Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/IefW9D_Qfyb1QJP2oC_vo3L2b7k.roa
File: IefW9D_Qfyb1QJP2oC_vo3L2b7k.roa (raw, json)
Hash identifier: dyCHOYpJWAEedJwWZxeC6YiL7jRrG+rM57DgIc9g84Y=
Subject key identifier: 21:E7:D6:F4:3F:D0:7F:26:F5:40:93:F6:A0:2F:EF:A3:72:F6:6F:B9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C45
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IefW9D_Qfyb1QJP2oC_vo3L2b7k.roa
Signing time: Mon 08 Apr 2024 22:52:39 +0000
ROA not before: Mon 08 Apr 2024 22:52:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15429 (0x3c45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 22:52:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=21E7D6F43FD07F26F54093F6A02FEFA372F66FB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:58:0d:33:36:c8:c7:20:2a:5f:9a:13:ca:4e:
ee:99:3e:ef:21:58:9c:73:bb:ec:00:60:84:e3:f8:
2e:b6:fe:15:70:63:01:a7:44:12:40:be:4a:ac:61:
a5:68:49:3e:e5:8f:9e:e4:14:77:46:1c:fd:c4:2b:
c2:11:62:7c:c8:a1:76:61:a6:60:2c:73:e6:96:68:
b7:c1:a5:c1:9c:a2:ce:a4:4c:fe:e1:e8:c6:49:d8:
51:c9:4e:09:2e:74:e7:9e:61:b2:7e:e7:9d:26:49:
c6:e3:83:61:2e:15:8a:9f:b6:9d:4e:42:8a:5c:d2:
99:54:f5:a2:80:70:2c:80:fb:7d:a7:9b:e2:de:01:
bf:52:0f:e2:21:e8:67:cd:a8:ce:72:c3:77:54:7b:
59:48:49:43:c1:c2:2f:ed:e5:24:b3:73:0a:f4:91:
bf:64:72:bb:7f:64:f5:52:d4:28:01:33:57:18:35:
90:2a:b0:c0:5a:88:fa:eb:5e:31:b8:32:85:e0:89:
b6:78:26:5f:09:bd:69:e5:68:8a:90:be:bd:88:86:
e8:01:84:53:5b:a4:f0:c0:d0:8d:35:50:ba:1e:02:
29:c0:33:ed:90:18:7c:e4:a7:7e:c7:55:af:5d:b6:
79:32:49:a5:c6:d0:ab:80:97:d6:d5:d4:a5:dc:d9:
b0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E7:D6:F4:3F:D0:7F:26:F5:40:93:F6:A0:2F:EF:A3:72:F6:6F:B9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IefW9D_Qfyb1QJP2oC_vo3L2b7k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:ae:a7:0d:3f:26:6c:4f:75:5e:23:67:31:a3:9c:b0:87:01:
28:47:90:1b:a4:29:0d:e9:35:d5:05:74:5b:a7:63:af:76:db:
17:cc:e8:b1:ce:62:6d:92:26:2f:27:59:a0:57:70:c8:f9:b8:
a6:d2:a4:99:ad:60:ec:17:81:b9:d5:45:fa:f0:15:e5:8c:2f:
7f:d4:ad:34:ac:19:9f:34:81:a2:29:dc:33:3e:a6:43:01:0b:
03:91:61:45:db:ed:73:e7:63:79:14:0d:9c:2e:d8:f3:83:f1:
68:d7:5a:9f:6f:12:bb:75:4c:ad:a6:3d:1e:b6:a8:9b:c0:0b:
c4:5e:db:73:1c:33:68:44:6c:b9:ed:a2:77:35:ac:60:a3:96:
a2:bd:93:36:a3:6f:0b:0f:37:b0:0c:db:c0:10:49:3b:7f:d2:
b0:ea:59:06:63:f5:47:0b:e6:46:40:b6:cc:ce:e2:ea:1a:33:
43:ee:95:ce:e9:b2:55:04:f2:93:9f:d8:1f:f2:25:1d:96:1e:
35:fa:77:d5:ba:55:c5:f0:be:82:67:6d:7e:3d:63:e8:f5:43:
51:95:ae:3d:9a:e3:d0:97:1c:7a:25:13:f2:f2:ba:bf:07:7c:
cc:5d:ee:67:85:79:dc:84:fd:7b:f7:f3:ee:57:bf:fb:64:04:
2d:b1:13:5f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPEUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgy
MjUyMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxRTdENkY0M0ZEMDdG
MjZGNTQwOTNGNkEwMkZFRkEzNzJGNjZGQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6WA0zNsjHICpfmhPKTu6ZPu8hWJxzu+wAYITj+C62/hVwYwGn
RBJAvkqsYaVoST7lj57kFHdGHP3EK8IRYnzIoXZhpmAsc+aWaLfBpcGcos6kTP7h
6MZJ2FHJTgkudOeeYbJ+550mScbjg2EuFYqftp1OQopc0plU9aKAcCyA+32nm+Le
Ab9SD+Ih6GfNqM5yw3dUe1lISUPBwi/t5SSzcwr0kb9kcrt/ZPVS1CgBM1cYNZAq
sMBaiPrrXjG4MoXgibZ4Jl8JvWnlaIqQvr2IhugBhFNbpPDA0I01ULoeAinAM+2Q
GHzkp37HVa9dtnkySaXG0KuAl9bV1KXc2bDzAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUIefW9D/Qfyb1QJP2oC/vo3L2b7kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0llZlc5RF9RZnliMVFK
UDJvQ192bzNMMmI3ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAqupw0/JmxPdV4j
ZzGjnLCHAShHkBukKQ3pNdUFdFunY6922xfM6LHOYm2SJi8nWaBXcMj5uKbSpJmt
YOwXgbnVRfrwFeWML3/UrTSsGZ80gaIp3DM+pkMBCwORYUXb7XPnY3kUDZwu2POD
8WjXWp9vErt1TK2mPR62qJvAC8Re23McM2hEbLntonc1rGCjlqK9kzajbwsPN7AM
28AQSTt/0rDqWQZj9UcL5kZAtszO4uoaM0Pulc7pslUE8pOf2B/yJR2WHjX6d9W6
VcXwvoJnbX49Y+j1Q1GVrj2a49CXHHolE/Lyur8HfMxd7meFedyE/Xv38+5Xv/tk
BC2xE18=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:18 2024 by rpki-client on console-fra.rpki-client.org