Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_-FXsUetO-yhHcFyaaveinzZnXI.roa
File: _-FXsUetO-yhHcFyaaveinzZnXI.roa (raw, json)
Hash identifier: Q7CvsTm5AEippN+QdYg7sHeLGX2Wsn/yxtS6vCBDJu8=
Subject key identifier: FF:E1:57:B1:47:AD:3B:EC:A1:1D:C1:72:69:AB:DE:8A:7C:D9:9D:72
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D49
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_-FXsUetO-yhHcFyaaveinzZnXI.roa
Signing time: Wed 01 May 2024 15:23:41 +0000
ROA not before: Wed 01 May 2024 15:23:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19785 (0x4d49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 15:23:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FFE157B147AD3BECA11DC17269ABDE8A7CD99D72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:28:59:a2:13:ea:17:8c:32:d9:bf:da:25:b0:
9b:01:5c:1f:a3:30:89:79:57:a6:53:ad:5b:6a:a9:
4a:ff:cf:b5:ee:1a:c8:72:4b:93:2f:6f:9f:72:08:
86:16:60:b7:15:bf:d9:02:29:cc:38:4d:b4:4b:83:
93:55:bd:70:dd:60:69:d1:9b:b0:bf:ee:5c:65:04:
a1:6e:bf:b6:3a:e0:41:51:10:2a:94:27:93:f3:b9:
6a:37:19:49:13:df:14:a4:ad:58:c6:12:6f:13:90:
8e:b8:eb:c7:d5:32:a6:90:1b:5b:30:ca:13:dd:71:
55:08:a3:09:53:4f:ef:c2:86:6a:f9:9e:3a:76:07:
29:66:77:6f:f9:3c:2a:ba:df:d5:9a:7d:7d:38:91:
ab:5f:ee:29:55:b3:79:9b:eb:51:b5:0a:4c:22:91:
32:ad:60:b2:b5:45:9c:93:ca:54:57:dd:65:ba:04:
3d:9f:a6:00:c8:2f:b6:d0:b3:61:b9:c7:a0:e0:8e:
0c:3f:0e:8e:d5:de:63:1d:e2:2f:ed:98:b5:39:af:
e1:66:f6:76:7c:06:4b:d2:e7:c0:03:9f:61:73:43:
25:27:a5:64:3a:82:2c:6f:3e:79:a5:33:96:a6:98:
db:ec:b9:00:3a:25:88:93:62:ee:0e:2c:d7:34:e2:
c9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E1:57:B1:47:AD:3B:EC:A1:1D:C1:72:69:AB:DE:8A:7C:D9:9D:72
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_-FXsUetO-yhHcFyaaveinzZnXI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5d:1d:b8:74:8d:5e:46:2d:6b:b8:7d:2a:4d:bb:4a:ba:40:ed:
17:70:3c:53:e7:be:f2:1d:9f:48:20:6b:77:b6:62:ab:3b:e8:
f2:0c:df:ec:1b:be:f5:a8:0c:94:d0:83:27:7b:e2:2b:73:24:
3d:8c:a9:6f:bb:f9:8a:8c:1a:34:60:04:e0:92:c3:e6:37:48:
12:92:69:db:a5:d5:b0:d9:a2:7e:af:3d:90:64:c7:85:4a:34:
32:33:37:3d:87:93:e3:fb:bf:6a:a0:38:e6:60:fb:0c:20:56:
3a:db:69:db:46:91:6a:a3:98:ba:f1:e3:af:9f:16:97:b2:3a:
5b:54:0f:03:fc:8c:49:b8:45:f3:2b:e2:cf:54:c8:43:66:69:
82:3d:4c:e5:82:1e:21:d6:39:4a:13:f6:d2:66:0c:ac:28:46:
dd:b4:f3:80:0e:c7:25:54:08:84:09:a2:0e:ef:01:44:58:65:
36:b7:ee:13:4d:16:75:ca:74:26:55:ae:57:b0:8d:e3:82:91:
c6:52:fc:13:ac:d2:1b:36:ad:13:30:32:0a:1d:73:31:93:e5:
df:47:97:28:bb:1a:32:9b:fa:ef:ea:71:81:b0:d4:84:61:fd:
88:9e:11:28:27:4a:43:44:41:c0:54:8b:53:b3:be:9f:12:89:
cc:14:5c:aa
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTUkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEx
NTIzNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZGRTE1N0IxNDdBRDNC
RUNBMTFEQzE3MjY5QUJERThBN0NEOTlENzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvKFmiE+oXjDLZv9olsJsBXB+jMIl5V6ZTrVtqqUr/z7XuGshy
S5Mvb59yCIYWYLcVv9kCKcw4TbRLg5NVvXDdYGnRm7C/7lxlBKFuv7Y64EFRECqU
J5PzuWo3GUkT3xSkrVjGEm8TkI6468fVMqaQG1swyhPdcVUIowlTT+/Chmr5njp2
Bylmd2/5PCq639WafX04katf7ilVs3mb61G1CkwikTKtYLK1RZyTylRX3WW6BD2f
pgDIL7bQs2G5x6Dgjgw/Do7V3mMd4i/tmLU5r+Fm9nZ8BkvS58ADn2FzQyUnpWQ6
gixvPnmlM5ammNvsuQA6JYiTYu4OLNc04smrAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU/+FXsUetO+yhHcFyaaveinzZnXIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L18tRlhzVWV0Ty15aEhj
RnlhYXZlaW56Wm5YSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAF0duHSNXkYta7h9
Kk27SrpA7RdwPFPnvvIdn0gga3e2Yqs76PIM3+wbvvWoDJTQgyd74itzJD2MqW+7
+YqMGjRgBOCSw+Y3SBKSadul1bDZon6vPZBkx4VKNDIzNz2Hk+P7v2qgOOZg+wwg
VjrbadtGkWqjmLrx46+fFpeyOltUDwP8jEm4RfMr4s9UyENmaYI9TOWCHiHWOUoT
9tJmDKwoRt2084AOxyVUCIQJog7vAURYZTa37hNNFnXKdCZVrlewjeOCkcZS/BOs
0hs2rRMwMgodczGT5d9Hlyi7GjKb+u/qcYGw1IRh/YieESgnSkNEQcBUi1Ozvp8S
icwUXKo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:33 2024 by rpki-client on console-fra.rpki-client.org