Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TbKHn43acso6BumSAcKOe2ZyUt8.roa
File: TbKHn43acso6BumSAcKOe2ZyUt8.roa (raw, json)
Hash identifier: 5lKs6FUqlcPjgFGfpbELPw4+mVQQkuNGX31v/osnRvQ=
Subject key identifier: 4D:B2:87:9F:8D:DA:72:CA:3A:06:E9:92:01:C2:8E:7B:66:72:52:DF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4C59
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TbKHn43acso6BumSAcKOe2ZyUt8.roa
Signing time: Tue 30 Apr 2024 09:23:32 +0000
ROA not before: Tue 30 Apr 2024 09:23:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19545 (0x4c59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 09:23:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4DB2879F8DDA72CA3A06E99201C28E7B667252DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ad:b6:8f:a8:7b:b4:b6:55:7b:00:51:f2:7b:
7a:ca:50:98:1d:09:7d:90:c7:0b:3e:6b:92:90:7a:
c8:e0:f6:90:6d:96:31:a1:55:17:62:da:85:d3:52:
2a:06:79:25:1a:1c:51:d9:5a:0b:25:11:8e:08:c7:
26:69:a1:f5:e2:3e:37:4a:0f:a9:1f:b4:29:69:9f:
29:05:45:26:3d:44:61:19:13:ae:fe:1e:c4:20:ef:
d4:a3:71:4d:f8:79:d0:2a:43:5c:78:42:98:54:14:
ab:e0:ef:39:19:91:48:6f:26:12:7c:40:38:cf:d9:
23:71:c8:6b:8a:4d:14:fb:a2:bf:e2:bc:e6:45:9c:
12:ce:44:28:58:5c:7a:1e:1c:99:2a:fc:3c:74:c9:
53:07:1d:f0:a7:a0:c2:cf:83:c7:c6:22:3f:93:f5:
73:21:94:86:25:35:79:68:ce:05:6d:29:5f:06:25:
a0:0d:b7:53:20:1c:e9:df:ba:40:76:b6:90:40:a5:
5f:17:e2:9a:d9:b1:c1:ee:de:9e:c3:60:44:85:17:
16:51:04:8b:c3:c4:34:48:d0:ac:8c:17:14:e7:5d:
2e:90:be:73:db:b7:1a:31:af:b6:ec:06:88:d5:9c:
25:82:0b:23:f7:44:df:1e:53:0a:3e:fc:66:94:e8:
6e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B2:87:9F:8D:DA:72:CA:3A:06:E9:92:01:C2:8E:7B:66:72:52:DF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TbKHn43acso6BumSAcKOe2ZyUt8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
39:bd:90:dc:ef:fe:94:27:9e:7d:0d:34:b9:25:47:94:b2:6a:
8d:e4:de:d5:8f:06:b5:af:f8:47:62:84:19:84:cb:dc:b0:eb:
66:90:38:04:f1:db:d5:d8:fc:dc:d1:60:fb:50:52:83:5b:74:
de:e0:85:ed:91:c5:d0:4e:f1:31:3e:fc:f1:41:5e:a3:36:19:
ae:2a:fb:b8:5b:b2:8b:f1:ff:b8:b9:58:9c:96:8b:e0:fa:ed:
de:43:70:cb:60:68:24:84:45:a7:9c:81:cf:57:ef:fc:ef:64:
2a:55:58:7a:bc:ab:62:e9:33:25:6a:cf:5b:91:35:9d:81:ed:
23:28:24:3b:33:5b:b5:ed:f4:69:c9:fe:52:47:74:fb:31:48:
e1:77:0f:3a:f5:c6:9d:6f:b2:9f:64:15:9d:bd:e1:6e:f2:de:
31:44:18:14:1a:cd:e8:2a:8f:ea:ad:07:ae:9d:1d:83:dc:55:
2b:62:79:e1:73:0a:47:1a:12:e4:29:57:b0:7c:8e:79:ce:40:
2d:86:3d:54:01:53:80:9e:50:eb:bc:45:3a:08:c3:42:74:c6:
d9:80:f2:65:26:69:55:ac:9c:c8:d9:e1:f8:04:d1:6f:cd:7f:
2f:4c:c2:dc:95:67:63:19:98:ed:86:29:d5:32:06:b1:00:26:
ee:8f:f2:f9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAw
OTIzMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDREQjI4NzlGOEREQTcy
Q0EzQTA2RTk5MjAxQzI4RTdCNjY3MjUyREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClrbaPqHu0tlV7AFHye3rKUJgdCX2Qxws+a5KQesjg9pBtljGh
VRdi2oXTUioGeSUaHFHZWgslEY4IxyZpofXiPjdKD6kftClpnykFRSY9RGEZE67+
HsQg79SjcU34edAqQ1x4QphUFKvg7zkZkUhvJhJ8QDjP2SNxyGuKTRT7or/ivOZF
nBLORChYXHoeHJkq/Dx0yVMHHfCnoMLPg8fGIj+T9XMhlIYlNXlozgVtKV8GJaAN
t1MgHOnfukB2tpBApV8X4prZscHu3p7DYESFFxZRBIvDxDRI0KyMFxTnXS6QvnPb
txoxr7bsBojVnCWCCyP3RN8eUwo+/GaU6G4VAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUTbKHn43acso6BumSAcKOe2ZyUt8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RiS0huNDNhY3NvNkJ1
bVNBY0tPZTJaeVV0OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADm9kNzv/pQnnn0N
NLklR5Syao3k3tWPBrWv+EdihBmEy9yw62aQOATx29XY/NzRYPtQUoNbdN7ghe2R
xdBO8TE+/PFBXqM2Ga4q+7hbsovx/7i5WJyWi+D67d5DcMtgaCSERaecgc9X7/zv
ZCpVWHq8q2LpMyVqz1uRNZ2B7SMoJDszW7Xt9GnJ/lJHdPsxSOF3Dzr1xp1vsp9k
FZ294W7y3jFEGBQazegqj+qtB66dHYPcVStieeFzCkcaEuQpV7B8jnnOQC2GPVQB
U4CeUOu8RToIw0J0xtmA8mUmaVWsnMjZ4fgE0W/Nfy9MwtyVZ2MZmO2GKdUyBrEA
Ju6P8vk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:27 2024 by rpki-client on console-fra.rpki-client.org