Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_N1l0CjUKXpRJpVFcGxeVxpb-Po.roa
File: _N1l0CjUKXpRJpVFcGxeVxpb-Po.roa (raw, json)
Hash identifier: U9OxC3GCGuADjMT49BmsUWFNvjx89TFFQJG13oGFi3M=
Subject key identifier: FC:DD:65:D0:28:D4:29:7A:51:26:95:45:70:6C:5E:57:1A:5B:F8:FA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 546D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_N1l0CjUKXpRJpVFcGxeVxpb-Po.roa
Signing time: Sat 11 May 2024 03:54:01 +0000
ROA not before: Sat 11 May 2024 03:54:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21613 (0x546d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 03:54:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FCDD65D028D4297A51269545706C5E571A5BF8FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:71:51:9a:38:ba:a7:38:2c:b0:54:fb:0d:9b:
6d:01:fd:f0:d7:71:82:90:c8:d7:e9:09:ea:88:15:
70:d6:50:4a:d8:0a:76:f7:b9:8f:a1:e7:fd:c9:56:
68:49:09:57:09:d9:84:67:84:7e:60:24:01:7f:ff:
1b:b7:49:ae:4a:c8:d8:8d:b8:34:54:77:39:58:4d:
b2:17:b1:ea:b9:b8:bd:d5:61:5e:79:39:e8:ef:25:
41:84:d7:78:22:5d:ae:d5:2f:8c:5d:a7:cd:8f:89:
f1:f5:23:f9:84:80:0d:e7:7c:f3:81:7f:9d:26:16:
d5:96:42:03:b9:9c:a8:36:71:80:4e:f9:d3:cd:ad:
ee:35:e5:f4:1b:2b:80:f7:c5:8f:47:17:07:36:12:
54:53:9b:71:b6:0f:2a:16:f9:32:d3:48:58:02:a8:
0e:a9:d9:af:49:db:10:4e:9d:3b:c8:3a:42:0d:85:
11:be:5b:f0:7d:c9:56:3a:ce:2d:88:84:b6:f4:33:
92:d8:08:00:7b:3c:ec:41:15:bb:a6:f1:0d:23:a3:
be:02:62:d0:f9:6a:7b:ee:a2:d8:8c:57:9a:40:92:
2d:94:1f:4e:43:64:2c:8d:24:a9:4d:5f:02:df:08:
23:64:94:a6:70:c8:7f:f2:ae:d5:8b:f2:08:ce:e0:
79:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:DD:65:D0:28:D4:29:7A:51:26:95:45:70:6C:5E:57:1A:5B:F8:FA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_N1l0CjUKXpRJpVFcGxeVxpb-Po.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
81:b1:b8:e2:9a:5a:e1:f7:b3:84:bf:af:8d:6a:61:c5:32:40:
38:bf:2e:b4:eb:d6:a1:5a:ce:e5:f1:f9:3f:b8:7f:53:7e:40:
2e:22:43:a9:62:83:34:06:3f:85:00:f9:f8:ec:a3:79:fe:ec:
10:9b:1b:7a:85:cc:02:e8:78:a8:9b:fc:14:53:09:1a:08:a2:
b5:cb:6d:82:c8:17:05:dc:90:c7:c0:54:17:c1:c4:20:b8:c5:
3f:c1:fd:7c:ad:66:55:37:26:3e:90:53:2d:74:19:6c:5f:7d:
29:b3:e0:fa:b4:37:48:04:7b:8c:58:bf:42:ae:79:af:27:fa:
9c:09:9c:5a:6e:b0:94:16:03:3d:20:1c:d5:7b:5b:d8:82:74:
18:e4:b0:41:fe:ce:82:20:b2:9e:20:31:0a:78:c6:a1:ec:57:
27:73:f2:dc:72:df:05:18:b6:8f:d9:72:b8:07:d3:f8:bb:c3:
23:69:02:8b:d0:fa:e9:34:31:e0:6b:bc:65:89:91:f8:56:e2:
08:f5:77:99:b3:c3:d3:8f:3d:63:a2:7b:8b:c1:73:7d:8f:82:
3e:0b:e8:39:fb:d8:12:b3:09:15:00:3e:00:b6:be:79:90:1f:
9c:2d:6f:80:a2:90:f2:9c:7f:4a:e8:cb:e4:18:59:f0:85:6c:
b4:8c:38:b4
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVG0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEw
MzU0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZDREQ2NUQwMjhENDI5
N0E1MTI2OTU0NTcwNkM1RTU3MUE1QkY4RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCscVGaOLqnOCywVPsNm20B/fDXcYKQyNfpCeqIFXDWUErYCnb3
uY+h5/3JVmhJCVcJ2YRnhH5gJAF//xu3Sa5KyNiNuDRUdzlYTbIXseq5uL3VYV55
OejvJUGE13giXa7VL4xdp82PifH1I/mEgA3nfPOBf50mFtWWQgO5nKg2cYBO+dPN
re415fQbK4D3xY9HFwc2ElRTm3G2DyoW+TLTSFgCqA6p2a9J2xBOnTvIOkINhRG+
W/B9yVY6zi2IhLb0M5LYCAB7POxBFbum8Q0jo74CYtD5anvuotiMV5pAki2UH05D
ZCyNJKlNXwLfCCNklKZwyH/yrtWL8gjO4HljAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU/N1l0CjUKXpRJpVFcGxeVxpb+PowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19OMWwwQ2pVS1hwUkpw
VkZjR3hlVnhwYi1Qby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIGxuOKaWuH3s4S/
r41qYcUyQDi/LrTr1qFazuXx+T+4f1N+QC4iQ6ligzQGP4UA+fjso3n+7BCbG3qF
zALoeKib/BRTCRoIorXLbYLIFwXckMfAVBfBxCC4xT/B/XytZlU3Jj6QUy10GWxf
fSmz4Pq0N0gEe4xYv0Kuea8n+pwJnFpusJQWAz0gHNV7W9iCdBjksEH+zoIgsp4g
MQp4xqHsVydz8txy3wUYto/ZcrgH0/i7wyNpAovQ+uk0MeBrvGWJkfhW4gj1d5mz
w9OPPWOie4vBc32Pgj4L6Dn72BKzCRUAPgC2vnmQH5wtb4CikPKcf0roy+QYWfCF
bLSMOLQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:33 2024 by rpki-client on console-fra.rpki-client.org