Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/HbdVOFWLlWT3eI8BDdubHgjqCts.roa
File: HbdVOFWLlWT3eI8BDdubHgjqCts.roa (raw, json)
Hash identifier: U8+ndFPxO6DS+2wZqjrfhMRp4UNB6T5paLM3K/quKwk=
Subject key identifier: 1D:B7:55:38:55:8B:95:64:F7:78:8F:01:0D:DB:9B:1E:08:EA:0A:DB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D41
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HbdVOFWLlWT3eI8BDdubHgjqCts.roa
Signing time: Wed 10 Apr 2024 06:22:38 +0000
ROA not before: Wed 10 Apr 2024 06:22:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15681 (0x3d41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 06:22:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1DB75538558B9564F7788F010DDB9B1E08EA0ADB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:59:7e:46:1e:39:47:f4:57:8b:6e:77:6a:9d:
a7:c4:9f:34:b2:3f:ee:bf:c9:f3:b3:91:70:ac:c0:
f1:20:79:0e:fd:2a:80:68:73:4d:c5:54:96:3c:a8:
11:43:26:b2:91:d6:51:02:bb:2e:fc:56:58:8b:b1:
6d:d8:7e:a4:d7:6d:1a:6f:85:4f:67:4b:61:89:2b:
8d:1e:b4:7b:bf:d3:ca:e0:4d:19:53:d2:d5:5b:bc:
69:71:d8:5b:22:e1:69:4b:3a:fb:13:da:36:a0:62:
30:50:d1:2e:e8:9e:c4:e1:76:1d:9a:d5:89:cd:c3:
e8:0c:e0:f2:cf:d3:7b:0c:ce:bf:8c:97:15:57:c3:
f7:14:07:9c:37:19:31:07:f4:6a:8c:64:03:ba:cf:
00:87:12:3c:89:49:0e:b5:28:f1:be:35:72:7c:19:
38:14:20:b4:aa:4c:fc:82:29:af:75:b7:c7:4a:77:
3d:27:55:a0:ad:61:44:13:1b:99:72:7d:ca:71:a0:
ca:84:8d:40:a9:71:e0:7e:f9:27:d8:df:d8:8e:10:
92:13:5f:27:d7:27:51:06:f0:fa:3c:c7:cc:e0:e6:
c0:7c:2d:42:00:2c:39:df:aa:ea:29:30:a5:d1:db:
b1:b2:a0:fc:bd:11:57:3d:ed:91:aa:c9:8c:e4:9f:
4e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B7:55:38:55:8B:95:64:F7:78:8F:01:0D:DB:9B:1E:08:EA:0A:DB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HbdVOFWLlWT3eI8BDdubHgjqCts.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
96:7e:2e:35:21:34:81:89:4c:e0:8e:0d:74:7c:39:39:04:1a:
c6:89:20:97:54:53:8a:1c:6a:9b:44:f6:29:fb:21:aa:dc:3c:
90:4c:4e:71:8a:c0:2d:e6:bb:17:37:bb:77:a4:91:82:72:04:
e1:08:81:1e:08:f5:70:55:9f:f6:a6:f0:65:e9:aa:3f:5c:23:
f4:45:b1:bb:57:3f:25:b5:0d:16:5a:76:6a:4c:d4:5b:a3:5c:
ba:87:b1:1e:ab:55:2c:2a:35:a2:7a:ad:32:36:52:c9:68:a5:
45:ba:3f:e7:2f:28:15:bf:20:88:09:3e:5d:8f:98:3f:5b:f0:
5e:62:1d:06:14:01:30:ca:b4:98:f6:72:c4:b2:66:31:b3:dd:
34:1e:79:cf:77:0f:bc:e4:e5:92:d5:4c:6e:7a:84:bc:ba:5e:
a6:0a:62:df:3c:9e:3f:9e:c3:84:93:66:bd:4e:3c:22:02:3b:
fc:7c:52:a4:1d:51:f0:80:09:79:eb:b6:17:92:69:2b:53:1a:
26:0f:5b:f9:88:1d:b0:e3:91:ba:3e:31:b1:f6:c0:ce:bd:2d:
e3:19:c5:7a:73:7c:12:2a:87:ee:ba:c0:8c:99:47:8d:20:d9:
b2:bd:4d:1a:2f:9a:3e:73:dd:3d:d4:2c:94:e9:a3:06:88:fc:
2a:be:3f:de
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPUEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
NjIyMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFEQjc1NTM4NTU4Qjk1
NjRGNzc4OEYwMTBEREI5QjFFMDhFQTBBREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDWX5GHjlH9FeLbndqnafEnzSyP+6/yfOzkXCswPEgeQ79KoBo
c03FVJY8qBFDJrKR1lECuy78VliLsW3YfqTXbRpvhU9nS2GJK40etHu/08rgTRlT
0tVbvGlx2Fsi4WlLOvsT2jagYjBQ0S7onsThdh2a1YnNw+gM4PLP03sMzr+MlxVX
w/cUB5w3GTEH9GqMZAO6zwCHEjyJSQ61KPG+NXJ8GTgUILSqTPyCKa91t8dKdz0n
VaCtYUQTG5lyfcpxoMqEjUCpceB++SfY39iOEJITXyfXJ1EG8Po8x8zg5sB8LUIA
LDnfquopMKXR27GyoPy9EVc97ZGqyYzkn04NAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUHbdVOFWLlWT3eI8BDdubHgjqCtswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0hiZFZPRldMbFdUM2VJ
OEJEZHViSGdqcUN0cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJZ+LjUhNIGJTOCO
DXR8OTkEGsaJIJdUU4ocaptE9in7IarcPJBMTnGKwC3muxc3u3ekkYJyBOEIgR4I
9XBVn/am8GXpqj9cI/RFsbtXPyW1DRZadmpM1FujXLqHsR6rVSwqNaJ6rTI2Uslo
pUW6P+cvKBW/IIgJPl2PmD9b8F5iHQYUATDKtJj2csSyZjGz3TQeec93D7zk5ZLV
TG56hLy6XqYKYt88nj+ew4STZr1OPCICO/x8UqQdUfCACXnrtheSaStTGiYPW/mI
HbDjkbo+MbH2wM69LeMZxXpzfBIqh+66wIyZR40g2bK9TRovmj5z3T3ULJTpowaI
/Cq+P94=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:17 2024 by rpki-client on console-fra.rpki-client.org