Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DxT-rGlmMB0K4GGC74FX2l1ExsA.roa
File: DxT-rGlmMB0K4GGC74FX2l1ExsA.roa (raw, json)
Hash identifier: OCcHqmhJcrEjIRzampyemm6QNrsYIoSc6pWWVUGstd0=
Subject key identifier: 0F:14:FE:AC:69:66:30:1D:0A:E0:61:82:EF:81:57:DA:5D:44:C6:C0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35DD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DxT-rGlmMB0K4GGC74FX2l1ExsA.roa
Signing time: Sun 31 Mar 2024 09:52:09 +0000
ROA not before: Sun 31 Mar 2024 09:52:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13789 (0x35dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 09:52:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0F14FEAC6966301D0AE06182EF8157DA5D44C6C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:50:aa:f0:a1:9e:48:21:5d:47:e3:12:55:49:
ef:02:cf:3c:67:d1:76:c6:cb:75:cc:f9:c8:d6:5f:
ed:ae:76:87:8d:0c:04:81:a9:01:ef:a8:54:4f:b3:
70:35:3a:0d:04:b1:68:81:70:1e:7b:77:2b:7c:09:
1e:5c:39:0d:14:b7:ad:ca:e4:c3:41:81:8b:1a:40:
4b:22:b5:68:79:95:56:3b:5c:2b:cd:1e:d9:7a:cb:
e2:c0:a1:64:82:df:1c:33:be:a7:7f:ce:19:f5:55:
7c:71:7e:15:5e:99:a8:8c:e1:61:73:b2:5d:37:ae:
5d:4f:d0:9e:a7:11:27:1c:89:59:c0:75:8e:14:27:
77:d8:19:21:37:de:1c:98:9c:b3:06:e4:c7:2b:e3:
f1:c2:b2:3a:33:fd:52:b5:a4:a5:44:20:8e:a0:8c:
d5:c6:7f:c0:f9:61:2a:11:3d:8c:5e:2d:aa:c2:fb:
18:d1:48:37:7f:94:76:0a:cb:21:df:87:ee:4e:0d:
32:4d:14:29:c8:60:21:b6:e2:6c:1b:bd:fc:01:29:
b0:1e:0c:60:a8:ae:3b:85:ad:bb:5f:95:c9:0f:8b:
c9:de:c6:94:65:63:fe:9b:82:02:e2:80:5c:18:ae:
af:de:61:17:d1:2e:75:00:68:06:03:4a:32:78:08:
50:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:14:FE:AC:69:66:30:1D:0A:E0:61:82:EF:81:57:DA:5D:44:C6:C0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DxT-rGlmMB0K4GGC74FX2l1ExsA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
aa:25:c0:1f:13:b2:93:9c:92:c3:96:63:6c:90:12:12:e8:1b:
c9:b8:6f:32:7a:a6:11:4b:c5:32:75:da:c2:c9:10:ca:c2:08:
cc:3d:5b:16:2e:1e:68:64:ef:a0:95:bd:6d:73:ac:a4:06:eb:
bd:2b:70:04:d0:26:6a:8c:9b:a4:1f:c4:de:d3:15:53:4c:b6:
5c:f2:c1:6b:72:50:4b:9b:57:1e:97:ac:de:c7:ea:be:e5:bb:
37:97:e2:b8:db:26:73:99:27:05:d4:3e:6a:e7:4c:23:ff:65:
82:8a:af:02:82:e8:a4:e8:22:c6:b5:c8:a3:de:c6:c5:a5:df:
e8:c1:01:60:ab:0a:49:f0:4a:d5:33:ef:a0:54:1f:09:44:73:
ca:30:ae:32:97:59:5e:7a:26:0a:cc:9e:f1:0a:c3:0c:52:a3:
2b:3b:6f:83:8b:7a:db:ff:0e:bc:f9:40:ab:55:ed:94:dc:4d:
33:b9:f6:47:3c:5d:c3:36:3e:39:a3:b4:c2:40:20:66:3b:7b:
d3:ec:23:36:25:4b:69:80:9c:61:07:7e:ed:c9:6a:2b:c5:25:
4b:89:cc:3c:b1:35:27:12:af:e2:65:e6:ab:94:40:ad:4b:91:
a3:32:bd:6f:33:42:d3:58:98:05:37:8a:38:29:2e:29:33:87:
c2:94:f6:63
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNd0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
OTUyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBGMTRGRUFDNjk2NjMw
MUQwQUUwNjE4MkVGODE1N0RBNUQ0NEM2QzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMUKrwoZ5IIV1H4xJVSe8Czzxn0XbGy3XM+cjWX+2udoeNDASB
qQHvqFRPs3A1Og0EsWiBcB57dyt8CR5cOQ0Ut63K5MNBgYsaQEsitWh5lVY7XCvN
Htl6y+LAoWSC3xwzvqd/zhn1VXxxfhVemaiM4WFzsl03rl1P0J6nEScciVnAdY4U
J3fYGSE33hyYnLMG5Mcr4/HCsjoz/VK1pKVEII6gjNXGf8D5YSoRPYxeLarC+xjR
SDd/lHYKyyHfh+5ODTJNFCnIYCG24mwbvfwBKbAeDGCorjuFrbtflckPi8nexpRl
Y/6bggLigFwYrq/eYRfRLnUAaAYDSjJ4CFBzAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUDxT+rGlmMB0K4GGC74FX2l1ExsAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0R4VC1yR2xtTUIwSzRH
R0M3NEZYMmwxRXhzQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKolwB8TspOcksOW
Y2yQEhLoG8m4bzJ6phFLxTJ12sLJEMrCCMw9WxYuHmhk76CVvW1zrKQG670rcATQ
JmqMm6QfxN7TFVNMtlzywWtyUEubVx6XrN7H6r7luzeX4rjbJnOZJwXUPmrnTCP/
ZYKKrwKC6KToIsa1yKPexsWl3+jBAWCrCknwStUz76BUHwlEc8owrjKXWV56JgrM
nvEKwwxSoys7b4OLetv/Drz5QKtV7ZTcTTO59kc8XcM2PjmjtMJAIGY7e9PsIzYl
S2mAnGEHfu3JaivFJUuJzDyxNScSr+Jl5quUQK1LkaMyvW8zQtNYmAU3ijgpLikz
h8KU9mM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:25 2024 by rpki-client on console-ams.rpki-client.org