Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/StxC88051Liz3EeUijei8bGaX9U.roa
File: StxC88051Liz3EeUijei8bGaX9U.roa (raw, json)
Hash identifier: HbpDMVLz6tcpTy4LkGlJtTSSAR9OX/gHhAmzu328iYI=
Subject key identifier: 4A:DC:42:F3:CD:39:D4:B8:B3:DC:47:94:8A:37:A2:F1:B1:9A:5F:D5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4295
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/StxC88051Liz3EeUijei8bGaX9U.roa
Signing time: Wed 17 Apr 2024 08:52:59 +0000
ROA not before: Wed 17 Apr 2024 08:52:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17045 (0x4295)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 08:52:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4ADC42F3CD39D4B8B3DC47948A37A2F1B19A5FD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ce:e9:7d:ca:01:b1:d5:f0:3f:54:a9:f6:b7:
c2:36:b2:5e:df:30:1b:2b:a8:26:bb:c7:98:9e:5b:
e7:1a:b4:f5:46:4f:6f:c6:86:99:c4:62:06:0b:6b:
83:2f:d9:12:08:01:22:87:01:dc:02:02:e6:f2:d1:
f6:9b:d4:69:02:02:15:5f:37:7f:aa:ce:7f:fc:9d:
6c:f9:35:a5:7d:31:ef:c6:0e:d2:e2:aa:7b:9e:53:
28:80:cf:a4:24:f4:a3:48:06:94:8c:c3:f1:12:42:
7c:2b:d1:da:b8:e8:07:68:99:20:d0:27:c0:9e:38:
61:0b:fd:95:0e:c9:14:e8:c1:4b:37:ae:96:7c:b3:
50:06:a5:a1:17:d4:a1:59:f5:b2:36:84:2f:b5:bd:
d5:16:dc:3f:65:da:fe:78:76:b4:fa:e9:e8:e7:10:
b8:79:40:5a:30:3a:42:bb:13:ce:0e:28:ba:28:c7:
5b:1e:8e:4c:0f:97:9c:a4:df:16:00:5f:74:d0:3f:
3e:7e:0f:46:de:c8:df:a2:4f:fa:44:15:67:ac:85:
fd:ec:d9:7d:4a:da:df:08:8a:43:8e:6f:9c:48:33:
9d:af:c1:e8:3a:91:1d:00:f3:81:a6:22:fc:ab:d7:
b5:84:04:83:c2:bd:62:39:09:af:9b:4a:41:e0:d1:
7c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DC:42:F3:CD:39:D4:B8:B3:DC:47:94:8A:37:A2:F1:B1:9A:5F:D5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/StxC88051Liz3EeUijei8bGaX9U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
58:a2:1e:4e:8e:47:87:e8:d1:88:e2:60:f5:60:7d:12:3d:88:
3d:96:a4:34:3e:c7:f4:1d:20:f1:45:90:4f:bf:38:4d:91:46:
c5:43:cc:10:24:31:cf:4b:58:80:fe:29:05:05:4d:ef:c6:ac:
b1:71:8b:b7:18:42:1c:fd:2a:4c:a7:f2:bf:61:7a:e8:b5:08:
88:c9:23:cf:97:23:48:bb:87:10:10:ab:a1:ec:d8:2f:e3:4f:
c5:c1:dc:42:5b:bf:e4:36:65:23:a0:27:c6:48:ab:54:20:10:
5e:30:26:94:fd:5e:0e:34:e4:58:b5:8c:c3:27:0d:06:fc:28:
2f:a1:2b:86:1c:6e:61:7c:d8:95:07:d3:02:05:4f:2c:d9:59:
7f:18:ea:41:3e:73:92:da:f9:c2:f6:04:84:07:43:61:70:cb:
1d:56:ce:76:1a:fc:7c:a3:bb:3c:38:4f:02:1d:8b:8c:dc:84:
2e:13:2d:8d:47:dd:57:dd:88:ce:ea:b5:66:66:31:51:33:c7:
6a:b6:cb:04:4e:66:51:2a:f4:6f:13:32:e2:31:39:ed:98:c5:
36:55:f4:33:95:54:a6:0c:ce:87:b8:96:21:d1:ff:24:c2:01:
37:9b:85:19:86:f7:93:bf:12:16:89:bd:62:0b:29:33:27:24:
fa:50:9e:49
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQpUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
ODUyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRBREM0MkYzQ0QzOUQ0
QjhCM0RDNDc5NDhBMzdBMkYxQjE5QTVGRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIzul9ygGx1fA/VKn2t8I2sl7fMBsrqCa7x5ieW+catPVGT2/G
hpnEYgYLa4Mv2RIIASKHAdwCAuby0fab1GkCAhVfN3+qzn/8nWz5NaV9Me/GDtLi
qnueUyiAz6Qk9KNIBpSMw/ESQnwr0dq46AdomSDQJ8CeOGEL/ZUOyRTowUs3rpZ8
s1AGpaEX1KFZ9bI2hC+1vdUW3D9l2v54drT66ejnELh5QFowOkK7E84OKLoox1se
jkwPl5yk3xYAX3TQPz5+D0beyN+iT/pEFWeshf3s2X1K2t8IikOOb5xIM52vweg6
kR0A84GmIvyr17WEBIPCvWI5Ca+bSkHg0XxXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUStxC88051Liz3EeUijei8bGaX9UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1N0eEM4ODA1MUxpejNF
ZVVpamVpOGJHYVg5VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFiiHk6OR4fo0Yji
YPVgfRI9iD2WpDQ+x/QdIPFFkE+/OE2RRsVDzBAkMc9LWID+KQUFTe/GrLFxi7cY
Qhz9Kkyn8r9heui1CIjJI8+XI0i7hxAQq6Hs2C/jT8XB3EJbv+Q2ZSOgJ8ZIq1Qg
EF4wJpT9Xg405Fi1jMMnDQb8KC+hK4YcbmF82JUH0wIFTyzZWX8Y6kE+c5La+cL2
BIQHQ2Fwyx1WznYa/Hyjuzw4TwIdi4zchC4TLY1H3VfdiM7qtWZmMVEzx2q2ywRO
ZlEq9G8TMuIxOe2YxTZV9DOVVKYMzoe4liHR/yTCATebhRmG95O/EhaJvWILKTMn
JPpQnkk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:26 2024 by rpki-client on console-fra.rpki-client.org