Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_VXyvrdNLCBWzS-tgvwzku1ljq0.roa
File: _VXyvrdNLCBWzS-tgvwzku1ljq0.roa (raw, json)
Hash identifier: 7pNG3mWYIu6t/Oz4Sav6LZSMNDnyApfOVYixH6YWu84=
Subject key identifier: FD:55:F2:BE:B7:4D:2C:20:56:CD:2F:AD:82:FC:33:92:ED:65:8E:AD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3549
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_VXyvrdNLCBWzS-tgvwzku1ljq0.roa
Signing time: Sat 30 Mar 2024 15:22:12 +0000
ROA not before: Sat 30 Mar 2024 15:22:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13641 (0x3549)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 15:22:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FD55F2BEB74D2C2056CD2FAD82FC3392ED658EAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e7:bc:55:0a:f6:9c:f7:84:88:c5:14:c0:6a:
c9:d4:3c:ef:35:b6:79:4f:4c:1d:78:36:92:0f:ae:
27:97:e8:83:bd:f1:55:8e:32:d8:1e:b3:43:79:c5:
9d:c7:6a:8b:41:5b:e6:9b:a9:e8:d1:46:fd:13:46:
51:39:16:ff:7e:9f:b1:91:6c:ce:06:09:37:dc:07:
0c:e5:82:8b:33:a3:c6:1c:ff:3c:94:3e:fd:0f:4c:
c8:43:5c:0d:10:65:4f:45:7c:4b:2d:77:20:f5:b6:
32:fd:be:4b:4d:31:d3:22:f9:9d:2c:b0:a9:0d:48:
c0:45:12:11:9b:5b:7c:77:c4:92:39:e5:c3:49:6f:
4c:ff:2e:b3:a2:50:c7:3b:c2:4d:5a:d4:66:95:e9:
64:29:e4:97:ad:00:fe:35:c8:a3:98:b8:a8:07:bd:
eb:91:70:f9:0d:62:da:4f:37:d3:6d:72:19:76:d7:
ee:3c:af:6a:38:ed:18:55:16:8d:6f:32:dd:21:62:
91:43:5d:6f:89:5b:0f:88:9e:19:19:b6:50:20:7f:
28:2b:48:a6:e5:45:bc:c2:c0:07:a6:c0:b5:0c:e0:
a6:67:f9:5d:78:eb:26:c9:23:19:7f:f2:27:bd:b9:
a1:ee:46:a2:ec:eb:75:36:14:a1:54:19:b2:1a:6a:
71:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:55:F2:BE:B7:4D:2C:20:56:CD:2F:AD:82:FC:33:92:ED:65:8E:AD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_VXyvrdNLCBWzS-tgvwzku1ljq0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ae:20:d4:c6:3d:77:61:27:f6:84:f4:fe:59:e5:b0:ab:08:93:
20:81:cf:82:7c:31:43:95:92:8c:42:94:40:ce:de:8f:cb:d9:
37:bb:2d:90:7b:e5:e7:7a:14:62:55:42:9a:24:99:ba:91:f0:
d9:e5:4f:4c:fd:da:1f:eb:fb:58:80:db:cb:04:98:71:6a:6b:
f0:3a:52:6b:f7:0a:e5:69:f5:44:cd:d7:71:82:da:77:bf:8e:
ab:e1:22:30:30:1f:a4:4c:84:9e:78:58:6a:59:92:81:7f:b2:
f9:25:83:96:16:3b:e7:ee:f0:67:f2:9b:7c:13:4b:32:68:b9:
9e:10:ab:4d:ca:36:9f:2e:a9:8c:39:5e:ac:b7:23:18:03:88:
21:f7:c4:35:a5:7b:af:bb:83:52:b7:95:f5:64:e4:df:21:01:
0b:ed:c5:12:4d:93:9c:e4:18:95:13:99:61:45:38:c4:6a:86:
d0:70:69:a9:36:8b:ff:67:78:2a:91:9b:5c:d8:0c:1c:eb:11:
11:ec:40:3f:9c:5e:64:88:d0:5e:a2:18:7a:6d:eb:55:a8:e1:
76:72:cd:29:59:bd:04:3a:93:3a:86:93:d9:54:46:af:3b:59:
e1:54:18:00:29:e6:87:e1:8e:5e:2f:8d:00:73:51:b8:3f:18:
4b:ba:11:c9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNUkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
NTIyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZENTVGMkJFQjc0RDJD
MjA1NkNEMkZBRDgyRkMzMzkyRUQ2NThFQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx57xVCvac94SIxRTAasnUPO81tnlPTB14NpIPrieX6IO98VWO
Mtges0N5xZ3HaotBW+abqejRRv0TRlE5Fv9+n7GRbM4GCTfcBwzlgoszo8Yc/zyU
Pv0PTMhDXA0QZU9FfEstdyD1tjL9vktNMdMi+Z0ssKkNSMBFEhGbW3x3xJI55cNJ
b0z/LrOiUMc7wk1a1GaV6WQp5JetAP41yKOYuKgHveuRcPkNYtpPN9Ntchl21+48
r2o47RhVFo1vMt0hYpFDXW+JWw+InhkZtlAgfygrSKblRbzCwAemwLUM4KZn+V14
6ybJIxl/8ie9uaHuRqLs63U2FKFUGbIaanEpAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU/VXyvrdNLCBWzS+tgvwzku1ljq0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19WWHl2cmROTENCV3pT
LXRndnd6a3UxbGpxMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAK4g1MY9d2En9oT0
/lnlsKsIkyCBz4J8MUOVkoxClEDO3o/L2Te7LZB75ed6FGJVQpokmbqR8NnlT0z9
2h/r+1iA28sEmHFqa/A6Umv3CuVp9UTN13GC2ne/jqvhIjAwH6RMhJ54WGpZkoF/
svklg5YWO+fu8Gfym3wTSzJouZ4Qq03KNp8uqYw5Xqy3IxgDiCH3xDWle6+7g1K3
lfVk5N8hAQvtxRJNk5zkGJUTmWFFOMRqhtBwaak2i/9neCqRm1zYDBzrERHsQD+c
XmSI0F6iGHpt61Wo4XZyzSlZvQQ6kzqGk9lURq87WeFUGAAp5ofhjl4vjQBzUbg/
GEu6Eck=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:33 2024 by rpki-client on console-fra.rpki-client.org