Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QVtbdWIijnhma70q6OlDRfozGs0.roa
File: QVtbdWIijnhma70q6OlDRfozGs0.roa (raw, json)
Hash identifier: ZtB3eXokIIG2/DpdvB5XRWV4KJg6JP9EL80b9XYFjXU=
Subject key identifier: 41:5B:5B:75:62:22:8E:78:66:6B:BD:2A:E8:E9:43:45:FA:33:1A:CD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4C31
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QVtbdWIijnhma70q6OlDRfozGs0.roa
Signing time: Tue 30 Apr 2024 04:23:52 +0000
ROA not before: Tue 30 Apr 2024 04:23:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19505 (0x4c31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 04:23:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=415B5B7562228E78666BBD2AE8E94345FA331ACD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:72:8e:45:fc:e0:43:3a:4c:2f:be:37:b4:43:
2a:a6:f0:19:6c:66:91:1e:0d:4e:79:0a:c0:13:6b:
50:c7:ab:1c:65:a0:2d:a7:d2:c3:1a:1d:15:75:73:
1a:05:88:28:af:f3:11:5d:4d:63:90:42:20:11:2e:
71:89:34:06:55:a2:c5:0e:1b:aa:1c:cc:b1:05:1b:
11:42:14:2f:e9:de:ce:a5:a2:79:48:08:68:11:a9:
05:90:b2:b0:58:a9:66:9f:9f:56:7d:65:05:ef:d9:
94:20:cb:39:84:93:5e:c8:ae:43:41:d1:5a:f1:de:
68:01:c7:e1:30:e4:f7:6d:18:63:b9:d6:df:a2:1f:
82:e9:b7:51:4a:c8:32:9a:4d:76:8d:a2:98:0c:55:
48:a2:b3:26:85:39:ad:66:dc:72:f4:cc:84:9c:c4:
e6:88:da:4c:c9:c7:9b:d8:57:3e:e4:30:7b:ad:0e:
58:f5:d1:a2:2a:7b:00:e7:47:54:36:13:45:39:71:
a4:26:14:9c:b0:c3:90:14:df:4b:b3:b0:1c:4e:27:
8d:3d:73:1e:06:b5:ea:d9:0a:63:54:31:5f:f5:cd:
76:68:a4:48:0f:d9:76:ae:fe:c4:87:66:a5:7e:3e:
db:93:45:2a:bf:d1:9a:ed:da:5a:c9:b6:f3:df:46:
2e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:5B:5B:75:62:22:8E:78:66:6B:BD:2A:E8:E9:43:45:FA:33:1A:CD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QVtbdWIijnhma70q6OlDRfozGs0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
17:98:ae:09:54:89:16:55:9a:51:61:39:59:e5:2d:55:02:2e:
62:37:84:46:2e:de:60:cc:98:bf:2e:58:b1:01:05:7f:58:4b:
08:2f:7b:ae:02:50:ad:1e:c7:63:6a:86:0f:1a:5c:6e:5e:0e:
01:2c:11:22:1c:7a:6e:d7:9c:48:47:42:5e:15:dd:c9:41:e5:
29:ba:ba:3a:67:85:ca:cc:bd:7e:18:29:55:2f:16:25:a9:e7:
f6:62:fb:80:49:70:e0:01:ca:6f:9b:d7:e9:f0:f4:ae:8a:46:
f2:93:1f:d1:bd:88:f3:9b:20:e6:89:c9:e8:c0:df:ef:7c:3f:
6e:ae:6c:3c:35:e9:e2:32:fa:3e:93:1d:35:17:1b:05:a3:ee:
34:3b:4c:ce:c2:df:ba:6b:c2:b3:b0:7c:e9:56:5f:9a:e2:c7:
a2:ac:f5:cf:b2:84:83:e9:b3:fc:7f:36:06:03:e8:b7:3a:92:
40:1f:75:6f:a3:a1:24:13:bb:a3:78:50:24:24:d3:e0:93:87:
b7:e8:9c:77:f4:60:21:83:fd:6a:98:10:61:00:65:34:f2:5a:
a6:01:37:36:e5:f8:de:29:70:92:ed:74:c5:68:cd:a2:68:11:
a1:c9:eb:37:97:eb:6a:ab:00:2b:f2:d9:30:99:8c:2e:4b:49:
f4:9f:a5:ca
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTDEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAw
NDIzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxNUI1Qjc1NjIyMjhF
Nzg2NjZCQkQyQUU4RTk0MzQ1RkEzMzFBQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1co5F/OBDOkwvvje0Qyqm8BlsZpEeDU55CsATa1DHqxxloC2n
0sMaHRV1cxoFiCiv8xFdTWOQQiARLnGJNAZVosUOG6oczLEFGxFCFC/p3s6lonlI
CGgRqQWQsrBYqWafn1Z9ZQXv2ZQgyzmEk17IrkNB0Vrx3mgBx+Ew5PdtGGO51t+i
H4Lpt1FKyDKaTXaNopgMVUiisyaFOa1m3HL0zIScxOaI2kzJx5vYVz7kMHutDlj1
0aIqewDnR1Q2E0U5caQmFJyww5AU30uzsBxOJ409cx4GterZCmNUMV/1zXZopEgP
2Xau/sSHZqV+PtuTRSq/0Zrt2lrJtvPfRi7/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUQVtbdWIijnhma70q6OlDRfozGs0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FWdGJkV0lpam5obWE3
MHE2T2xEUmZvekdzMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABeYrglUiRZVmlFh
OVnlLVUCLmI3hEYu3mDMmL8uWLEBBX9YSwgve64CUK0ex2Nqhg8aXG5eDgEsESIc
em7XnEhHQl4V3clB5Sm6ujpnhcrMvX4YKVUvFiWp5/Zi+4BJcOABym+b1+nw9K6K
RvKTH9G9iPObIOaJyejA3+98P26ubDw16eIy+j6THTUXGwWj7jQ7TM7C37prwrOw
fOlWX5rix6Ks9c+yhIPps/x/NgYD6Lc6kkAfdW+joSQTu6N4UCQk0+CTh7fonHf0
YCGD/WqYEGEAZTTyWqYBNzbl+N4pcJLtdMVozaJoEaHJ6zeX62qrACvy2TCZjC5L
SfSfpco=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:24 2024 by rpki-client on console-fra.rpki-client.org