Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OFSIxVZYlPatUVTVfystjS60Q7s.roa
File: OFSIxVZYlPatUVTVfystjS60Q7s.roa (raw, json)
Hash identifier: wrJpF6taEIibdigPvlfZ2gA5Phk48EfLpqQtX8hRFuE=
Subject key identifier: 38:54:88:C5:56:58:94:F6:AD:51:54:D5:7F:2B:2D:8D:2E:B4:43:BB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4271
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OFSIxVZYlPatUVTVfystjS60Q7s.roa
Signing time: Wed 17 Apr 2024 04:22:58 +0000
ROA not before: Wed 17 Apr 2024 04:22:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17009 (0x4271)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 04:22:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=385488C5565894F6AD5154D57F2B2D8D2EB443BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bd:2b:a0:72:a8:40:87:6c:c8:3d:97:9e:50:
f3:e2:61:2f:7f:4e:7f:8e:03:25:aa:42:30:0a:9f:
3e:fa:1a:f7:f5:79:a9:51:0b:5c:ba:f9:8b:1f:3b:
f8:b8:2c:1d:8a:05:bf:64:cd:23:08:16:00:42:68:
e9:46:79:33:bd:2b:96:0b:77:c2:e1:6f:66:16:3b:
ef:c3:46:ab:70:62:b1:da:76:39:e7:f8:74:f6:d5:
c6:31:a7:67:5e:ed:6e:f3:db:e4:80:e7:00:fa:53:
52:10:54:13:13:cc:1e:8a:4b:ec:1e:91:52:a4:9f:
5f:a7:f5:94:38:e4:20:da:fd:07:8b:b4:c5:f4:75:
80:31:b0:71:70:dc:bf:30:68:86:85:20:97:42:0b:
7e:12:62:e1:14:39:f2:5c:49:2f:6e:c2:19:7e:e8:
66:f0:ea:c9:cd:6e:45:59:63:02:78:23:49:64:96:
2d:f6:32:ac:00:2a:7e:32:93:27:1b:b5:a4:ff:3e:
5b:71:8d:d1:90:7e:66:eb:f0:5e:09:55:c5:af:ec:
13:55:2b:0f:aa:4d:45:4a:f7:75:5f:b3:64:18:15:
f5:c5:58:38:d8:9f:05:34:f1:36:06:1c:17:98:24:
17:5f:11:f1:ba:8a:df:1a:29:fd:61:ff:34:14:f2:
62:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:54:88:C5:56:58:94:F6:AD:51:54:D5:7F:2B:2D:8D:2E:B4:43:BB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OFSIxVZYlPatUVTVfystjS60Q7s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1d:77:44:f3:0f:e7:e1:cb:d1:7a:09:28:24:68:a7:70:ec:2f:
05:0b:b4:90:a5:e0:55:b7:c3:44:93:08:49:73:03:0b:62:91:
d2:58:98:0c:17:43:2f:fa:5f:7d:47:39:2a:04:28:4b:f6:2d:
0d:e7:55:e7:ea:71:ef:59:d3:8e:e5:7a:be:02:f7:3a:b3:e7:
be:87:1c:af:03:30:3f:a9:cd:e4:c1:ad:39:8e:1a:44:14:0f:
f4:a1:f9:ab:4f:11:ed:63:69:58:ff:b3:02:4e:3f:25:60:dd:
48:98:25:ca:c3:1e:9e:de:08:e4:64:e2:3f:5f:fb:c5:49:53:
d8:c5:60:ad:8e:f4:ad:d3:1f:35:a8:34:51:b2:73:c6:e1:c8:
27:21:70:ba:8a:01:4b:d1:a1:0a:d8:fa:02:16:a2:17:19:99:
3f:51:18:0e:f3:84:5a:91:76:f7:fc:ff:c6:77:26:48:f2:10:
bd:fe:72:0f:ac:23:7b:79:2c:93:b6:17:2f:85:21:25:94:53:
7d:ca:62:0d:82:03:61:d6:53:89:dd:4a:fe:02:37:43:c8:51:
d5:d3:29:9f:3f:36:43:94:b0:c4:9f:ba:40:78:16:6f:11:cc:
fd:d6:10:e0:dc:d1:5e:b8:bc:d3:1a:83:f5:a2:5b:be:fd:2f:
04:a8:20:d3
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQnEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
NDIyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM4NTQ4OEM1NTY1ODk0
RjZBRDUxNTRENTdGMkIyRDhEMkVCNDQzQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/vSugcqhAh2zIPZeeUPPiYS9/Tn+OAyWqQjAKnz76Gvf1ealR
C1y6+YsfO/i4LB2KBb9kzSMIFgBCaOlGeTO9K5YLd8Lhb2YWO+/DRqtwYrHadjnn
+HT21cYxp2de7W7z2+SA5wD6U1IQVBMTzB6KS+wekVKkn1+n9ZQ45CDa/QeLtMX0
dYAxsHFw3L8waIaFIJdCC34SYuEUOfJcSS9uwhl+6Gbw6snNbkVZYwJ4I0lkli32
MqwAKn4ykycbtaT/PltxjdGQfmbr8F4JVcWv7BNVKw+qTUVK93Vfs2QYFfXFWDjY
nwU08TYGHBeYJBdfEfG6it8aKf1h/zQU8mLXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUOFSIxVZYlPatUVTVfystjS60Q7swHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09GU0l4VlpZbFBhdFVW
VFZmeXN0alM2MFE3cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAB13RPMP5+HL0XoJ
KCRop3DsLwULtJCl4FW3w0STCElzAwtikdJYmAwXQy/6X31HOSoEKEv2LQ3nVefq
ce9Z047ler4C9zqz576HHK8DMD+pzeTBrTmOGkQUD/Sh+atPEe1jaVj/swJOPyVg
3UiYJcrDHp7eCORk4j9f+8VJU9jFYK2O9K3THzWoNFGyc8bhyCchcLqKAUvRoQrY
+gIWohcZmT9RGA7zhFqRdvf8/8Z3JkjyEL3+cg+sI3t5LJO2Fy+FISWUU33KYg2C
A2HWU4ndSv4CN0PIUdXTKZ8/NkOUsMSfukB4Fm8RzP3WEODc0V64vNMag/WiW779
LwSoINM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:36 2024 by rpki-client on console-ams.rpki-client.org