Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/aFppPsfHV_F1GNqI95iQ-R7d_vk.roa
File: aFppPsfHV_F1GNqI95iQ-R7d_vk.roa (raw, json)
Hash identifier: NvM4VQliezvQ4PJfZfjSE1/3rV/LD22kwwg4Y8N/X/c=
Subject key identifier: 68:5A:69:3E:C7:C7:57:F1:75:18:DA:88:F7:98:90:F9:1E:DD:FE:F9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36F9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aFppPsfHV_F1GNqI95iQ-R7d_vk.roa
Signing time: Mon 01 Apr 2024 21:22:13 +0000
ROA not before: Mon 01 Apr 2024 21:22:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14073 (0x36f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 21:22:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=685A693EC7C757F17518DA88F79890F91EDDFEF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cb:28:31:cf:96:0e:52:42:57:07:2b:2c:12:
03:f3:90:45:53:38:12:82:ef:94:01:f7:af:7f:b6:
49:7b:ce:d2:65:3e:11:0f:f6:d8:e3:a8:76:53:76:
84:a1:8f:59:01:6f:b5:c3:05:96:af:28:98:34:63:
1d:36:7b:01:e5:53:a6:cc:c1:40:98:6f:d0:ff:cd:
12:97:58:59:b8:59:c1:7d:b9:1f:7d:8c:63:4e:45:
c2:cd:27:9f:f8:97:f0:11:7b:09:6e:8f:00:20:0a:
d1:6c:2f:24:7e:a4:05:8a:51:aa:d7:12:8c:e9:48:
2e:97:03:a1:4b:3b:d7:bd:9f:9f:f1:89:cf:38:e7:
98:e4:7b:3c:e6:d4:cd:ae:5a:10:af:d9:10:53:6a:
e4:9f:a5:1f:8d:40:32:ac:f1:3b:1e:88:15:ba:c4:
a6:c0:33:3d:b2:cb:6e:95:51:ee:85:11:8a:b8:15:
f3:74:0a:a5:75:fb:b8:88:42:97:20:f0:4f:8e:d6:
0d:d1:e7:df:7c:8e:d9:0b:55:0d:7c:e9:dc:c0:49:
0c:88:81:86:94:d8:97:40:c1:e5:ec:c5:39:6f:9d:
d0:c9:89:74:8f:5a:cc:2e:d1:51:05:54:bd:a6:c5:
61:35:be:3c:5c:36:7d:3c:42:f6:2c:5c:8a:87:0b:
a7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5A:69:3E:C7:C7:57:F1:75:18:DA:88:F7:98:90:F9:1E:DD:FE:F9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aFppPsfHV_F1GNqI95iQ-R7d_vk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a9:2b:11:33:9a:d7:e2:a7:ec:82:41:e7:85:f1:62:ed:8f:86:
b4:80:53:ce:ec:6e:76:cb:dc:1a:d9:a7:07:3c:25:32:0f:76:
be:a9:4c:b5:ef:97:a4:d1:cb:e9:63:73:ff:18:a0:35:e7:90:
3e:86:31:72:6b:dc:35:95:2d:c8:13:0e:b6:e2:c2:eb:37:0e:
7a:db:a0:5b:c3:ec:41:df:a7:e9:a8:8c:8b:da:40:a7:3a:d9:
3e:46:94:30:ef:60:0f:71:f1:76:db:e1:a4:a6:41:51:2f:09:
54:10:f2:6e:fd:11:82:7a:00:ff:56:e9:38:69:f9:c7:d0:f8:
d4:47:ea:28:80:1a:4a:60:63:3d:01:75:2f:ad:25:a4:54:0c:
63:de:6e:0e:7f:44:b9:86:01:e1:4c:66:74:42:c4:ae:8f:95:
5c:d0:5e:fb:b2:45:4b:19:52:29:8b:73:6a:3d:c5:0b:7f:bc:
0a:3b:79:ff:d6:81:fd:1a:c4:00:0d:19:8a:4b:c1:0f:1a:4a:
9a:be:fb:4d:f9:46:c8:80:8d:b8:37:b2:94:98:e0:4f:35:ac:
5f:e2:29:58:fb:4a:19:96:ae:a2:67:39:63:5e:36:fb:cd:b5:
aa:e7:f3:0d:68:b9:51:9a:a5:cc:e0:16:1e:2f:3e:b4:5a:0b:
ae:1d:77:f6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNvkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEy
MTIyMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY4NUE2OTNFQzdDNzU3
RjE3NTE4REE4OEY3OTg5MEY5MUVEREZFRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyyygxz5YOUkJXByssEgPzkEVTOBKC75QB969/tkl7ztJlPhEP
9tjjqHZTdoShj1kBb7XDBZavKJg0Yx02ewHlU6bMwUCYb9D/zRKXWFm4WcF9uR99
jGNORcLNJ5/4l/ARewlujwAgCtFsLyR+pAWKUarXEozpSC6XA6FLO9e9n5/xic84
55jkezzm1M2uWhCv2RBTauSfpR+NQDKs8TseiBW6xKbAMz2yy26VUe6FEYq4FfN0
CqV1+7iIQpcg8E+O1g3R5998jtkLVQ186dzASQyIgYaU2JdAweXsxTlvndDJiXSP
Wswu0VEFVL2mxWE1vjxcNn08QvYsXIqHC6e3AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUaFppPsfHV/F1GNqI95iQ+R7d/vkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FGcHBQc2ZIVl9GMUdO
cUk5NWlRLVI3ZF92ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKkrETOa1+Kn7IJB
54XxYu2PhrSAU87sbnbL3BrZpwc8JTIPdr6pTLXvl6TRy+ljc/8YoDXnkD6GMXJr
3DWVLcgTDrbiwus3DnrboFvD7EHfp+mojIvaQKc62T5GlDDvYA9x8Xbb4aSmQVEv
CVQQ8m79EYJ6AP9W6Thp+cfQ+NRH6iiAGkpgYz0BdS+tJaRUDGPebg5/RLmGAeFM
ZnRCxK6PlVzQXvuyRUsZUimLc2o9xQt/vAo7ef/Wgf0axAANGYpLwQ8aSpq++035
RsiAjbg3spSY4E81rF/iKVj7ShmWrqJnOWNeNvvNtarn8w1ouVGapczgFh4vPrRa
C64dd/Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:34 2024 by rpki-client on console-fra.rpki-client.org