Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ODAeJ9i-PULu91sq94QTAYhMSP8.roa
File: ODAeJ9i-PULu91sq94QTAYhMSP8.roa (raw, json)
Hash identifier: 06ftZfpGUvzNZCBxlrxmEQrXFM8lA3GgW3DbK2r/iHU=
Subject key identifier: 38:30:1E:27:D8:BE:3D:42:EE:F7:5B:2A:F7:84:13:01:88:4C:48:FF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F61
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ODAeJ9i-PULu91sq94QTAYhMSP8.roa
Signing time: Sat 04 May 2024 10:23:47 +0000
ROA not before: Sat 04 May 2024 10:23:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20321 (0x4f61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 10:23:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=38301E27D8BE3D42EEF75B2AF7841301884C48FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:75:5b:1b:87:ef:71:5e:5f:83:7e:61:89:6b:
5a:af:de:71:bf:bf:ff:9a:b7:ca:df:20:0a:7b:2f:
ba:5e:ec:26:ab:84:ab:4a:24:c3:3a:ff:d5:9d:ff:
16:90:b6:e2:37:a0:91:9b:23:61:6d:34:df:6a:43:
5a:1f:55:0e:9d:1a:7f:7d:18:14:41:ec:9c:c4:d7:
dd:c3:b6:c1:22:1d:44:ed:d8:54:03:ef:35:16:ae:
21:41:64:ef:25:e3:a6:15:ec:58:52:a2:bc:ea:c3:
a6:50:1b:7e:6f:de:34:0d:40:dd:de:dc:fc:9a:02:
ce:b0:6f:60:21:61:ac:93:c8:52:98:1a:c2:76:3c:
6b:34:07:76:a0:79:6d:08:12:fd:a3:19:12:c5:6a:
9d:69:78:8d:00:b0:76:78:1a:8a:38:9f:af:a7:b3:
5a:3c:67:80:d0:76:a6:7d:81:0b:a4:12:81:72:6d:
52:64:c1:63:5d:9b:3e:f8:dd:3a:89:57:91:90:08:
ca:55:54:3e:c0:61:b5:c1:31:b1:4a:cd:48:38:f0:
35:79:ea:ab:80:f6:6c:61:7d:cd:96:c2:74:df:cf:
94:9a:dc:bc:d0:3f:c3:bd:37:e9:f5:25:c7:b9:06:
90:66:39:59:6d:36:80:96:20:1f:cc:41:43:86:b0:
5c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:30:1E:27:D8:BE:3D:42:EE:F7:5B:2A:F7:84:13:01:88:4C:48:FF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ODAeJ9i-PULu91sq94QTAYhMSP8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
31:de:94:e3:12:a7:a9:42:41:66:48:96:16:f2:2d:3a:f2:33:
c2:76:59:62:64:70:e3:f5:dd:2e:0b:6f:82:7e:3e:90:89:67:
04:53:2e:44:7e:56:71:fe:5d:19:cc:f9:8b:0a:67:03:5d:74:
04:8c:f6:80:5d:bc:1d:cb:7b:31:0e:45:12:61:8d:de:f8:36:
24:ac:76:37:51:a6:15:e2:f6:0f:64:aa:3c:b8:91:4a:ba:70:
36:61:bf:94:35:6b:1a:b6:10:2c:68:1e:28:25:85:7a:88:0a:
3c:75:de:d6:de:8d:55:0e:38:d3:57:d2:e5:10:e5:35:dd:d2:
82:4c:7e:63:04:1f:16:ef:5a:25:b2:c2:9a:7c:50:ba:48:be:
a0:ca:90:da:54:e0:6d:01:46:71:7b:e8:e8:cd:bc:8a:40:3d:
8c:a2:70:3e:7a:cd:56:4e:55:3b:d6:1a:3a:61:17:74:fb:09:
04:cf:15:58:8c:0d:3d:fd:14:0a:28:a4:e1:d9:af:e5:80:78:
53:db:00:97:1d:7a:02:36:d7:04:bd:d7:a0:92:08:a8:94:6a:
cd:74:32:73:81:5d:ac:51:51:3f:28:c3:65:53:a5:b5:6b:8f:
56:ec:90:d0:11:15:26:37:54:f1:32:66:57:06:b6:2f:95:cf:
3c:32:00:19
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICT2EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQx
MDIzNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM4MzAxRTI3RDhCRTNE
NDJFRUY3NUIyQUY3ODQxMzAxODg0QzQ4RkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/dVsbh+9xXl+DfmGJa1qv3nG/v/+at8rfIAp7L7pe7CarhKtK
JMM6/9Wd/xaQtuI3oJGbI2FtNN9qQ1ofVQ6dGn99GBRB7JzE193DtsEiHUTt2FQD
7zUWriFBZO8l46YV7FhSorzqw6ZQG35v3jQNQN3e3PyaAs6wb2AhYayTyFKYGsJ2
PGs0B3ageW0IEv2jGRLFap1peI0AsHZ4Goo4n6+ns1o8Z4DQdqZ9gQukEoFybVJk
wWNdmz743TqJV5GQCMpVVD7AYbXBMbFKzUg48DV56quA9mxhfc2WwnTfz5Sa3LzQ
P8O9N+n1Jce5BpBmOVltNoCWIB/MQUOGsFx1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUODAeJ9i+PULu91sq94QTAYhMSP8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09EQWVKOWktUFVMdTkx
c3E5NFFUQVloTVNQOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADHelOMSp6lCQWZI
lhbyLTryM8J2WWJkcOP13S4Lb4J+PpCJZwRTLkR+VnH+XRnM+YsKZwNddASM9oBd
vB3LezEORRJhjd74NiSsdjdRphXi9g9kqjy4kUq6cDZhv5Q1axq2ECxoHiglhXqI
Cjx13tbejVUOONNX0uUQ5TXd0oJMfmMEHxbvWiWywpp8ULpIvqDKkNpU4G0BRnF7
6OjNvIpAPYyicD56zVZOVTvWGjphF3T7CQTPFViMDT39FAoopOHZr+WAeFPbAJcd
egI21wS916CSCKiUas10MnOBXaxRUT8ow2VTpbVrj1bskNARFSY3VPEyZlcGti+V
zzwyABk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:22 2024 by rpki-client on console-fra.rpki-client.org