Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/I9obRSleWmvw5VuZtCg0nt55vbE.roa
File: I9obRSleWmvw5VuZtCg0nt55vbE.roa (raw, json)
Hash identifier: B4z6kOSoCIAF2Hoew03nnRbEby3y5gyCuMyPZRPRPmU=
Subject key identifier: 23:DA:1B:45:29:5E:5A:6B:F0:E5:5B:99:B4:28:34:9E:DE:79:BD:B1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4289
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/I9obRSleWmvw5VuZtCg0nt55vbE.roa
Signing time: Wed 17 Apr 2024 07:23:26 +0000
ROA not before: Wed 17 Apr 2024 07:23:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17033 (0x4289)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 07:23:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=23DA1B45295E5A6BF0E55B99B428349EDE79BDB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9b:d0:f3:8d:e9:9b:42:28:a0:34:d1:3d:7b:
7c:97:12:9b:ba:80:e8:32:ec:ec:ee:f5:04:c5:56:
51:26:04:b5:b0:b8:d5:43:e4:50:47:f0:b6:87:72:
55:f8:38:a5:fe:c9:56:e6:21:b9:1a:6d:a5:2d:f8:
fb:53:29:ee:ac:83:f9:9c:05:97:50:f7:60:a1:d4:
1a:77:21:6b:74:b6:f9:1d:7c:ca:36:77:b5:bd:7a:
0f:d9:54:af:43:d6:49:2a:55:b1:e6:6f:10:25:db:
fc:7a:f2:f2:9a:0f:ea:8a:0f:c1:ad:e5:a1:8b:59:
19:87:f7:61:64:91:93:20:00:cb:ff:5d:7e:bc:55:
13:6b:e9:0f:39:60:7a:1c:c4:9d:d7:2f:9a:35:58:
a9:d8:68:b9:58:28:63:20:ef:4e:4c:51:24:21:45:
23:48:ce:7b:c1:f9:f1:de:85:68:11:68:01:76:30:
36:df:75:db:54:4b:43:5e:bf:71:4b:15:ae:22:31:
35:2c:df:c6:e5:e6:27:9f:56:bb:88:88:55:04:eb:
f3:66:88:bd:2e:dd:ec:bf:9e:ca:69:ce:fc:75:66:
d7:dc:c2:79:0c:bb:1b:94:5b:7f:18:9c:1f:e9:e7:
af:ad:9d:47:3a:e1:e8:c8:24:20:c1:4e:84:37:19:
59:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:DA:1B:45:29:5E:5A:6B:F0:E5:5B:99:B4:28:34:9E:DE:79:BD:B1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/I9obRSleWmvw5VuZtCg0nt55vbE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2d:be:ae:5e:f2:0c:93:2f:3a:67:d8:ac:ab:e4:03:cd:87:f8:
0d:6a:d6:17:ac:22:e9:11:4c:ca:08:5a:8d:d4:31:ce:6e:0d:
62:01:3b:ed:23:5d:71:f3:e5:19:96:46:e2:b1:33:7c:81:48:
fe:5e:2a:85:3f:c6:b9:6d:4c:85:ae:ce:4f:75:c6:07:e5:30:
f9:30:81:16:59:49:51:9e:88:e9:49:f4:b1:07:e8:8a:be:c1:
60:1b:b0:a0:93:c4:ab:6e:cf:d7:f9:32:ed:91:49:6f:89:e6:
d3:19:95:c6:6a:95:07:d3:74:7e:bc:c6:8b:8a:93:5d:a2:29:
6d:8b:e7:9e:32:c1:40:14:28:ad:6e:02:6b:4d:1d:95:16:52:
97:27:df:52:d0:31:89:ba:89:36:94:b5:aa:2b:63:15:08:8a:
bc:8b:38:76:67:9d:f7:b7:10:ab:18:92:bf:76:e3:28:b6:4d:
c3:5f:0a:42:fd:ad:de:b9:f5:39:c7:b2:75:fc:0d:f2:82:69:
f5:a6:62:94:01:0d:c5:9b:24:50:ab:07:30:04:f4:5a:87:8f:
e4:aa:16:7c:7c:7f:be:40:1b:99:42:0b:5c:0a:0d:c5:ce:c3:
af:74:c9:62:34:13:ea:3f:65:0e:75:62:ca:78:f0:60:5d:fe:
15:18:fe:63
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQokwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
NzIzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzREExQjQ1Mjk1RTVB
NkJGMEU1NUI5OUI0MjgzNDlFREU3OUJEQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCom9DzjembQiigNNE9e3yXEpu6gOgy7Ozu9QTFVlEmBLWwuNVD
5FBH8LaHclX4OKX+yVbmIbkabaUt+PtTKe6sg/mcBZdQ92Ch1Bp3IWt0tvkdfMo2
d7W9eg/ZVK9D1kkqVbHmbxAl2/x68vKaD+qKD8Gt5aGLWRmH92FkkZMgAMv/XX68
VRNr6Q85YHocxJ3XL5o1WKnYaLlYKGMg705MUSQhRSNIznvB+fHehWgRaAF2MDbf
ddtUS0Nev3FLFa4iMTUs38bl5iefVruIiFUE6/NmiL0u3ey/nsppzvx1ZtfcwnkM
uxuUW38YnB/p56+tnUc64ejIJCDBToQ3GVn/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUI9obRSleWmvw5VuZtCg0nt55vbEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0k5b2JSU2xlV212dzVW
dVp0Q2cwbnQ1NXZiRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAC2+rl7yDJMvOmfY
rKvkA82H+A1q1hesIukRTMoIWo3UMc5uDWIBO+0jXXHz5RmWRuKxM3yBSP5eKoU/
xrltTIWuzk91xgflMPkwgRZZSVGeiOlJ9LEH6Iq+wWAbsKCTxKtuz9f5Mu2RSW+J
5tMZlcZqlQfTdH68xouKk12iKW2L554ywUAUKK1uAmtNHZUWUpcn31LQMYm6iTaU
taorYxUIiryLOHZnnfe3EKsYkr924yi2TcNfCkL9rd659TnHsnX8DfKCafWmYpQB
DcWbJFCrBzAE9FqHj+SqFnx8f75AG5lCC1wKDcXOw690yWI0E+o/ZQ51Ysp48GBd
/hUY/mM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:17 2024 by rpki-client on console-fra.rpki-client.org