Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OTlW9NKWf_CrHyvK7q0f-LPE8h8.roa
File: OTlW9NKWf_CrHyvK7q0f-LPE8h8.roa (raw, json)
Hash identifier: u8zYV3za2hp44P9NexLmYN1CNPuj59qsD6TyBtAq+xE=
Subject key identifier: 39:39:56:F4:D2:96:7F:F0:AB:1F:2B:CA:EE:AD:1F:F8:B3:C4:F2:1F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40D1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OTlW9NKWf_CrHyvK7q0f-LPE8h8.roa
Signing time: Mon 15 Apr 2024 00:22:52 +0000
ROA not before: Mon 15 Apr 2024 00:22:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16593 (0x40d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 00:22:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=393956F4D2967FF0AB1F2BCAEEAD1FF8B3C4F21F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0a:53:4d:3a:c0:8c:2f:1b:8d:1a:e9:38:60:
42:fb:80:13:dc:94:0d:fb:dd:fc:76:64:2a:9c:b2:
91:6f:24:61:33:09:aa:3e:1e:05:4d:89:81:64:38:
f0:20:1d:68:68:75:2d:23:a1:5e:49:31:15:42:85:
ed:ac:14:69:ca:7e:95:45:9f:95:45:36:07:24:e8:
2b:b2:81:58:2c:56:1c:4e:cf:c3:eb:e2:9e:f2:52:
e5:df:15:1a:2c:46:38:99:4d:8e:aa:58:81:b3:ca:
a0:f2:82:e4:67:f8:a8:04:57:d8:56:4c:b3:f1:59:
1b:f3:18:bc:a6:b8:4e:c9:78:6e:02:d5:e5:7a:f1:
ea:3c:9d:ee:ff:af:c7:49:32:9b:0f:25:be:11:4b:
38:46:49:1e:e2:af:57:93:52:30:38:64:e3:41:07:
89:db:0c:17:8c:41:9d:40:b4:27:64:cb:48:06:a5:
3a:2a:11:79:7b:55:7f:38:79:c6:ae:a9:34:0f:b0:
e1:a5:97:8e:9a:1d:5b:81:70:b1:7b:95:f8:25:1a:
38:91:30:09:31:f5:a7:04:b0:98:10:34:58:23:5d:
ab:44:0c:5b:8c:29:9d:3e:9b:08:24:b2:93:a9:ff:
6e:ea:f0:c7:71:57:ba:c8:a7:c3:e3:6d:68:aa:70:
ec:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:39:56:F4:D2:96:7F:F0:AB:1F:2B:CA:EE:AD:1F:F8:B3:C4:F2:1F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OTlW9NKWf_CrHyvK7q0f-LPE8h8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
67:f0:2f:55:a3:57:a7:51:70:b8:8d:40:f8:87:0c:ba:e2:90:
a6:0f:6c:f1:30:c0:ed:c3:be:12:27:77:1e:2a:6a:36:24:f4:
6e:37:b0:ac:1d:c8:2c:63:cb:d1:a6:96:27:b1:f6:70:3e:83:
00:05:c1:e7:28:e7:28:1a:9e:d5:61:ba:6a:92:bc:a1:11:93:
24:6a:7d:95:d8:cf:b6:13:f9:ef:74:ba:01:fa:be:c4:69:1e:
7d:4a:18:13:37:9d:ea:91:c9:c8:68:bf:7c:2e:48:64:84:0d:
ce:ef:f9:da:b6:fd:b6:f1:26:39:33:40:d3:30:07:5e:3f:6f:
21:9a:2d:90:a3:f2:89:96:a1:70:93:95:54:77:53:6a:11:b1:
99:3a:93:45:65:22:3f:97:2b:b5:02:4a:03:31:f5:79:78:b3:
9b:79:47:3a:9c:ea:36:1f:11:b0:41:0e:dc:1e:61:35:4a:62:
9c:1c:5d:5c:a0:a7:6e:2a:96:7b:8c:42:38:f9:d3:4b:d0:24:
98:18:fc:b1:91:27:a7:c6:85:ad:e4:07:3d:2d:34:db:71:74:
fb:09:f1:4b:c1:58:f6:54:93:c4:5f:22:a9:d0:57:db:7a:ab:
58:30:b3:44:51:f4:50:78:03:56:cd:27:1e:e9:3e:6d:97:50:
22:b8:c1:b8
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQNEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
MDIyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM5Mzk1NkY0RDI5NjdG
RjBBQjFGMkJDQUVFQUQxRkY4QjNDNEYyMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoClNNOsCMLxuNGuk4YEL7gBPclA373fx2ZCqcspFvJGEzCao+
HgVNiYFkOPAgHWhodS0joV5JMRVChe2sFGnKfpVFn5VFNgck6CuygVgsVhxOz8Pr
4p7yUuXfFRosRjiZTY6qWIGzyqDyguRn+KgEV9hWTLPxWRvzGLymuE7JeG4C1eV6
8eo8ne7/r8dJMpsPJb4RSzhGSR7ir1eTUjA4ZONBB4nbDBeMQZ1AtCdky0gGpToq
EXl7VX84ecauqTQPsOGll46aHVuBcLF7lfglGjiRMAkx9acEsJgQNFgjXatEDFuM
KZ0+mwgkspOp/27q8MdxV7rIp8PjbWiqcOyJAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUOTlW9NKWf/CrHyvK7q0f+LPE8h8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09UbFc5TktXZl9Dckh5
dks3cTBmLUxQRThoOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGfwL1WjV6dRcLiN
QPiHDLrikKYPbPEwwO3DvhIndx4qajYk9G43sKwdyCxjy9Gmliex9nA+gwAFweco
5ygantVhumqSvKERkyRqfZXYz7YT+e90ugH6vsRpHn1KGBM3neqRychov3wuSGSE
Dc7v+dq2/bbxJjkzQNMwB14/byGaLZCj8omWoXCTlVR3U2oRsZk6k0VlIj+XK7UC
SgMx9Xl4s5t5Rzqc6jYfEbBBDtweYTVKYpwcXVygp24qlnuMQjj500vQJJgY/LGR
J6fGha3kBz0tNNtxdPsJ8UvBWPZUk8RfIqnQV9t6q1gws0RR9FB4A1bNJx7pPm2X
UCK4wbg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:37 2024 by rpki-client on console-ams.rpki-client.org