Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/EZVqBseenXjpjVOSxc3NoUnbIds.roa
File: EZVqBseenXjpjVOSxc3NoUnbIds.roa (raw, json)
Hash identifier: SWe+bl1LflUstCXz0rN0zqDxLs9K6beOZCh9Qfk4dLU=
Subject key identifier: 11:95:6A:06:C7:9E:9D:78:E9:8D:53:92:C5:CD:CD:A1:49:DB:21:DB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41DD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EZVqBseenXjpjVOSxc3NoUnbIds.roa
Signing time: Tue 16 Apr 2024 09:52:59 +0000
ROA not before: Tue 16 Apr 2024 09:52:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16861 (0x41dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 09:52:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=11956A06C79E9D78E98D5392C5CDCDA149DB21DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:11:8f:d3:a9:72:09:71:4f:90:df:8f:93:fb:
4b:2b:17:6b:c7:01:27:30:2e:a9:c7:f5:00:53:d4:
ba:a0:5a:88:69:58:f9:fd:d5:e4:07:33:a8:a3:64:
05:b2:f0:db:08:fd:3a:06:a9:3c:f7:31:81:d3:17:
b7:56:62:9c:e4:50:e5:97:71:7e:6f:5d:3b:59:f8:
f3:07:0a:d5:d2:d1:0e:4b:5d:56:9a:e4:ad:8d:4b:
11:27:80:34:5f:de:db:5b:0d:19:e1:3c:51:4a:e8:
50:3b:79:bb:fd:42:4c:7f:e9:b5:67:a6:20:5b:01:
ac:18:b8:22:ab:48:ae:51:94:79:b4:a1:81:d5:61:
d6:36:e9:9c:b8:96:ac:96:5e:25:b8:f4:c4:49:5c:
f0:59:ea:54:39:f8:e9:40:1f:6e:5c:55:ac:5d:af:
77:78:4c:00:fd:45:ee:c6:80:8f:1b:04:db:7e:f9:
6d:28:0d:37:d8:e9:2b:20:52:01:02:b2:49:9b:9a:
aa:d5:4b:2e:4c:80:75:8e:f8:d1:44:4c:1c:18:12:
aa:2a:73:2a:1b:3d:f7:03:9f:19:b5:0f:28:23:73:
76:18:73:86:32:90:3c:17:57:fb:76:b3:4a:e3:f8:
69:cb:7c:b7:80:e2:6b:69:97:ad:d8:e1:de:34:ac:
f1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:95:6A:06:C7:9E:9D:78:E9:8D:53:92:C5:CD:CD:A1:49:DB:21:DB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EZVqBseenXjpjVOSxc3NoUnbIds.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ba:57:03:de:89:f0:6a:d6:1e:ed:20:4c:4b:c5:ca:6c:96:ba:
fc:e0:63:06:ac:8f:a1:7a:6f:68:36:6a:c9:a3:ca:d3:1e:36:
11:c9:7e:5c:bb:6f:23:c0:d0:98:a8:6e:69:b6:03:70:71:83:
f7:f2:25:7c:7d:da:e5:98:8f:41:c6:7d:9d:a7:9c:5c:1d:1a:
90:15:1a:7d:e5:6c:88:6e:19:c4:f9:c1:a1:8d:4c:ef:f5:bf:
a8:f6:b8:98:3a:b0:19:bb:22:89:5f:53:5e:3a:a9:db:8e:76:
d4:9a:4b:58:a5:74:ba:f9:d5:44:a2:0f:7a:0a:ee:a5:fa:88:
fe:b1:6b:6c:52:d3:47:ea:42:1e:fe:08:c9:7a:d8:b5:bb:f7:
43:e4:7e:09:96:d3:92:0d:e0:a4:42:19:2e:92:4e:4b:6c:c9:
0e:22:1b:95:26:9d:90:8e:58:7b:01:83:ba:63:49:f8:7b:cc:
0b:ec:73:8f:07:9b:ea:6f:30:a0:2c:9d:c6:a8:17:86:2f:54:
23:c6:bf:8d:78:76:06:fc:be:91:b0:b7:a1:11:1b:0e:64:cb:
cb:63:e1:f5:87:8c:6b:00:f4:7c:43:62:52:52:8b:c3:8c:18:
0c:a0:88:63:7b:ea:7a:27:74:6b:df:25:c2:37:cc:fa:08:b0:
61:3d:f5:e8
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQd0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
OTUyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDExOTU2QTA2Qzc5RTlE
NzhFOThENTM5MkM1Q0RDREExNDlEQjIxREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrEY/TqXIJcU+Q34+T+0srF2vHAScwLqnH9QBT1LqgWohpWPn9
1eQHM6ijZAWy8NsI/ToGqTz3MYHTF7dWYpzkUOWXcX5vXTtZ+PMHCtXS0Q5LXVaa
5K2NSxEngDRf3ttbDRnhPFFK6FA7ebv9Qkx/6bVnpiBbAawYuCKrSK5RlHm0oYHV
YdY26Zy4lqyWXiW49MRJXPBZ6lQ5+OlAH25cVaxdr3d4TAD9Re7GgI8bBNt++W0o
DTfY6SsgUgECskmbmqrVSy5MgHWO+NFETBwYEqoqcyobPfcDnxm1Dygjc3YYc4Yy
kDwXV/t2s0rj+GnLfLeA4mtpl63Y4d40rPFFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUEZVqBseenXjpjVOSxc3NoUnbIdswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0VaVnFCc2VlblhqcGpW
T1N4YzNOb1VuYklkcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALpXA96J8GrWHu0g
TEvFymyWuvzgYwasj6F6b2g2asmjytMeNhHJfly7byPA0Jiobmm2A3Bxg/fyJXx9
2uWYj0HGfZ2nnFwdGpAVGn3lbIhuGcT5waGNTO/1v6j2uJg6sBm7IolfU146qduO
dtSaS1ildLr51USiD3oK7qX6iP6xa2xS00fqQh7+CMl62LW790PkfgmW05IN4KRC
GS6STktsyQ4iG5UmnZCOWHsBg7pjSfh7zAvsc48Hm+pvMKAsncaoF4YvVCPGv414
dgb8vpGwt6ERGw5ky8tj4fWHjGsA9HxDYlJSi8OMGAygiGN76nondGvfJcI3zPoI
sGE99eg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:14 2024 by rpki-client on console-fra.rpki-client.org