Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/IQEHOui2GwVOipF3d6vx02be-Dw.roa
File: IQEHOui2GwVOipF3d6vx02be-Dw.roa (raw, json)
Hash identifier: nEuMKQhR3YT4DkaIs8NJ+urJ/I7Z4etYN+7+MRGgJjM=
Subject key identifier: 21:01:07:3A:E8:B6:1B:05:4E:8A:91:77:77:AB:F1:D3:66:DE:F8:3C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 516D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IQEHOui2GwVOipF3d6vx02be-Dw.roa
Signing time: Tue 07 May 2024 03:53:52 +0000
ROA not before: Tue 07 May 2024 03:53:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20845 (0x516d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 03:53:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2101073AE8B61B054E8A917777ABF1D366DEF83C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0d:69:f2:da:73:47:16:b6:0c:9f:44:6b:86:
6c:82:14:5a:aa:31:e3:45:19:eb:17:79:f4:ce:12:
ef:cc:a8:97:84:1b:14:6c:12:00:15:d5:88:dd:77:
86:01:68:8f:75:a8:31:ab:b3:0f:52:43:0c:70:25:
16:99:7b:09:9b:89:d6:01:7c:8c:22:08:d9:3d:07:
c6:94:e4:a7:a5:30:5f:d8:c7:82:46:5a:f6:4c:94:
03:0a:a7:32:a7:0e:3b:e2:15:91:4c:2a:85:c3:56:
bf:0e:ed:60:fb:17:17:e4:14:15:0f:3b:6f:41:e7:
7a:a3:b9:a7:f2:95:1e:2e:6d:44:bc:55:da:18:60:
e6:61:af:14:ec:27:04:ad:c2:e4:89:28:01:d3:e2:
d2:f7:51:5b:50:35:57:d7:6f:53:17:b3:80:71:75:
d5:d8:03:f1:1b:23:35:b7:c2:4f:0a:e8:1c:5b:5b:
72:28:43:69:a0:00:92:14:b9:23:e6:db:69:f6:37:
fb:96:34:9e:7c:a3:02:50:c0:ec:be:86:24:94:ac:
95:e1:be:82:13:c2:55:2d:e3:4e:3f:d8:a3:20:7d:
5c:68:39:cd:e6:fc:3e:39:69:8c:45:90:71:4f:1b:
67:5d:6b:46:0e:e8:b4:12:46:3b:2c:b7:95:76:ca:
8f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:01:07:3A:E8:B6:1B:05:4E:8A:91:77:77:AB:F1:D3:66:DE:F8:3C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IQEHOui2GwVOipF3d6vx02be-Dw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:48:72:54:14:a0:a4:97:91:9c:01:23:33:b4:38:ad:f8:4c:
08:ca:57:c4:20:1f:71:64:59:1a:8c:7a:f4:d1:52:95:2d:f1:
ca:1a:fd:e8:87:af:f7:b1:27:9f:0e:ee:bf:e4:58:d0:40:d5:
46:52:75:6b:62:70:20:f8:82:18:df:4d:7d:ff:22:4c:6d:e4:
83:24:7a:ff:a8:3c:71:d5:0f:09:df:a0:62:29:f5:ed:b4:85:
1d:6c:75:19:14:64:46:83:ea:b4:72:48:c8:7d:e0:73:76:01:
34:e7:f0:ad:9c:02:91:1d:fb:3f:2e:53:a3:ac:a3:07:f0:19:
15:6e:aa:3b:27:76:97:65:01:dd:23:80:b5:6b:2e:b1:72:f9:
1b:75:2d:ec:00:28:8d:72:70:a7:f9:9a:bf:cc:5b:c7:72:59:
e3:0c:63:e8:1d:42:8f:9c:71:5e:2b:b5:14:27:09:c4:cf:7a:
fe:cc:1f:68:fe:70:1f:d7:76:7d:f3:11:c1:83:2f:6b:ee:dc:
b6:01:b5:a7:20:50:81:4f:e7:1d:a8:15:8c:df:53:72:5d:e1:
58:e6:b7:b7:17:d6:13:94:d7:35:0e:ee:dc:a9:9d:39:23:ef:
e6:4a:01:9a:58:55:05:ab:19:1a:66:82:90:cd:c4:55:7e:50:
44:35:d3:41
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUW0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcw
MzUzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxMDEwNzNBRThCNjFC
MDU0RThBOTE3Nzc3QUJGMUQzNjZERUY4M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEDWny2nNHFrYMn0RrhmyCFFqqMeNFGesXefTOEu/MqJeEGxRs
EgAV1Yjdd4YBaI91qDGrsw9SQwxwJRaZewmbidYBfIwiCNk9B8aU5KelMF/Yx4JG
WvZMlAMKpzKnDjviFZFMKoXDVr8O7WD7FxfkFBUPO29B53qjuafylR4ubUS8VdoY
YOZhrxTsJwStwuSJKAHT4tL3UVtQNVfXb1MXs4BxddXYA/EbIzW3wk8K6BxbW3Io
Q2mgAJIUuSPm22n2N/uWNJ58owJQwOy+hiSUrJXhvoITwlUt404/2KMgfVxoOc3m
/D45aYxFkHFPG2dda0YO6LQSRjsst5V2yo+zAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUIQEHOui2GwVOipF3d6vx02be+DwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0lRRUhPdWkyR3dWT2lw
RjNkNnZ4MDJiZS1Edy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJpIclQUoKSXkZwB
IzO0OK34TAjKV8QgH3FkWRqMevTRUpUt8coa/eiHr/exJ58O7r/kWNBA1UZSdWti
cCD4ghjfTX3/Ikxt5IMkev+oPHHVDwnfoGIp9e20hR1sdRkUZEaD6rRySMh94HN2
ATTn8K2cApEd+z8uU6OsowfwGRVuqjsndpdlAd0jgLVrLrFy+Rt1LewAKI1ycKf5
mr/MW8dyWeMMY+gdQo+ccV4rtRQnCcTPev7MH2j+cB/Xdn3zEcGDL2vu3LYBtacg
UIFP5x2oFYzfU3Jd4Vjmt7cX1hOU1zUO7typnTkj7+ZKAZpYVQWrGRpmgpDNxFV+
UEQ100E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:30 2024 by rpki-client on console-ams.rpki-client.org