Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VzQOz-Si5XlTaOKgNT-VeZ3mJ7M.roa
File: VzQOz-Si5XlTaOKgNT-VeZ3mJ7M.roa (raw, json)
Hash identifier: WV2H4PvWmpmCgDP0Pjkyw4/SODmkMxZ1ZPizE3Gyny8=
Subject key identifier: 57:34:0E:CF:E4:A2:E5:79:53:68:E2:A0:35:3F:95:79:9D:E6:27:B3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FB9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VzQOz-Si5XlTaOKgNT-VeZ3mJ7M.roa
Signing time: Sat 13 Apr 2024 13:22:49 +0000
ROA not before: Sat 13 Apr 2024 13:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16313 (0x3fb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 13:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=57340ECFE4A2E5795368E2A0353F95799DE627B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:59:ec:19:87:63:4c:0a:10:2b:ad:ab:f8:aa:
14:ae:71:73:36:05:94:ae:93:0b:2b:71:42:38:11:
2d:4b:df:b2:16:9d:4c:30:be:3c:6d:c8:a8:e0:94:
9a:52:fd:6c:ab:67:b3:60:ac:fe:20:96:cb:4d:e9:
74:b3:1b:f0:bf:81:ac:f0:92:13:45:94:0d:0d:d2:
3c:5e:ef:0f:58:22:87:d9:1a:7a:82:b7:7e:34:33:
39:63:c2:9c:67:c1:2e:e6:58:94:7a:42:df:98:fa:
1e:39:01:54:d9:55:d9:97:9f:2d:a0:0b:eb:9a:19:
1a:d2:fe:67:92:58:60:fb:03:96:47:10:43:65:6c:
a9:03:6a:79:0a:f4:5d:68:06:02:7b:89:a6:d8:72:
c1:bd:e7:7c:cc:90:26:12:d6:fd:56:53:31:bd:51:
c2:64:e6:f2:7c:c6:17:d5:2d:65:56:24:83:cd:e5:
fc:57:c6:59:c3:d0:fd:a1:41:ed:b5:12:99:a4:9a:
ae:44:5e:3b:68:99:80:f9:8d:10:3b:89:f8:fc:b1:
d9:e9:76:dc:a2:2c:5c:6c:b1:a4:93:61:ac:c6:81:
e2:74:97:9e:88:87:d9:23:04:cf:fc:02:7d:91:ec:
ef:d2:07:94:87:93:06:53:67:f4:9a:5f:d0:4c:02:
cb:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:34:0E:CF:E4:A2:E5:79:53:68:E2:A0:35:3F:95:79:9D:E6:27:B3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VzQOz-Si5XlTaOKgNT-VeZ3mJ7M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
36:5b:60:e5:62:83:db:e9:69:62:ae:fd:0e:39:94:f1:0c:bc:
ce:a5:1b:0a:ab:80:b2:d5:22:2b:32:9a:85:70:e5:3c:e3:44:
78:0d:81:b9:69:3a:8e:50:9d:5d:87:69:a7:04:92:7c:e1:6e:
16:4e:64:fc:8e:b1:64:a3:5b:b7:e3:dc:d7:41:b0:72:79:f4:
72:0e:0b:da:49:61:05:01:42:1d:d9:02:62:ef:6f:da:03:43:
79:1b:24:c1:7a:fc:46:ae:38:68:0d:e4:33:87:16:15:be:8f:
db:bf:e0:15:bd:ea:6d:5a:96:6b:2a:38:61:68:1c:74:8b:ee:
eb:83:5e:90:e2:4f:c0:8a:c2:07:73:9d:62:50:93:e3:d2:77:
37:de:30:3d:e2:17:b3:4d:b1:d9:9c:35:f3:cf:c5:6f:ee:85:
3f:14:77:23:0a:92:56:ba:38:8c:1a:e3:83:50:20:a1:f9:e2:
85:93:25:e6:b5:5a:07:96:68:8f:30:e8:d9:d8:d4:75:25:7e:
e7:f5:c8:59:f9:ee:c7:bc:d1:c3:2f:09:df:a2:ae:ad:ca:3e:
c5:f9:9a:76:7d:c8:7d:27:9e:cf:b6:7d:6d:ba:b5:7c:fd:82:
6d:0b:05:2a:98:ff:93:df:f4:61:ab:2f:0a:1e:44:ea:80:5f:
d2:28:12:d1
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP7kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
MzIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU3MzQwRUNGRTRBMkU1
Nzk1MzY4RTJBMDM1M0Y5NTc5OURFNjI3QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+WewZh2NMChArrav4qhSucXM2BZSukwsrcUI4ES1L37IWnUww
vjxtyKjglJpS/WyrZ7NgrP4glstN6XSzG/C/gazwkhNFlA0N0jxe7w9YIofZGnqC
t340MzljwpxnwS7mWJR6Qt+Y+h45AVTZVdmXny2gC+uaGRrS/meSWGD7A5ZHEENl
bKkDankK9F1oBgJ7iabYcsG953zMkCYS1v1WUzG9UcJk5vJ8xhfVLWVWJIPN5fxX
xlnD0P2hQe21Epmkmq5EXjtomYD5jRA7ifj8sdnpdtyiLFxssaSTYazGgeJ0l56I
h9kjBM/8An2R7O/SB5SHkwZTZ/SaX9BMAstJAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUVzQOz+Si5XlTaOKgNT+VeZ3mJ7MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1Z6UU96LVNpNVhsVGFP
S2dOVC1WZVozbUo3TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADZbYOVig9vpaWKu
/Q45lPEMvM6lGwqrgLLVIisymoVw5TzjRHgNgblpOo5QnV2HaacEknzhbhZOZPyO
sWSjW7fj3NdBsHJ59HIOC9pJYQUBQh3ZAmLvb9oDQ3kbJMF6/EauOGgN5DOHFhW+
j9u/4BW96m1almsqOGFoHHSL7uuDXpDiT8CKwgdznWJQk+PSdzfeMD3iF7NNsdmc
NfPPxW/uhT8UdyMKkla6OIwa44NQIKH54oWTJea1WgeWaI8w6NnY1HUlfuf1yFn5
7se80cMvCd+irq3KPsX5mnZ9yH0nns+2fW26tXz9gm0LBSqY/5Pf9GGrLwoeROqA
X9IoEtE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:29 2024 by rpki-client on console-fra.rpki-client.org