Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/F60gnWkH0UeB1lBL-i3T8Y6x5J4.roa
File: F60gnWkH0UeB1lBL-i3T8Y6x5J4.roa (raw, json)
Hash identifier: 1ZUPcrPOMDD0B7XC/chsgqyK90K6FcN3I7JMtF37f6Q=
Subject key identifier: 17:AD:20:9D:69:07:D1:47:81:D6:50:4B:FA:2D:D3:F1:8E:B1:E4:9E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 426D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F60gnWkH0UeB1lBL-i3T8Y6x5J4.roa
Signing time: Wed 17 Apr 2024 03:52:58 +0000
ROA not before: Wed 17 Apr 2024 03:52:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17005 (0x426d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 03:52:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=17AD209D6907D14781D6504BFA2DD3F18EB1E49E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:2d:dd:e7:7e:5a:6c:a5:27:35:6f:6e:a2:91:
75:db:9a:dd:99:e3:2e:67:66:1c:b5:13:2c:62:7e:
5d:f9:70:6f:09:b4:dd:5e:10:f2:44:8f:86:8f:7a:
42:3f:7b:f4:6b:e0:fa:ce:14:d3:24:3b:e6:9a:d6:
94:ae:e4:9d:9e:d6:2a:f7:86:0d:96:f7:1c:36:00:
c0:29:b8:32:40:a6:d4:77:bf:41:4b:de:ec:7c:89:
5c:c9:34:ec:12:77:6b:68:66:68:3b:df:4b:b2:40:
a7:df:36:6f:01:de:b9:ad:6a:e8:c9:7a:b1:bc:e4:
ad:f7:b4:89:95:35:02:3f:6d:78:84:e6:f4:ab:6b:
54:ec:a6:c9:0a:c6:0f:cc:8e:9a:f0:e4:7b:3f:b5:
74:ec:3e:eb:34:6a:41:f3:9e:ef:be:6c:84:99:fe:
8e:40:8e:9a:6b:2f:9d:dd:65:0a:32:1c:09:cd:6e:
68:d1:6e:7c:c5:e1:12:8f:e4:6d:1a:d7:21:9c:c2:
3f:b4:4a:35:7c:23:65:a2:dd:64:81:73:4d:47:82:
43:9b:6c:c1:b8:3e:a5:22:c1:df:5b:59:6c:37:3c:
33:cf:be:59:ba:5a:63:0f:70:e9:02:02:1b:6e:14:
e5:b0:56:d3:b4:69:40:8e:38:bd:80:be:5e:57:f5:
9d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AD:20:9D:69:07:D1:47:81:D6:50:4B:FA:2D:D3:F1:8E:B1:E4:9E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F60gnWkH0UeB1lBL-i3T8Y6x5J4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2c:82:48:4d:e7:72:4f:bc:c4:9b:b8:a5:45:4a:01:28:4a:d5:
60:95:4c:44:fa:4f:ee:12:84:33:93:05:0c:65:b4:62:cf:7f:
b3:a6:67:0a:af:51:42:e5:94:35:d0:25:81:6c:38:3c:89:6f:
bb:2a:9c:f4:86:1d:80:09:55:e9:de:b3:99:9a:82:21:38:a6:
ec:b7:e3:63:4e:9d:41:ed:59:8c:ed:a3:8a:a8:91:35:f8:26:
ce:35:8d:00:a5:21:ff:de:1e:79:ef:fb:49:33:28:b9:e6:b1:
28:04:8a:a5:3f:4c:49:3d:02:c8:04:39:45:0a:19:4b:33:d3:
8a:38:76:1b:c3:b8:47:88:88:4a:9f:ec:28:51:0b:4a:b7:23:
49:bd:d8:ae:ab:fc:be:b5:d6:9c:9c:ce:5a:f5:6f:65:ea:58:
41:b7:35:49:dc:b3:e9:1f:34:51:d5:73:cb:02:cf:07:b2:82:
c8:94:c1:18:c2:2d:a8:00:1c:74:be:64:ad:22:f5:a3:1e:b7:
ab:56:2e:d2:41:34:1c:fa:4e:9d:7d:11:65:aa:20:4e:2d:04:
d9:20:21:08:7a:0a:a5:6a:0b:13:09:c3:e3:32:cd:73:73:7c:
2b:73:5d:0d:5e:05:cb:fb:2e:28:dd:93:90:e0:cc:1e:ee:62:
23:c0:1d:04
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQm0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
MzUyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE3QUQyMDlENjkwN0Qx
NDc4MUQ2NTA0QkZBMkREM0YxOEVCMUU0OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcLd3nflpspSc1b26ikXXbmt2Z4y5nZhy1Eyxifl35cG8JtN1e
EPJEj4aPekI/e/Rr4PrOFNMkO+aa1pSu5J2e1ir3hg2W9xw2AMApuDJAptR3v0FL
3ux8iVzJNOwSd2toZmg730uyQKffNm8B3rmtaujJerG85K33tImVNQI/bXiE5vSr
a1TspskKxg/Mjprw5Hs/tXTsPus0akHznu++bISZ/o5AjpprL53dZQoyHAnNbmjR
bnzF4RKP5G0a1yGcwj+0SjV8I2Wi3WSBc01HgkObbMG4PqUiwd9bWWw3PDPPvlm6
WmMPcOkCAhtuFOWwVtO0aUCOOL2Avl5X9Z2BAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUF60gnWkH0UeB1lBL+i3T8Y6x5J4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Y2MGduV2tIMFVlQjFs
QkwtaTNUOFk2eDVKNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACyCSE3nck+8xJu4
pUVKAShK1WCVTET6T+4ShDOTBQxltGLPf7OmZwqvUULllDXQJYFsODyJb7sqnPSG
HYAJVenes5magiE4puy342NOnUHtWYzto4qokTX4Js41jQClIf/eHnnv+0kzKLnm
sSgEiqU/TEk9AsgEOUUKGUsz04o4dhvDuEeIiEqf7ChRC0q3I0m92K6r/L611pyc
zlr1b2XqWEG3NUncs+kfNFHVc8sCzweygsiUwRjCLagAHHS+ZK0i9aMet6tWLtJB
NBz6Tp19EWWqIE4tBNkgIQh6CqVqCxMJw+MyzXNzfCtzXQ1eBcv7Lijdk5DgzB7u
YiPAHQQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:15 2024 by rpki-client on console-fra.rpki-client.org