36:02:db:be:6d:05:
8e:47:3c:23:42:bf:84:a9:9b:c6:04:1e:96:c5:1e:49:ef:b0:
3f:d6:0b:7d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRSUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
ODUzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY0REYzMTFBNzAyRkMx
NkMyQjlCNjM2NTNBRTdFNDY5OEEwMTdENUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC71pxzappa/sXohqsIIUycC+VpZ5328Sc+qH7NjsX5oSLbK4uQ
5BtcoGRFUPvVtMD4dwFgHIGsLatUpLp/88IWTQipnZlYu/NGoSDzjqDSScEdF1A+
wOvKWfnnDj5ynPdJ3QLAOz8trQSvpdaXq2Xfz8ND72fkwrnt8XyWe5NAg8TqtVt9
yQV4MX1KIaIBnkrrVCC6oJ/Qn8CyhmaKZsvqDcMXkboJTwNNr/h3jeNvFZ2HghBu
UlyiaVGKomBeQnzOmsHxanTNdW2iwa3R5KH15ybXtmf/EQzBtGXtOwCjwDHrP+HF
9ePTeHLMgKqfQhRXMnqoFyUofPxGtPYNL3PXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU9N8xGnAvwWwrm2NlOufkaYoBfVowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzlOOHhHbkF2d1d3cm0y
TmxPdWZrYVlvQmZWby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAK08wWTLZ+wB2uI8
blEe27r1AmPr80ltMMO09II2yyprYb4RipxZyqEpO1dA4lTWgsDcioPpIYB3yaWr
XDoJ8yPL0ggI0SJD0LOGjTWCQjIkq3YXICA3Sspe7u8CbngR3sfU1HVozPII+yP3
4JR/WTSp8quC2DWgqSZ2PO0Szo8LELsgiE/0eXMEVosFfWHwdGaC1IS163DfYuiP
sY3aHhLmUqdsfqdSjbpoeeY1edUFrpfuwLQbIp6sZa1N8x8eaH9KOHRCM+wIyr+L
0BsH7N8Ecae1Db0ZQhhTxOfzuAmppBoYNDYC275tBY5HPCNCv4Spm8YEHpbFHknv
sD/WC30=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:10 2024 by rpki-client on console-fra.rpki-client.org