Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/EczddbHjWpNeUQl-teyu5apM5WM.roa
File: EczddbHjWpNeUQl-teyu5apM5WM.roa (raw, json)
Hash identifier: NsYQuQ5qIDCDz163qPETz4yzYTB3AIPch3JSae6UlPo=
Subject key identifier: 11:CC:DD:75:B1:E3:5A:93:5E:51:09:7E:B5:EC:AE:E5:AA:4C:E5:63
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F79
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EczddbHjWpNeUQl-teyu5apM5WM.roa
Signing time: Sat 13 Apr 2024 05:22:49 +0000
ROA not before: Sat 13 Apr 2024 05:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16249 (0x3f79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 05:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=11CCDD75B1E35A935E51097EB5ECAEE5AA4CE563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:66:4f:c0:40:a7:ad:90:d0:b1:73:27:53:ef:
1c:25:c5:df:83:17:03:e0:28:84:b6:15:38:39:6d:
62:f2:58:88:8c:4e:e4:35:9d:78:ce:66:b3:e8:20:
99:97:c3:df:b5:66:af:bd:0a:42:c3:46:fd:9e:b9:
43:e6:a0:4a:89:40:c8:5f:3c:d4:4b:77:de:f5:08:
21:92:3b:18:29:4c:a6:23:ab:c0:e1:ee:e5:a3:59:
69:0e:a4:73:7c:d4:b7:81:92:03:7c:2e:50:3d:48:
3b:58:f9:62:2a:e6:f4:f9:cf:ae:de:86:39:30:06:
7f:cc:86:d7:9f:0e:28:1e:dd:7d:1f:b6:f8:53:e8:
0d:d5:6a:e5:0b:fe:95:83:ee:28:53:03:6b:f3:cc:
21:14:92:8e:1c:a4:34:b2:4b:9c:b1:96:24:88:13:
d1:8e:7f:dd:61:e2:46:a1:25:d9:5c:25:85:02:ea:
8a:11:0f:7a:ea:cf:11:a9:80:9b:d6:88:1b:9a:6f:
1e:c9:e6:61:68:3f:86:69:88:ca:4d:63:ee:fc:5e:
5b:c2:83:dd:a2:79:b6:51:f7:34:11:23:49:19:44:
4b:80:58:c8:8f:b6:36:e8:f5:34:db:e9:d1:38:03:
e5:69:5f:9e:50:06:91:4b:26:dd:76:78:57:cb:43:
12:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:CC:DD:75:B1:E3:5A:93:5E:51:09:7E:B5:EC:AE:E5:AA:4C:E5:63
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EczddbHjWpNeUQl-teyu5apM5WM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
28:43:fe:e7:20:26:8d:84:b4:fa:e2:0c:c7:ef:88:3c:e4:eb:
74:02:a2:0d:3f:57:4e:2e:cf:89:7c:bd:84:f5:19:61:77:3a:
ed:25:7c:fe:44:82:14:f1:ef:04:af:88:6e:e1:f5:e2:7c:5f:
a9:0d:5a:f8:18:15:3e:7f:04:e5:92:ec:90:44:ab:fb:6c:bb:
b7:7f:5d:c2:29:6b:93:58:88:a6:f0:93:2f:58:81:d8:af:65:
99:c4:aa:17:2a:97:f2:8d:50:51:73:1d:1b:42:fc:44:ca:1e:
79:e4:fa:0d:3b:f5:a5:a6:60:6e:09:5f:38:51:eb:a7:c5:2d:
85:10:00:f3:45:2c:c4:c2:69:19:38:2a:4f:0c:cc:a1:5d:a3:
a6:d2:36:b4:d0:ab:6d:2f:f8:38:e3:cb:8c:f2:1f:7c:13:e1:
d5:95:c9:9b:08:5a:fd:aa:ac:31:62:1b:dc:8e:78:d0:1c:ce:
52:cc:87:d6:62:01:b5:33:10:04:0d:c5:22:a7:4a:d2:13:4b:
fe:ce:01:f6:ad:3f:1e:c8:19:9d:04:0e:fc:3a:51:29:5a:30:
35:db:98:e7:43:b0:86:5d:aa:1f:de:aa:72:1f:2b:42:ee:41:
12:fb:b0:2d:4c:4e:82:1c:43:3b:13:dc:5f:29:f2:27:9f:74:
d6:f9:a5:0e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP3kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMw
NTIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDExQ0NERDc1QjFFMzVB
OTM1RTUxMDk3RUI1RUNBRUU1QUE0Q0U1NjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYZk/AQKetkNCxcydT7xwlxd+DFwPgKIS2FTg5bWLyWIiMTuQ1
nXjOZrPoIJmXw9+1Zq+9CkLDRv2euUPmoEqJQMhfPNRLd971CCGSOxgpTKYjq8Dh
7uWjWWkOpHN81LeBkgN8LlA9SDtY+WIq5vT5z67ehjkwBn/MhtefDige3X0ftvhT
6A3VauUL/pWD7ihTA2vzzCEUko4cpDSyS5yxliSIE9GOf91h4kahJdlcJYUC6ooR
D3rqzxGpgJvWiBuabx7J5mFoP4ZpiMpNY+78XlvCg92iebZR9zQRI0kZREuAWMiP
tjbo9TTb6dE4A+VpX55QBpFLJt12eFfLQxIRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUEczddbHjWpNeUQl+teyu5apM5WMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0VjemRkYkhqV3BOZVVR
bC10ZXl1NWFwTTVXTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAChD/ucgJo2EtPri
DMfviDzk63QCog0/V04uz4l8vYT1GWF3Ou0lfP5EghTx7wSviG7h9eJ8X6kNWvgY
FT5/BOWS7JBEq/tsu7d/XcIpa5NYiKbwky9YgdivZZnEqhcql/KNUFFzHRtC/ETK
Hnnk+g079aWmYG4JXzhR66fFLYUQAPNFLMTCaRk4Kk8MzKFdo6bSNrTQq20v+Djj
y4zyH3wT4dWVyZsIWv2qrDFiG9yOeNAczlLMh9ZiAbUzEAQNxSKnStITS/7OAfat
Px7IGZ0EDvw6USlaMDXbmOdDsIZdqh/eqnIfK0LuQRL7sC1MToIcQzsT3F8p8ief
dNb5pQ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:14 2024 by rpki-client on console-fra.rpki-client.org