Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/arazxS4YcFM3Vp7kAzmrWWiA4hc.roa
File: arazxS4YcFM3Vp7kAzmrWWiA4hc.roa (raw, json)
Hash identifier: IBsnNg5u6GL2Dsyku/5s3ydjlLb1zBqD+TRZSmWUN2o=
Subject key identifier: 6A:B6:B3:C5:2E:18:70:53:37:56:9E:E4:03:39:AB:59:68:80:E2:17
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DB9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/arazxS4YcFM3Vp7kAzmrWWiA4hc.roa
Signing time: Wed 10 Apr 2024 21:22:44 +0000
ROA not before: Wed 10 Apr 2024 21:22:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15801 (0x3db9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 21:22:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6AB6B3C52E18705337569EE40339AB596880E217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:35:2c:e6:ff:1f:0f:ae:61:d9:e8:53:84:11:
44:cc:82:38:2d:b1:ac:15:3b:ba:32:16:7d:bf:92:
3e:6f:26:58:df:38:8c:61:dc:18:ba:2c:f0:03:6e:
32:6d:66:14:da:0c:83:ca:e8:27:9a:78:7e:71:ec:
94:7f:6e:e7:d7:6a:ea:4a:76:92:f8:41:2e:b2:bb:
5f:18:80:4c:43:31:1f:55:b4:cf:13:61:8d:bc:62:
98:79:71:49:37:18:ab:23:85:b8:30:83:62:2c:6e:
30:f6:3a:e3:4f:cc:18:c3:17:31:70:51:7b:f2:60:
10:5a:33:47:b8:84:ce:11:d8:9c:f8:14:e5:f5:cb:
22:7c:37:35:7b:6b:37:3b:d9:9d:31:80:3c:e1:df:
af:82:d3:1c:b8:6e:3f:fb:c5:1e:d9:0f:dc:d9:34:
41:52:7a:88:c7:35:ff:7f:2a:6d:e4:de:d4:3b:f6:
9d:b3:19:fd:a1:c9:b6:55:9f:ac:da:74:de:74:45:
1e:e2:08:08:d0:c6:0c:7c:a7:87:82:91:b1:29:9e:
00:f8:0f:71:36:06:c0:7c:61:81:a5:4c:d7:c3:f9:
96:f5:ef:fe:92:ea:ff:20:f7:a9:ad:01:a2:da:c4:
50:a9:86:dd:49:ab:0a:84:5a:f6:4f:6e:6d:7f:51:
1c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B6:B3:C5:2E:18:70:53:37:56:9E:E4:03:39:AB:59:68:80:E2:17
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/arazxS4YcFM3Vp7kAzmrWWiA4hc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
08:26:76:11:9a:5a:5d:f8:f2:11:e3:0c:78:88:8b:4e:e5:c3:
c3:d6:b3:9c:b1:81:8c:35:5e:c5:d8:29:d5:37:69:c7:db:e7:
97:3b:70:ac:4d:1e:a1:52:7d:6e:6a:76:eb:77:5f:84:1b:70:
c4:8d:7e:fa:4f:ab:1d:b3:b6:9e:d0:1c:cf:94:97:d7:7f:19:
07:90:ea:00:9e:ad:30:f9:f6:47:87:ce:c1:b8:75:c4:0e:09:
60:e7:b8:cd:65:ec:69:d3:2c:4c:53:d5:2a:4f:c5:38:21:f5:
97:33:60:6d:a8:ec:bc:e3:19:59:12:a7:38:3f:f4:55:a6:ec:
a5:ba:38:13:0e:6a:90:3f:be:5d:a6:c4:98:32:d1:e6:72:a6:
27:83:ba:e6:04:71:f7:30:2d:b7:50:76:99:5b:9c:56:8e:7c:
99:0c:06:64:07:cd:c5:68:04:73:7e:13:9c:3c:0c:e6:12:fe:
49:d4:ba:ae:cf:97:85:74:9b:49:a5:90:cd:6a:8f:8b:ea:24:
31:ae:6f:36:8d:eb:80:4f:2a:ea:68:d8:22:19:d6:9b:ed:b9:
e3:54:c3:e7:30:bd:5c:68:e9:02:2c:d0:e7:a4:a6:a5:5e:06:
96:48:39:98:3e:1c:a2:cb:58:e6:a9:65:f9:a8:1a:b1:ae:53:
79:7c:23:a4
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPbkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAy
MTIyNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBQjZCM0M1MkUxODcw
NTMzNzU2OUVFNDAzMzlBQjU5Njg4MEUyMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBNSzm/x8PrmHZ6FOEEUTMgjgtsawVO7oyFn2/kj5vJljfOIxh
3Bi6LPADbjJtZhTaDIPK6CeaeH5x7JR/bufXaupKdpL4QS6yu18YgExDMR9VtM8T
YY28Yph5cUk3GKsjhbgwg2IsbjD2OuNPzBjDFzFwUXvyYBBaM0e4hM4R2Jz4FOX1
yyJ8NzV7azc72Z0xgDzh36+C0xy4bj/7xR7ZD9zZNEFSeojHNf9/Km3k3tQ79p2z
Gf2hybZVn6zadN50RR7iCAjQxgx8p4eCkbEpngD4D3E2BsB8YYGlTNfD+Zb17/6S
6v8g96mtAaLaxFCpht1JqwqEWvZPbm1/URx/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUarazxS4YcFM3Vp7kAzmrWWiA4hcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FyYXp4UzRZY0ZNM1Zw
N2tBem1yV1dpQTRoYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAgmdhGaWl348hHj
DHiIi07lw8PWs5yxgYw1XsXYKdU3acfb55c7cKxNHqFSfW5qdut3X4QbcMSNfvpP
qx2ztp7QHM+Ul9d/GQeQ6gCerTD59keHzsG4dcQOCWDnuM1l7GnTLExT1SpPxTgh
9ZczYG2o7LzjGVkSpzg/9FWm7KW6OBMOapA/vl2mxJgy0eZypieDuuYEcfcwLbdQ
dplbnFaOfJkMBmQHzcVoBHN+E5w8DOYS/knUuq7Pl4V0m0mlkM1qj4vqJDGubzaN
64BPKupo2CIZ1pvtueNUw+cwvVxo6QIs0OekpqVeBpZIOZg+HKLLWOapZfmoGrGu
U3l8I6Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:34 2024 by rpki-client on console-fra.rpki-client.org