Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CfckSBRrabVqvTj4byReKG7VF_M.roa
File: CfckSBRrabVqvTj4byReKG7VF_M.roa (raw, json)
Hash identifier: lcJZgURdUWcHL0R3Rsl9lhQjP29TyYlWUsLqyoZnPmw=
Subject key identifier: 09:F7:24:48:14:6B:69:B5:6A:BD:38:F8:6F:24:5E:28:6E:D5:17:F3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4179
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CfckSBRrabVqvTj4byReKG7VF_M.roa
Signing time: Mon 15 Apr 2024 21:22:58 +0000
ROA not before: Mon 15 Apr 2024 21:22:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16761 (0x4179)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 21:22:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=09F72448146B69B56ABD38F86F245E286ED517F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8e:3a:44:b5:2d:be:04:23:42:26:e1:82:37:
b6:70:4b:6e:e6:8d:e2:6a:2a:b5:40:1c:47:e8:05:
78:06:14:b2:8f:9f:4d:0c:fe:35:c7:0e:95:25:f5:
5e:61:83:eb:1a:31:96:31:4f:d0:8a:0f:a7:70:3f:
ba:15:20:73:65:c3:18:c9:19:a6:eb:0c:c2:17:c9:
01:73:20:c0:9a:5a:c3:6f:e6:dc:f6:2c:e4:e2:57:
61:63:82:43:86:04:6b:6c:08:52:61:20:c0:ff:39:
43:cb:31:f3:c3:4f:d7:b1:54:d4:f3:e2:ad:13:0c:
6c:56:f6:98:37:22:a1:5c:3a:ba:de:0e:58:ae:01:
b9:8a:04:bd:32:b3:91:f9:ca:5b:a1:ac:57:63:a8:
25:c0:45:e0:6a:6c:83:71:17:5f:62:3d:f9:02:21:
56:f2:a5:ad:ee:f3:23:4e:cb:47:4f:89:e3:e8:41:
56:ed:0b:dd:d6:34:0f:47:bc:a9:db:1a:16:be:70:
08:c4:ce:f4:2d:6d:33:36:d0:4a:73:f5:ba:36:52:
da:05:4e:5e:b7:89:e0:20:1c:4a:4b:4e:e3:99:a6:
cb:d0:70:c0:bf:74:a2:fe:b7:4c:67:15:7e:40:d9:
99:73:91:fb:6f:e5:65:ad:4b:ec:74:2e:4d:26:10:
be:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F7:24:48:14:6B:69:B5:6A:BD:38:F8:6F:24:5E:28:6E:D5:17:F3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CfckSBRrabVqvTj4byReKG7VF_M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
36:be:2e:b1:92:05:2c:cf:b5:63:96:c7:fa:aa:ce:a0:64:3c:
ca:7c:79:13:aa:82:f6:81:32:18:a9:1e:83:18:eb:9d:74:4d:
ee:3c:81:45:bb:96:07:46:5d:53:15:b5:c6:35:ca:59:73:3f:
56:5e:ef:f8:ee:e3:aa:d5:48:3c:1e:6a:80:05:20:fe:b8:00:
e9:45:f0:32:81:cf:05:52:51:8b:eb:f2:4e:f6:9d:f5:7e:a4:
da:64:26:1f:51:dd:3c:0f:da:a4:fd:f9:5b:59:9a:c3:29:fb:
8f:a6:5b:5a:99:16:6b:ee:6c:3e:07:93:b3:e4:3c:5b:ac:5b:
2a:32:33:24:08:d6:d8:cb:7d:ac:b7:17:5e:ff:39:b9:d0:0b:
a5:a7:20:73:17:93:79:4e:75:60:1f:96:c7:29:b3:fe:97:92:
77:fe:33:b1:e4:00:06:a6:89:d5:d5:50:d5:19:49:a5:02:fa:
22:85:29:71:54:88:0c:e4:c6:c4:43:22:9b:51:6c:ae:90:72:
da:68:47:91:83:2c:8e:c6:5d:03:65:7e:db:21:ba:3b:1b:77:
55:db:c5:b7:0c:85:dc:9c:66:28:e2:c9:cd:62:6d:c6:49:7e:
54:c4:7e:28:2b:05:d2:db:d2:c6:d9:ae:2c:b7:af:6c:b9:08:
68:b2:86:6c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQXkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUy
MTIyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA5RjcyNDQ4MTQ2QjY5
QjU2QUJEMzhGODZGMjQ1RTI4NkVENTE3RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrjjpEtS2+BCNCJuGCN7ZwS27mjeJqKrVAHEfoBXgGFLKPn00M
/jXHDpUl9V5hg+saMZYxT9CKD6dwP7oVIHNlwxjJGabrDMIXyQFzIMCaWsNv5tz2
LOTiV2FjgkOGBGtsCFJhIMD/OUPLMfPDT9exVNTz4q0TDGxW9pg3IqFcOrreDliu
AbmKBL0ys5H5yluhrFdjqCXAReBqbINxF19iPfkCIVbypa3u8yNOy0dPiePoQVbt
C93WNA9HvKnbGha+cAjEzvQtbTM20Epz9bo2UtoFTl63ieAgHEpLTuOZpsvQcMC/
dKL+t0xnFX5A2Zlzkftv5WWtS+x0Lk0mEL6lAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUCfckSBRrabVqvTj4byReKG7VF/MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NmY2tTQlJyYWJWcXZU
ajRieVJlS0c3VkZfTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADa+LrGSBSzPtWOW
x/qqzqBkPMp8eROqgvaBMhipHoMY6510Te48gUW7lgdGXVMVtcY1yllzP1Ze7/ju
46rVSDweaoAFIP64AOlF8DKBzwVSUYvr8k72nfV+pNpkJh9R3TwP2qT9+VtZmsMp
+4+mW1qZFmvubD4Hk7PkPFusWyoyMyQI1tjLfay3F17/ObnQC6WnIHMXk3lOdWAf
lscps/6Xknf+M7HkAAamidXVUNUZSaUC+iKFKXFUiAzkxsRDIptRbK6QctpoR5GD
LI7GXQNlftshujsbd1XbxbcMhdycZijiyc1ibcZJflTEfigrBdLb0sbZriy3r2y5
CGiyhmw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:13 2024 by rpki-client on console-fra.rpki-client.org