Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/I_DPJgX9z2Xe_9s-tc-kvgKB_Sc.roa
File: I_DPJgX9z2Xe_9s-tc-kvgKB_Sc.roa (raw, json)
Hash identifier: zdymnKqhVw79TwAokaHQYflgIGbNjoCWXuZdeyz1Uzo=
Subject key identifier: 23:F0:CF:26:05:FD:CF:65:DE:FF:DB:3E:B5:CF:A4:BE:02:81:FD:27
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 39A1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/I_DPJgX9z2Xe_9s-tc-kvgKB_Sc.roa
Signing time: Fri 05 Apr 2024 10:22:24 +0000
ROA not before: Fri 05 Apr 2024 10:22:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14753 (0x39a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 10:22:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=23F0CF2605FDCF65DEFFDB3EB5CFA4BE0281FD27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:59:2c:26:38:bb:88:06:52:4e:85:a5:24:c3:
52:af:12:61:10:f4:65:3f:38:4f:ec:3d:7e:a2:e4:
70:f5:b1:f0:b4:e8:80:14:30:e0:87:ec:f9:b6:b7:
1c:1e:f4:e0:ab:c5:f0:98:8a:e2:c2:29:e5:48:fa:
6d:7e:04:59:29:5d:bb:8b:51:cc:03:91:00:98:69:
be:63:c5:8f:1b:4d:57:a7:55:a9:65:f4:66:d9:48:
a4:f8:37:3f:1f:e9:a8:68:4b:03:76:5f:8e:04:94:
62:c9:98:04:d0:8a:8a:89:bb:35:fa:bf:42:e9:f7:
c8:df:ea:47:1b:8e:b3:d7:9a:5a:42:ee:55:e3:b6:
b6:00:59:16:ea:a8:1e:40:8c:bb:12:47:03:e0:f1:
25:0d:71:15:c0:86:68:6e:f7:e2:d3:85:e2:36:95:
0e:47:83:06:9f:93:b7:0e:c7:e3:5a:0b:ff:8e:6f:
e7:cb:e6:b4:78:2f:65:c4:cd:0f:f6:64:61:d0:f3:
77:19:b3:cc:65:00:30:e6:6d:c0:03:83:3d:24:eb:
b2:cb:9b:1d:91:90:35:7c:0e:18:92:f4:fd:af:e2:
53:4f:c3:58:b3:22:f6:bf:37:06:f1:e2:4a:1b:d8:
ab:8c:0a:39:b5:69:f3:0b:a2:79:6e:4b:d7:e9:7c:
d4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F0:CF:26:05:FD:CF:65:DE:FF:DB:3E:B5:CF:A4:BE:02:81:FD:27
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/I_DPJgX9z2Xe_9s-tc-kvgKB_Sc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3c:51:54:a8:13:9b:73:03:2c:7c:92:4f:aa:36:ec:0c:e1:fe:
9e:35:7e:41:c8:43:87:df:21:49:55:63:0e:cc:79:76:b7:b5:
f9:ae:5d:28:71:67:a3:99:ff:44:38:86:98:e9:43:80:13:f4:
fd:2a:96:7c:e4:ec:b9:0e:ba:78:69:3c:32:59:49:1e:d3:97:
52:9f:a4:90:49:37:c2:c9:61:bb:dc:a8:6c:40:fe:6d:42:de:
de:b7:c3:20:49:16:40:61:5b:68:46:13:04:e3:4e:a6:c5:6f:
7d:25:0d:ae:02:b0:ee:76:fa:66:05:ab:12:8e:b0:c6:db:45:
9d:09:de:1b:06:e6:8f:9d:ac:21:87:60:05:8a:87:5c:b8:13:
11:04:f5:3c:b0:72:3c:c0:c6:a5:70:80:5a:71:e3:e3:aa:5e:
b7:08:2b:25:61:ba:14:4f:42:7c:7a:66:d0:2f:d7:23:e8:93:
67:0c:bc:af:70:7f:d4:c1:e4:11:87:e2:93:41:be:2a:ac:ff:
41:91:1a:07:e2:bf:94:92:e3:d4:97:83:4b:4b:6c:19:71:67:
57:c9:e4:d9:08:3a:34:2e:e7:1d:8d:38:98:5b:26:3d:5e:55:
42:22:39:2e:85:99:8e:18:eb:22:80:2a:0a:8f:82:46:fe:87:
8a:ac:bd:f0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOaEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUx
MDIyMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzRjBDRjI2MDVGRENG
NjVERUZGREIzRUI1Q0ZBNEJFMDI4MUZEMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGWSwmOLuIBlJOhaUkw1KvEmEQ9GU/OE/sPX6i5HD1sfC06IAU
MOCH7Pm2txwe9OCrxfCYiuLCKeVI+m1+BFkpXbuLUcwDkQCYab5jxY8bTVenVall
9GbZSKT4Nz8f6ahoSwN2X44ElGLJmATQioqJuzX6v0Lp98jf6kcbjrPXmlpC7lXj
trYAWRbqqB5AjLsSRwPg8SUNcRXAhmhu9+LTheI2lQ5Hgwafk7cOx+NaC/+Ob+fL
5rR4L2XEzQ/2ZGHQ83cZs8xlADDmbcADgz0k67LLmx2RkDV8DhiS9P2v4lNPw1iz
Iva/Nwbx4kob2KuMCjm1afMLonluS9fpfNTRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUI/DPJgX9z2Xe/9s+tc+kvgKB/ScwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0lfRFBKZ1g5ejJYZV85
cy10Yy1rdmdLQl9TYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADxRVKgTm3MDLHyS
T6o27Azh/p41fkHIQ4ffIUlVYw7MeXa3tfmuXShxZ6OZ/0Q4hpjpQ4AT9P0qlnzk
7LkOunhpPDJZSR7Tl1KfpJBJN8LJYbvcqGxA/m1C3t63wyBJFkBhW2hGEwTjTqbF
b30lDa4CsO52+mYFqxKOsMbbRZ0J3hsG5o+drCGHYAWKh1y4ExEE9TywcjzAxqVw
gFpx4+OqXrcIKyVhuhRPQnx6ZtAv1yPok2cMvK9wf9TB5BGH4pNBviqs/0GRGgfi
v5SS49SXg0tLbBlxZ1fJ5NkIOjQu5x2NOJhbJj1eVUIiOS6FmY4Y6yKAKgqPgkb+
h4qsvfA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:30 2024 by rpki-client on console-ams.rpki-client.org