Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Tn8JmBaW2Y7eaw8bchZfNqrmJ2M.roa
File: Tn8JmBaW2Y7eaw8bchZfNqrmJ2M.roa (raw, json)
Hash identifier: 4nZEAsGi4GavYt58jepsrzfp2gqcc8KX3KvRdffJpKM=
Subject key identifier: 4E:7F:09:98:16:96:D9:8E:DE:6B:0F:1B:72:16:5F:36:AA:E6:27:63
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3871
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Tn8JmBaW2Y7eaw8bchZfNqrmJ2M.roa
Signing time: Wed 03 Apr 2024 20:22:22 +0000
ROA not before: Wed 03 Apr 2024 20:22:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14449 (0x3871)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 20:22:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4E7F09981696D98EDE6B0F1B72165F36AAE62763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:72:d2:d2:c5:9b:dc:60:8e:04:0e:15:5a:34:
95:c8:61:72:e4:1a:be:71:3f:23:ee:ee:4c:74:8f:
c9:d7:fb:be:50:39:21:76:8c:20:38:fc:9f:15:b0:
84:25:72:c7:ff:06:17:e7:1b:2f:a7:be:50:4c:a5:
ff:4b:ae:26:f6:45:e8:b3:70:1c:e6:98:29:69:b1:
66:d2:bf:f5:f0:9b:e5:ee:b6:dd:1a:7d:a6:3d:47:
3b:87:76:57:3e:63:91:13:4c:89:13:7c:f5:ff:e9:
35:0b:40:33:20:55:d3:a6:3d:6f:20:9e:9c:98:90:
fa:35:ea:49:d4:68:7c:66:a6:5e:56:1d:91:c5:cb:
58:48:e1:d1:58:ae:87:33:55:92:3f:f8:00:51:4c:
b2:33:87:13:0c:16:88:71:96:11:07:13:f9:55:62:
bb:58:21:5b:dc:5e:35:85:ed:c6:0a:c9:c1:8d:a7:
01:8a:f2:2f:0d:e0:77:71:e9:67:09:5b:24:e1:67:
d0:48:f1:d9:5b:5a:49:ce:cb:6f:c1:78:4c:f5:f5:
ed:37:23:fb:5c:05:b0:4e:4d:d5:41:ed:4e:63:d8:
b2:89:38:65:d0:4d:98:90:79:56:e6:8d:99:f1:6c:
60:91:f2:a3:20:c8:20:01:eb:8e:3d:d3:3f:03:4d:
0f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7F:09:98:16:96:D9:8E:DE:6B:0F:1B:72:16:5F:36:AA:E6:27:63
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Tn8JmBaW2Y7eaw8bchZfNqrmJ2M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:23:dc:38:21:75:2a:77:78:23:d4:10:d4:55:5d:f8:35:a7:
0b:42:39:e2:f6:4f:61:5d:0f:63:33:52:d2:29:44:b9:12:c8:
49:de:e9:02:77:5f:c8:6d:b2:5d:1e:1b:58:9a:b5:eb:b3:3d:
01:8e:9d:4a:f7:3b:09:9d:9f:9c:aa:d0:e8:3c:e9:5b:1b:9f:
a7:38:49:72:96:c8:00:eb:7e:c3:e5:1d:ce:4c:fe:73:15:c8:
d2:51:9c:e2:9b:fb:0b:a3:45:28:cf:af:40:2d:08:81:ca:ac:
6d:be:e5:56:df:ed:9b:68:11:d8:07:4a:ac:8a:04:c5:d8:89:
39:f3:b4:81:90:82:6b:02:c6:fe:a5:2a:e1:8c:94:d2:82:28:
33:a5:ec:28:94:c8:3b:61:f5:f6:d2:6b:1d:ca:19:a9:92:28:
98:fa:3c:f2:87:e8:ef:c9:db:d3:96:1e:15:34:05:e6:d4:1d:
88:4e:83:a7:89:2a:c3:51:fa:17:ed:7b:05:53:2b:cb:4b:ac:
01:f5:b8:ec:c6:47:80:07:55:44:ea:47:c9:34:52:84:92:54:
fb:04:63:b7:47:74:49:1f:75:41:c0:da:08:b7:7d:c3:79:d9:
3b:e2:6e:53:b9:98:ed:65:e7:e2:6b:0d:7f:d5:af:00:1c:29:
1e:eb:0e:eb
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOHEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMy
MDIyMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRFN0YwOTk4MTY5NkQ5
OEVERTZCMEYxQjcyMTY1RjM2QUFFNjI3NjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyctLSxZvcYI4EDhVaNJXIYXLkGr5xPyPu7kx0j8nX+75QOSF2
jCA4/J8VsIQlcsf/BhfnGy+nvlBMpf9Lrib2ReizcBzmmClpsWbSv/Xwm+Xutt0a
faY9RzuHdlc+Y5ETTIkTfPX/6TULQDMgVdOmPW8gnpyYkPo16knUaHxmpl5WHZHF
y1hI4dFYroczVZI/+ABRTLIzhxMMFohxlhEHE/lVYrtYIVvcXjWF7cYKycGNpwGK
8i8N4Hdx6WcJWyThZ9BI8dlbWknOy2/BeEz19e03I/tcBbBOTdVB7U5j2LKJOGXQ
TZiQeVbmjZnxbGCR8qMgyCAB64490z8DTQ+1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUTn8JmBaW2Y7eaw8bchZfNqrmJ2MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RuOEptQmFXMlk3ZWF3
OGJjaFpmTnFybUoyTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAG0j3DghdSp3eCPU
ENRVXfg1pwtCOeL2T2FdD2MzUtIpRLkSyEne6QJ3X8htsl0eG1iateuzPQGOnUr3
Owmdn5yq0Og86Vsbn6c4SXKWyADrfsPlHc5M/nMVyNJRnOKb+wujRSjPr0AtCIHK
rG2+5Vbf7ZtoEdgHSqyKBMXYiTnztIGQgmsCxv6lKuGMlNKCKDOl7CiUyDth9fbS
ax3KGamSKJj6PPKH6O/J29OWHhU0BebUHYhOg6eJKsNR+hftewVTK8tLrAH1uOzG
R4AHVUTqR8k0UoSSVPsEY7dHdEkfdUHA2gi3fcN52TviblO5mO1l5+JrDX/VrwAc
KR7rDus=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:27 2024 by rpki-client on console-fra.rpki-client.org