Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Tcl4puzddf0ohn1cb42lsGbU2Xg.roa
File: Tcl4puzddf0ohn1cb42lsGbU2Xg.roa (raw, json)
Hash identifier: 1vjj91RyiUvm0Zs4ysy/CDfurmA/1avj75S7g3ytjHw=
Subject key identifier: 4D:C9:78:A6:EC:DD:75:FD:28:86:7D:5C:6F:8D:A5:B0:66:D4:D9:78
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 346D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Tcl4puzddf0ohn1cb42lsGbU2Xg.roa
Signing time: Fri 29 Mar 2024 11:52:05 +0000
ROA not before: Fri 29 Mar 2024 11:52:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13421 (0x346d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 11:52:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4DC978A6ECDD75FD28867D5C6F8DA5B066D4D978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7b:ed:71:1e:97:e8:5e:1c:f2:65:81:2d:c7:
d7:68:df:ed:bd:8a:47:d8:c2:9d:d1:7f:a1:10:a5:
e0:f5:83:81:f3:ac:c4:ea:9a:5f:5d:ea:69:53:05:
ea:26:3d:f9:96:08:2d:b9:d2:6b:f1:e1:d4:34:33:
27:57:bf:8c:b5:f7:fe:d9:df:19:fe:c3:ee:bb:59:
05:f5:12:db:48:49:f1:88:fc:39:3a:e0:e8:e2:f6:
ed:b1:b9:2b:d2:de:be:2a:f8:d9:9c:82:64:64:7b:
f0:9b:f3:3a:fc:96:71:3a:7f:20:e4:fe:bf:66:63:
96:f4:fd:a0:db:c2:34:b3:09:c3:27:e0:2f:b4:71:
81:5e:fa:40:99:fb:7b:ac:7f:46:04:24:76:95:18:
4f:02:5c:1a:3c:1f:73:2e:d3:2d:fc:d6:f0:53:86:
fb:d7:fd:a7:71:62:77:ce:0d:69:a8:70:e4:86:7c:
e0:49:c0:8e:37:e7:e1:6e:8d:2b:63:61:a1:f3:d9:
c2:af:71:7b:79:c2:81:8c:65:da:58:51:df:22:4b:
b2:d7:f0:72:2f:93:a3:2f:83:97:cd:d5:53:40:cc:
d3:4f:4c:ea:05:67:d3:72:c2:0e:e9:9d:b8:d9:15:
d0:52:73:cc:c8:25:5e:ef:fa:db:c2:ae:ff:2e:15:
6c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C9:78:A6:EC:DD:75:FD:28:86:7D:5C:6F:8D:A5:B0:66:D4:D9:78
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Tcl4puzddf0ohn1cb42lsGbU2Xg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1b:77:c1:16:cd:11:57:f1:0e:fb:74:5e:8a:84:13:57:cc:de:
93:87:0a:b6:b7:38:28:25:f5:10:94:34:8a:7b:4e:43:9d:31:
74:85:1d:59:ec:31:67:df:48:bb:a9:3f:fb:09:fc:03:c3:23:
17:7a:52:9f:b6:1f:ea:f0:60:a8:37:9a:38:58:f9:97:ef:8a:
07:e7:2f:00:4c:21:4a:b8:16:28:86:e9:f8:e0:83:f4:7b:8d:
e1:5f:98:f6:59:40:08:26:09:bd:d4:37:18:2c:e8:49:ce:11:
84:0f:dc:a9:d9:42:1a:81:59:b9:7d:ad:e8:8f:fa:c2:a7:e8:
62:a9:ce:da:e4:a6:05:bc:c3:4b:8f:39:9d:20:8f:5a:92:c4:
02:83:35:6f:39:97:11:44:c8:7e:31:ed:54:fe:7e:de:74:c9:
ac:f1:37:b8:d3:d7:fc:58:2d:40:ee:35:ac:14:05:f8:48:e1:
98:e4:5e:ef:fd:c6:ed:a0:c8:33:a4:af:26:fd:9b:d9:aa:de:
db:f4:6a:3b:8a:74:6b:05:89:42:19:9c:7b:dd:69:86:9f:6d:
08:7f:23:c3:fa:38:fe:f9:9f:76:72:a5:cf:0a:85:be:6a:f8:
24:6d:90:91:c4:5e:07:2a:52:a2:91:19:8d:33:19:3f:55:7d:
6c:20:99:04
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNG0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkx
MTUyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDREQzk3OEE2RUNERDc1
RkQyODg2N0Q1QzZGOERBNUIwNjZENEQ5NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5e+1xHpfoXhzyZYEtx9do3+29ikfYwp3Rf6EQpeD1g4HzrMTq
ml9d6mlTBeomPfmWCC250mvx4dQ0MydXv4y19/7Z3xn+w+67WQX1EttISfGI/Dk6
4Oji9u2xuSvS3r4q+NmcgmRke/Cb8zr8lnE6fyDk/r9mY5b0/aDbwjSzCcMn4C+0
cYFe+kCZ+3usf0YEJHaVGE8CXBo8H3Mu0y381vBThvvX/adxYnfODWmocOSGfOBJ
wI435+FujStjYaHz2cKvcXt5woGMZdpYUd8iS7LX8HIvk6Mvg5fN1VNAzNNPTOoF
Z9Nywg7pnbjZFdBSc8zIJV7v+tvCrv8uFWyTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUTcl4puzddf0ohn1cb42lsGbU2XgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RjbDRwdXpkZGYwb2hu
MWNiNDJsc0diVTJYZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABt3wRbNEVfxDvt0
XoqEE1fM3pOHCra3OCgl9RCUNIp7TkOdMXSFHVnsMWffSLupP/sJ/APDIxd6Up+2
H+rwYKg3mjhY+ZfvigfnLwBMIUq4FiiG6fjgg/R7jeFfmPZZQAgmCb3UNxgs6EnO
EYQP3KnZQhqBWbl9reiP+sKn6GKpztrkpgW8w0uPOZ0gj1qSxAKDNW85lxFEyH4x
7VT+ft50yazxN7jT1/xYLUDuNawUBfhI4ZjkXu/9xu2gyDOkryb9m9mq3tv0ajuK
dGsFiUIZnHvdaYafbQh/I8P6OP75n3Zypc8Khb5q+CRtkJHEXgcqUqKRGY0zGT9V
fWwgmQQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:27 2024 by rpki-client on console-fra.rpki-client.org