Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Opn5rBrnlhYvN7Zkzt8rZ1ijuV0.roa
File: Opn5rBrnlhYvN7Zkzt8rZ1ijuV0.roa (raw, json)
Hash identifier: B/zGn7a7qTqWSV/0YEDun4BTBp6iqsqcN6IG1uapeIY=
Subject key identifier: 3A:99:F9:AC:1A:E7:96:16:2F:37:B6:64:CE:DF:2B:67:58:A3:B9:5D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3985
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Opn5rBrnlhYvN7Zkzt8rZ1ijuV0.roa
Signing time: Fri 05 Apr 2024 06:52:29 +0000
ROA not before: Fri 05 Apr 2024 06:52:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14725 (0x3985)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 06:52:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3A99F9AC1AE796162F37B664CEDF2B6758A3B95D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fa:58:1b:d0:43:5b:90:ca:ff:57:cc:f1:ee:
d8:a1:7b:2a:4e:99:cc:c5:66:06:cc:b4:41:24:a0:
d9:08:27:ab:c5:08:e2:8a:8f:4e:a4:65:c4:0e:28:
a5:dc:4e:ff:c5:31:c9:a0:7e:d1:4a:12:2d:f6:94:
40:b4:0c:37:67:e2:ce:0f:18:0a:e9:15:3f:6c:e6:
75:e4:fc:9f:90:3b:4f:a9:06:ce:89:13:c0:f8:31:
59:b9:2c:6b:a8:6b:bc:41:2e:ee:85:ac:e4:39:b3:
e9:c1:74:27:9f:6e:01:07:74:55:1f:79:10:ff:4f:
97:04:56:2f:ff:69:54:57:2d:69:b0:f4:2b:04:b5:
26:93:aa:4c:9c:5c:38:71:e2:f8:37:e3:f6:f9:9c:
4b:62:05:76:9d:dd:ff:57:d0:2b:f5:84:b1:61:a3:
bf:a4:f2:c8:ea:3d:18:5d:09:f8:f8:f6:a7:68:10:
b2:d3:4e:8b:0e:6f:80:b6:3d:98:08:d3:36:02:e5:
d6:2a:17:06:26:ef:9f:00:d3:3b:43:8b:33:1c:e6:
9e:db:76:22:b9:e6:37:a4:e2:0b:8d:23:cd:73:78:
f1:11:ad:c4:08:97:73:5b:9a:ac:f8:44:38:35:41:
ac:c8:6e:b9:11:b6:6b:9b:a8:b0:45:5a:31:7f:26:
c6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:99:F9:AC:1A:E7:96:16:2F:37:B6:64:CE:DF:2B:67:58:A3:B9:5D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Opn5rBrnlhYvN7Zkzt8rZ1ijuV0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3c:aa:74:ad:93:07:a7:ae:81:d9:6b:05:2c:c0:40:3d:1b:b5:
53:89:03:0e:e9:f3:ca:45:72:b8:4d:d0:ef:f0:30:0f:37:25:
7a:14:cd:77:77:62:d0:68:9b:dc:a5:b7:b8:15:7d:7d:07:a6:
a9:f3:a8:84:f9:62:67:41:48:33:6a:78:52:24:b2:41:79:66:
2f:02:61:86:c4:26:75:08:d9:97:bd:44:74:7a:39:6a:9e:01:
1a:c9:5d:af:45:d9:d7:44:10:62:d2:3d:d2:07:ae:e2:87:b4:
19:b9:e5:99:e1:44:a6:a3:20:66:78:60:0b:15:1e:c6:bb:a0:
22:78:3c:35:9e:5c:86:6b:c9:82:b7:82:99:e3:a1:48:0b:5f:
43:98:9b:c5:ed:8d:76:e1:8d:db:86:33:4a:a4:1e:af:f4:e7:
bf:32:ac:3a:5d:23:a1:93:5a:82:8e:41:dd:35:85:72:f0:1a:
2f:1e:ef:50:8d:93:4d:95:2a:5b:2a:a9:f0:99:48:c6:78:0c:
5b:ab:b9:08:65:1f:59:0e:4e:93:33:79:7e:9c:73:78:91:03:
bf:44:d8:3c:fc:b3:ee:df:0e:20:b1:14:8a:52:83:28:69:c2:
e2:be:6c:ed:bf:57:c0:5e:4d:de:25:26:d0:e8:70:ef:f0:e6:
0d:b8:76:e7
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOYUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
NjUyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNBOTlGOUFDMUFFNzk2
MTYyRjM3QjY2NENFREYyQjY3NThBM0I5NUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA+lgb0ENbkMr/V8zx7tiheypOmczFZgbMtEEkoNkIJ6vFCOKK
j06kZcQOKKXcTv/FMcmgftFKEi32lEC0DDdn4s4PGArpFT9s5nXk/J+QO0+pBs6J
E8D4MVm5LGuoa7xBLu6FrOQ5s+nBdCefbgEHdFUfeRD/T5cEVi//aVRXLWmw9CsE
tSaTqkycXDhx4vg34/b5nEtiBXad3f9X0Cv1hLFho7+k8sjqPRhdCfj49qdoELLT
TosOb4C2PZgI0zYC5dYqFwYm758A0ztDizMc5p7bdiK55jek4guNI81zePERrcQI
l3Nbmqz4RDg1QazIbrkRtmubqLBFWjF/JsaLAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUOpn5rBrnlhYvN7Zkzt8rZ1ijuV0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09wbjVyQnJubGhZdk43
Wmt6dDhyWjFpanVWMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADyqdK2TB6eugdlr
BSzAQD0btVOJAw7p88pFcrhN0O/wMA83JXoUzXd3YtBom9ylt7gVfX0HpqnzqIT5
YmdBSDNqeFIkskF5Zi8CYYbEJnUI2Ze9RHR6OWqeARrJXa9F2ddEEGLSPdIHruKH
tBm55ZnhRKajIGZ4YAsVHsa7oCJ4PDWeXIZryYK3gpnjoUgLX0OYm8XtjXbhjduG
M0qkHq/0578yrDpdI6GTWoKOQd01hXLwGi8e71CNk02VKlsqqfCZSMZ4DFuruQhl
H1kOTpMzeX6cc3iRA79E2Dz8s+7fDiCxFIpSgyhpwuK+bO2/V8BeTd4lJtDocO/w
5g24duc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:23 2024 by rpki-client on console-fra.rpki-client.org