Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/abcEGidRz5ztVvkgAhbL__TTxb4.roa
File: abcEGidRz5ztVvkgAhbL__TTxb4.roa (raw, json)
Hash identifier: DCknE0qoAX6TwwOcMLRI7C2uigxND2Z8Hgf8/PehWSc=
Subject key identifier: 69:B7:04:1A:27:51:CF:9C:ED:56:F9:20:02:16:CB:FF:F4:D3:C5:BE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3EA9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/abcEGidRz5ztVvkgAhbL__TTxb4.roa
Signing time: Fri 12 Apr 2024 03:22:51 +0000
ROA not before: Fri 12 Apr 2024 03:22:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16041 (0x3ea9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 03:22:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=69B7041A2751CF9CED56F9200216CBFFF4D3C5BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:58:02:6e:13:90:43:85:89:92:49:49:e9:25:
f3:f2:08:6c:d0:24:e8:c9:24:dc:8c:09:c8:e9:10:
1a:1b:4e:36:52:f4:db:11:0a:8c:0b:60:ad:9f:4d:
8f:c8:de:6d:cb:cd:e4:44:23:f6:10:28:db:22:32:
ba:d9:41:aa:5c:01:cd:c6:59:20:bb:5d:f7:45:95:
5f:48:d9:cb:a9:a4:b5:f5:ea:6c:76:53:38:3d:f2:
a6:5b:4e:e8:0e:d1:75:d0:40:1e:82:8a:e0:56:d5:
32:20:52:a2:0f:c6:c9:52:35:ee:ef:12:fa:02:a8:
1e:35:fa:52:ec:b0:cf:61:5e:77:b1:b5:de:eb:f1:
d0:1f:b9:67:44:2b:48:ae:37:87:72:74:ee:16:9b:
97:b5:a7:ac:04:e2:5e:d4:6d:7a:b3:53:c2:32:0b:
06:ac:c2:bf:cb:49:b2:f6:47:a3:cd:fc:07:a4:16:
0c:4e:51:2d:f8:fa:35:65:12:9e:8d:70:79:8a:77:
90:03:14:00:dc:a7:ae:5a:4e:4a:fa:19:13:25:a6:
2d:e7:69:bf:ad:cd:7a:10:97:8b:fb:f5:78:66:16:
5f:8d:40:5a:5c:38:3d:37:fd:3b:4c:59:e0:c6:0a:
41:19:ba:a0:df:58:a4:08:b1:e6:25:9d:7f:47:05:
8d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:B7:04:1A:27:51:CF:9C:ED:56:F9:20:02:16:CB:FF:F4:D3:C5:BE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/abcEGidRz5ztVvkgAhbL__TTxb4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
03:f1:65:ad:ce:0e:36:9b:f3:77:fd:86:89:7c:8b:f3:ea:9e:
56:56:a1:02:30:73:c3:e6:9d:43:7f:50:4b:77:87:dc:58:b1:
1b:c0:df:60:08:2b:df:01:63:49:03:6e:00:ba:ce:57:2d:13:
51:6b:94:be:b4:8a:5c:23:47:13:56:bc:ab:05:42:da:32:fa:
4d:99:09:1a:1f:44:e0:97:c4:c1:0f:6c:af:ae:6f:73:cf:36:
be:6f:7b:c0:0d:16:f9:95:9d:29:f2:df:cf:e4:d6:2f:81:6d:
3e:12:56:56:ab:0c:23:39:23:55:3a:ab:8b:e4:5e:0e:a4:56:
4b:a4:cb:6e:d4:fa:ff:20:22:90:e9:b1:76:53:10:2b:51:8a:
85:64:fc:4a:60:ac:5f:5b:f3:4f:5e:e2:23:70:43:d9:bf:92:
cb:0e:bb:14:39:64:ac:63:bf:2c:45:5e:57:6b:f1:3d:c9:8d:
36:f2:35:64:44:b7:b8:05:93:e7:19:3a:38:be:47:7e:49:bd:
dc:9e:79:67:dd:bc:b0:ba:22:ca:67:77:71:c9:bd:3e:0c:b8:
17:81:d3:35:7a:6b:58:07:48:92:c4:53:2c:db:09:46:ad:37:
ae:5f:7a:e4:0c:ab:29:15:9c:eb:c3:2a:5a:9a:0c:92:44:6f:
a5:a9:0d:13
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPqkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIw
MzIyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY5QjcwNDFBMjc1MUNG
OUNFRDU2RjkyMDAyMTZDQkZGRjREM0M1QkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNWAJuE5BDhYmSSUnpJfPyCGzQJOjJJNyMCcjpEBobTjZS9NsR
CowLYK2fTY/I3m3LzeREI/YQKNsiMrrZQapcAc3GWSC7XfdFlV9I2cuppLX16mx2
Uzg98qZbTugO0XXQQB6CiuBW1TIgUqIPxslSNe7vEvoCqB41+lLssM9hXnextd7r
8dAfuWdEK0iuN4dydO4Wm5e1p6wE4l7UbXqzU8IyCwaswr/LSbL2R6PN/AekFgxO
US34+jVlEp6NcHmKd5ADFADcp65aTkr6GRMlpi3nab+tzXoQl4v79XhmFl+NQFpc
OD03/TtMWeDGCkEZuqDfWKQIseYlnX9HBY3FAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUabcEGidRz5ztVvkgAhbL//TTxb4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FiY0VHaWRSejV6dFZ2
a2dBaGJMX19UVHhiNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAPxZa3ODjab83f9
hol8i/PqnlZWoQIwc8PmnUN/UEt3h9xYsRvA32AIK98BY0kDbgC6zlctE1FrlL60
ilwjRxNWvKsFQtoy+k2ZCRofROCXxMEPbK+ub3PPNr5ve8ANFvmVnSny38/k1i+B
bT4SVlarDCM5I1U6q4vkXg6kVkuky27U+v8gIpDpsXZTECtRioVk/EpgrF9b809e
4iNwQ9m/kssOuxQ5ZKxjvyxFXldr8T3JjTbyNWREt7gFk+cZOji+R35JvdyeeWfd
vLC6Ispnd3HJvT4MuBeB0zV6a1gHSJLEUyzbCUatN65feuQMqykVnOvDKlqaDJJE
b6WpDRM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:34 2024 by rpki-client on console-fra.rpki-client.org